Cyber-security specialist Naval Dome has reported that maritime and offshore energy companies were facing an increase in cyber security threats during the Covid-19 pandemic. It sad that there’s been a 400% increase in attempted cyber-attacks in these sectors since February 2020.
An increase in malware, ransomware and phishing emails exploiting the Covid-19 crisis were the primary reasons behind the spike, Naval Dome said that travel restrictions, social distancing measures and economic recessions were reducing the ability of companies to protect themselves to the extent that they would like or need.
Naval Dome CEO Itai Sela said that “Covid-19 social restrictions and border closures have forced OEMs, technicians and vendors to connect standalone systems to the internet in order to service them”.
The pandemic had prevented OEM technicians flying out to ships and rigs to upgrade and service critical OT systems, resulting in operators circumventing established security protocols. That, Seal said, left them open to attack.
“As budgets are cut and in the absence of service engineers, we are seeing ship and offshore rig staff connecting their OT systems to shoreside networks, at the behest of OEMs, for brief periods of time to carry out diagnostics and upload software updates and patches themselves,” Sela explains.
“This means that their IT and OT systems are no longer segregated and individual endpoints, critical systems and components may be susceptible. Some of these are legacy systems which have no security update patches and are even more susceptible to cyber-attack.”
He said that the increase in OEM personnel working remotely on home networks and personal PCs, which were not well protected, added to the problem.”
“Companies are stretched thin, and this is benefitting the hacker,” Sela said, noting that it was not sufficient to protect only networks from attack. “Each individual system must be protected. If networks are penetrated, then all connected systems will be infected.”
Ido Ben-Moshe, Vice President Business Development, says the problem is particularly acute in the marine and offshore oil and gas sectors. “If hackers penetrate networks, and critical equipment is exposed there could be significant safety, downtime, financial and potential reputational damage.”