Singapore shipbuilder Sembcorp Marine has suffered a cyberattack that left information on employees and operations compromised, the firm announced Thursday.

The company said that it recently discovered a cybersecurity incident in which an unauthorized party accessed part of its IT network via third-party software products, gaining access to some information about personnel as well as non-critical information relating to its operations.

Sembcorp said it treated the incident seriously and took immediate actions, with cybersecurity experts appointed to seal up breaches, assist with an impact assessment, and strengthen IT security measures.

Based on the investigation and impact assessment, Sembmarine believes that the risks have been effectively addressed, with the company’s business operations remaining unaffected. The company has contacted affected personnel to help them manage any possible risks.

Sembmarine also notified the authorities and is working closely with them on the breach.

“The company is mindful of the concerns of all affected parties and would like to assure all our stakeholders that information security and the privacy of all stakeholders are our top priorities,” said the statement.

The breach is not expected to have any material impact on earnings for the fiscal year.

The cyberattack comes just days after Sembcorp revealed new optimism about its orderbook. The company posted a net loss of $104.4 million for the first half of 2022, improving from a $463 million net loss for the six months ended 30 June 2021. Revenues were up 30 percent year-on-year.



CREWEXPRESS STCW REST HOURS SOFTWARE - Paris and Tokyo MoU have announced that they will jointly launch a new Concentrated Inspection Campaign (CIC) on Standards of Training, Certification and Watchkeeping for Seafarers (STCW) from 1st September 2022 to 30th November 2022

Offshore engineering firm Sembcorp Marine has said it recently discovered a cybersecurity incident where an unauthorised party accessed part of its IT network via third-party software products.

Sembcorp said it treats this incident seriously and took immediate actions to manage and mitigate any potential risks.

Cybersecurity experts have been appointed to conduct detailed analytics to flush out all breaches and related root causes, assist with impact assessment, review and enhance security measures to further strengthen the company’s core IT infrastructure and systems, it added.

Based on investigations and impact assessment to-date by the company and its cybersecurity experts, the incident and related risks have now been effectively addressed, according to Sembcorp.

The company’s business operations remain unaffected throughout and it has notified the relevant authorities.

However, Sembcorp has established that certain personally identifiable information relating to some of its incoming, existing and former employees, as well as non-critical information relating to its operations were affected.

Scans by the cybersecurity experts have to-date not detected any such data, it said.

The company has contacted affected parties and is committed to helping them manage all possible risks and take appropriate follow-up actions.

Sembcorp said it is mindful of the concerns of all affected parties and would like to assure all our stakeholders that information security and the privacy of all stakeholders are our top priorities.

The cybersecurity incident is not expected to have any material impact on the consolidated net tangible assets or consolidated earnings per share of Sembcorp Marine for the current financial year.



CREWEXPRESS STCW REST HOURS SOFTWARE - Paris and Tokyo MoU have announced that they will jointly launch a new Concentrated Inspection Campaign (CIC) on Standards of Training, Certification and Watchkeeping for Seafarers (STCW) from 1st September 2022 to 30th November 2022

Shipping is the lifeblood of the global economy, yet the industry’s profit margins are tight, which makes operational continuity crucial. Over the years, the maritime industry facing a rising threat rate of cyber-attacks that results in downtime, causing damages to the port’s profits, competitiveness, and reputation. OT systems currently rely on backward backup solutions such as external disks and tapes, which can cause a considerable loss of time- hours in the case of a malfunction and even weeks in the case of a cyber-attack. According to a study conducted by Accenture & Ponemon, you usually have to wait 23 days to recover from a ransomware attack.

New patented technology now ensures operational continuity, enabling a return to operation in 30 seconds: ”At the touch of a button – a single click on our CRU device, possibly done by a crane operator – with no IT knowledge required” – explained Oleg Vusiker, CTO of Salvador Technologies.

The solution presented by Salvador Technologies offers complete and instant recovery from ransomware attacks and hardware/software malfunctions. It comprises a revolutionized air-gapped technology that dramatically reduces data loss and operational downtime risks.

Installation of the POC is carried out on critical OT (operational technology) stations in the port, such as cranes, control terminals, and logistics centers. This innovative technology allows cold, up-to-date backups to be performed autonomously and efficiently monitored 24/7, complying with NIST, CISA, and FBI guidelines. Quality control mechanisms ensure the integrity of the backups.


Following the successful POC at the Ashdod Port, Salvador Technologies is now collaborating with the New York and New Jersey Port – the busiest port on the East Coast in the US and one of the largest in the nation.

US Senator and Chairman of the Senate Foreign Relations Committee, Bob Menendez: “I’m incredibly pleased that the University of New Jersey and the Port of Ashdod have agreed to work together. Communities in NJ, Israel, and around the world rely on the free flow of goods to our ports. Our ports face immerging challenges, ranging from physical and cyber security threats to logistics issues. The exchange of ideas and the building of relationships are crucial. I hope that we too can offer insights, experience, and support that will help build a more powerful, prosperous future back in Israel.”

Cyber security is not just about preventing hackers from gaining access to systems and information. It also addresses the maintenance, integrity, confidentiality, and availability of data and systems, ensuring business continuity and the continuing utility of cyber assets. As these issues are becoming more and more critical, a Business Continuity Plan (BCP) is now an essential proactive measure that needs to be taken by ports around the globe.

More info about operational continuity and BCP in maritime >>>

Original Source link

Cyber-attacks on one of the world’s busiest ports have nearly doubled since the start of the Covid pandemic.

The number of monthly attacks targeting the Port of Los Angeles is now around 40 million, the port’s executive director Gene Seroka told the BBC.

Los Angeles is the busiest port in the western hemisphere, handling more than $250bn (£210bn) of cargo every year.

The threats are believed to come mainly from Europe and Russia, and aim to disrupt the US economy, Mr Seroka said.

“Our intelligence shows the threats are coming from Russia and parts of Europe. We have to stay steps ahead of those who want to hurt international commerce,” he told the BBC’s World Service.

Seaports move billions of dollars in goods every year, making them a unique target for cyber-criminals.

They face daily ransomware, malware, spear phishing and credential harvesting attacks, with the aim of causing as much disruption as possible and slowing down economies.

Teaming up with the FBI
The Port of Los Angeles is now working with the Federal Bureau of Investigation’s cyber-crime team to prevent attacks and improve cyber-security.

The port has invested millions of dollars in cyber-protection, developing one of the world’s first Cyber Resilience Centres, which is part of the FBI.

“We must take every precaution against potential cyber-incidents, particularly those that could threaten or disrupt the flow of cargo,” said Mr Seroka.

The Cyber Resilience Centre provides enhanced intelligence gathering and heightened protection against cyber-threats within the maritime supply chain.

It is a hub for the port to receive, analyse and share information with those who operate on the dock, such as cargo handlers and shipping lines.

Supply chain blockages
During the pandemic global supply chains slowed down as lockdowns closed factories and workers were forced to stay at home.

The strain on supply chains has since eased, Mr Seroka said. In January 2022 there were 109 container ships queuing for more than two days to get into the Port of Los Angeles. Today there are around 20 waiting to dock.

But Mr Seroka believes the blockages won’t clear completely until 2023. “There’s so much cargo coming in and not enough space,” he said.

“The past two years have proven the vital role that ports hold to our nation’s critical infrastructure, supply chains and economy. It’s paramount we keep the systems as secure as possible,” he added.
Source: BBC


Cyber pirates hijacking on-board technology for key operations appear to be an emerging threat to world trade. The current economy, following the pandemic and the commencement of a war in Ukraine, is particularly vulnerable.

In February 2019, a large container ship sailing for New York identified a cyber intrusion on board that startled the US Coast Guard. Though the malware attack never controlled the vessel’s movement, authorities concluded that weak defenses exposed critical functions to “significant vulnerabilities.”

A maritime disaster didn’t happen that day, but a warning flare rose over an emerging threat to global trade: cyber piracy able to penetrate on-board technology that’s replacing old ways of steering, propulsion, navigation and other key operations. Such leaps in hacking capabilities could do enormous economic damage, particularly now, when supply chains are already stressed from the pandemic and the war in Ukraine, experts including a top Coast Guard official said.


Five years ago this week, Maersk said a cyber attack crippled its computer network, affecting its port terminal operations from India to the Netherlands, rippling across to nearly 60 countries and eventually causing as much as $300 million in damages.

It was, as Andy Jones refers to it in the parlance of cyber security experts, an “extinction event.”

Jones is the former chief information security officer at Maersk Line, and he has a podcast that recounts the event that unfolded and is worth listening to for advice on how to deal with hacking threats and actual intrusions.

The NotPetya attack in 2017 that hit Maersk and other global businesses seems so long ago given the bust-to-boom wave the shipping industry has ridden since then. Imagine if something that widespread happened today, as ports still struggle with economic imbalances caused by the pandemic.

Cyber threats are nothing new to maritime shipping and logistics more broadly. Every month seems to bring another event. Last week, UK delivery giant Yodel said its systems were compromised, though a spokesman said Monday the delivery network and customer service functions were fully operational.

Warning Flare

Now some experts, including a top US Coast Guard official, are sounding the alarm again about the rising risks not just on land, but on ships themselves. Such potential breaches of operational technology could do huge economic damage at a time when global supply chains are already frayed. (Click here for the full story today.)

Shipping is using much of its windfall profits from the pandemic era to upgrade technology, creating more digital linkages from land to water that are both a welcome step in a paper-laden business and a worry unless cyber precautions are taken.

“Ships and their systems were never designed to be connected in this manner and even a modern ship is a patchwork of different systems from different manufacturers who have all taken cyber security in various degrees of seriousness,” Jones said via email. “Some operators have taken this seriously, but with substantial fleets and ships that are probably over 30 years old, it is a very tall order.”

Across industry and government, there’s agreement that there needs to be more unified approach and more information sharing.

“Everybody needs to be all-in in this game and understand when there are vulnerabilities — getting that information out quickly is going to be thing that continues to help us close doors,” US Coast Guard Real Admiral Wayne Arguin told Bloomberg.

Brendan Murray in London


Pakistan’s Ministry of Maritime Affairs at the annual joint meeting of the China Pakistan Economic Corridor (CPEC), on September 26th, announced major investment plans by the Chinese government for the development of the Karachi Coastal Comprehensive Development Zone, or KCCDZ. The project aims to develop a modern port city in coordination with the Karachi Port Trust.

Unlike previous deals under the CPEC which included monetary loans for development projects, the new agreement involves direct equity investment worth $3.5 billion. The KCCDZ plans to establish various infrastructure facilities on 1500 acres of underutilized land owned by the Karachi Port Trust, to support residential, commercial, and seaport activities.



US Coast Guard will be examining the Hapag Lloyd vessel ROTTERDAM EXPRESS in relation to the pipeline that was severed off near the coast of Southern California. It is being speculated that a ship’s anchor might have damaged the pipeline that led to 3,000 barrels of crude flowing into the sea near Huntington Beach, south of Los Angeles on Sunday.

The speculations are fueled by the US Coast Guard’s initial investigation which revealed that a section of the pipeline was laterally displaced from its place by more than 30m. Hapag-Lloyd owned vessel, ROTTERDAM EXPRESS had anchored approximately 500m away from the pipeline when the oil spill was first detected, and later the vessel left for Oakland.

A Hapag-Lloyd spokesperson explained that as per the direction of San Pedro Traffic, ROTTERDAM EXPRESS had anchored at SF-3 anchorage on 21 September 2021. The vessel had dropped at the exact directed location and the same was confirmed by San Pedro Traffic.



Israeli shipping company ZIM Integrated Shipping Services has established a new subsidiary, Ship4wd, a digital freight platform offering online solution services similar to Airbnb and Uber.

The new service will cover all aspects of the complex international shipping process, enabling customers without previous experience in cross-border shipping to manage their import and export business.

The Ship4wd platform will also allow users to choose either the most economic or the fastest shipping option, with both sea and air shipping services up to the final destination, including land & rail transport, and associated logistic services.

“Similar to the way other groundbreaking platforms such as Airbnb in tourism and Uber in transportation have transformed their industries, we are aiming to enable everyone to be a self-shipper, by simplifying and streamlining the transfer of goods worldwide down to its essence – a ‘few clicks’ shipping solution,” Assaf Tiran, ZIM VP Global Customer Service also heading Digital Innovation, added.


ZIM: Like Airbnb and Uber, everyone can be a self-shipper in shipping

Korean shipyard Samsung Heavy Industries (SHI) has ordered the tank design for four new LNG carriers from the French LNG containment specialist GTT.

Samsung Heavy orders GTT tank design for 4 new LNGCs
Illustration only; Courtesy of Samsung Heavy Industries

SHI needs these designs of the new LNG carriers that will go to an undisclosed Asian ship-owner.


Samsung Heavy orders GTT tank design for 4 new LNGCs


VAT:BG 202572176
Rakovski STR.145
Phone ( +359) 24929284
E-mail: sales(at)