There have been a lot of warnings about shipping and cyber security but one shipowner found out the hard way how pirates were able hack the company’s systems and target to steal specific high value cargoes on its vessels.
Verizon, managing principal investigative response, Ashish Thapar, uses the multiple attacks on the owner’s vessels to illustrate the vulnerability that shipping can face from hackers access to their IT systems.
Full article can be read here
While this is an older story from earlier in the year, its good to get more information what happened. In presentations and training's we explain to company owners that in many cases the attacks currently happening today are targeting the office based infrastructure vs ports and vessels. But this can lead to attacks on the ports/vessels through the gathering of information as in this case.
This is due to the common operating systems & technologies in place at offices and 24/7 internet connectivity, allowing attackers to carry out advanced persistent attacks against externally facing systems such as Email & Web servers.
If companies are not proactively managing & monitoring their IT security, cases such as this can happen. The system was breached unnoticed, allowing the attackers a long period of access to gain data and use it for pirates to target specific vessels & cargo.
It is all too common that with such high workloads and lack of resources IT departments are busy struggling with day to day tasks that security often takes a back seat. A well known statistic is that hacks/exploited systems can go on average 6 months before detection.
That is 6 months to change data, steal information, or indeed reroute funds!