A rise in malware attacks on commercial vessels has prompted the U.S. Coast Guard to issue a warning to ship owners about the increased risk of attack. Cybersecurity best practices for commercial vessels have also been released to help ship owners and shipping firms improve security.
The latest alert is the second to be issued in the past three months. In May, the U.S. Coast Guard warned about an ongoing spear phishing campaign targeting operators of commercial vessels. The purpose of that campaign was to spread malware designed to disrupt ship computers.
The latest alert was issued following a report of a cyberattack on a vessel travelling to the Port of New York. The attack occurred in February and caused major disruption to the shipboard network. The Coast Guard determined that the vessel did not have effective cybersecurity measures in place and that potentially the attack could have impacted critical vessel control systems.
It is not clear how the malware was installed as the ships network was not used for personal business, only for official business such as updating charts, managing cargo data, and communication with ports, agents and the Coast Guard. Similar attacks have been reported on other vessels. While the attacks have caused major disruption, they have not affected vessel system controls.
In the most part, attacks can be prevented by adopting standard cybersecurity best practices. The U.S. Coast Guard has made five recommendations.
- Ship owners should ensure anti-virus software is installed and is kept up to date.
- All software should regularly updated and patches applied promptly.
- All users should have network profiles assigned and be given unique logins. Strong passwords should be set and the rule of least privilege should be applied.
- Special care should be taken with external media, which can easily transmit malware to on-ship networks.
- Network segmentation should be implemented to prevent the spread of malware in the event of a system compromise.
“With engines that are controlled by mouse clicks, and growing reliance on electronic charting and navigation systems, protecting these systems with proper cybersecurity measures is as essential as controlling physical access to the ship or performing routine maintenance on traditional machinery,” warned the Coast Guard. “It is imperative that the maritime community adapt to changing technologies and the changing threat landscape by recognizing the need for and implementing basic cyber hygiene measures.”