Innovation has been always an essential part for successful business within the shipping industry, a characteristics which has been proven for sure by the last year announcement that Norwegian vessels are closing in to be to operate completely without a crew in the near future.
As extremes are mostly close to each other, it is not surprising that cyber-controlled vessels meeting malware infected IT networks within the shipping industry - a circumstance which should create some doubt, if a fully autonomous vessel can be 100% safely operated on high seas while some on-shore offices are not even able to operate their day to day business without opening doubtful email attachments.
Of course, a full-scale hacker attack may penetrate even the best IT-security, as happened while the major downfall of serveral Maersk operated terminals worldwide in 2017 caused by the Petya-Trojan, but usually it is more a "small cause, big effect" issue: the malware is usually spreaded by emails, containing a trojan masked in a faked files, which encrypts the files of infected computers for the extortion of ransom.
Taking into consideration, that such kind of malware could be easily prevented with an aware handling of incoming email and the use of off-the-shelf anti-virus software, it is clearly a sign of human error when even today (several months after the Maersk-Petra incident) the email accounts of renowned shipping companies are used to spread - more or less - social engineered messages with attached malware.
In particular such emails also directly focus on the maritime security industry, including PMSC or handling agents, with a text as follows:
"We would like to request your assistance with the embarkation of our security weapons and ammunition on the Mv [...]. The vessel's current ETA Galle is on 08/03/2018 at 2200 (TBC).
Please find attached equipment details. Could you please make the necessary arrangements for the embarkation?"
This is one of dozens of emails distributed to the maritime security industry within the last months and had a so called "Trojan.Fareit" virus, masked in a .pdf look-a-like file, attached. It only affects Windows based systems; the purpose of the infection varies between data pishing, enslaving of the computer up to the extortion of ransom by encrypting the computers files.
The fact, that this kind of virus is now more than 5 years old and is still used for cybercrime clearly indicates, that there is still some "farming" ground within the maritime industry, even if protection against it can be easily done without an IT crisis response team:
In cases of doubt, many webpages are already offering a free scan services for email attachments simply by a forwarding of the suspicious file for a deep scan to their service. The scan result returns usually within seconds with an in-depth analysis of the attachment.
For more information about the topic please click on the links below:
