Internet Security ABC

Social Engineering

Innovation has been always an essential part for successful business within the shipping industry, a characteristics which has been proven for sure by the last year announcement that Norwegian vessels are closing in to be to operate completely without a crew in the near future.

As extremes are mostly close to each other, it is not surprising that cyber-controlled vessels meeting malware infected IT networks within the shipping industry - a circumstance which should create some doubt, if a fully autonomous vessel can be 100% safely operated on high seas while some on-shore offices are not even able to operate their day to day business without opening doubtful email attachments.

Of course, a full-scale hacker attack may penetrate even the best IT-security, as happened while the major downfall of serveral Maersk operated terminals worldwide in 2017 caused by the Petya-Trojan, but usually it is more a "small cause, big effect" issue: the malware is usually spreaded by emails, containing a trojan masked in a faked files, which encrypts the files of infected computers for the extortion of ransom.

Taking into consideration, that such kind of malware could be easily prevented with an aware handling of incoming email and the use of off-the-shelf anti-virus software, it is clearly a sign of human error when even today (several months after the Maersk-Petra incident) the email accounts of renowned shipping companies are used to spread - more or less - social engineered messages with attached malware.

In particular such emails also directly focus on the maritime security industry, including PMSC or handling agents, with a text as follows:

"We would like to request your assistance with the embarkation of our security weapons and ammunition on the Mv [...]. The vessel's current ETA Galle is on 08/03/2018 at 2200 (TBC).

Please find attached equipment details. Could you please make the necessary arrangements for the embarkation?"

This is one of dozens of emails distributed to the maritime security industry within the last months and had a so called "Trojan.Fareit" virus, masked in a .pdf look-a-like file, attached. It only affects Windows based systems; the purpose of the infection varies between data pishing, enslaving of the computer up to the extortion of ransom by encrypting the computers files. 

The fact, that this kind of virus is now more than 5 years old and is still used for cybercrime clearly indicates, that there is still some "farming" ground within the maritime industry, even if protection against it can be easily done without an IT crisis response team:

In cases of doubt, many webpages are already offering a free scan services for email attachments simply by a forwarding of the suspicious file for a deep scan to their service. The scan result returns usually within seconds with an in-depth analysis of the attachment.

For more information about the topic please click on the links below:

Article on Maritime Executive 

Guide for email submission @

Memberships & Partners

Bundesverband für Logistik
Ghorfa Arab-German Chamber of Commerce and Industry
Logistikinitiative Mecklenburg-Vorpommern


Main Office Sittensen / Germany

Lindenstr. 11, 27419 Sittensen / Germany / Europe

P.O. Box 1417, 27416 Sittensen / Germany / Europe

Phone.: +49 4282 59 40 798

Branch Office Hamburg / Germany

Georgsplatz 1, 4. Floor
20099 Hamburg, Germany, Europe

Phone.: +49 40 879 79 85 0 

Representative Office Florida / USA

66 West Flagger Street, Suite 900,                                                                                                   Downtown Miami
Miami / Florida 33130
United States of America

Tel.: +1 786 7430733

Representative Office Muscat / Oman

Tamina Building, 02nd Floor
Al Nahdha Road, Wattaya, P.O. Box 395
PC 118 Muskat / Sultanate of Oman / Middle East

Phone: +968 2466 7782

Representative Office Singapur / Singapur

3 Temasek Avenue
Centennial Tower / Level 21 / 039190 Singapore
Republik Singapore / Asia

Tel: +65 65 49 72 09

Representative Office Vilnius / Lithuania 

Gedimino pr.20
Vilnius, Lithuania, LT-01103
East Europe

Phone: +370 520 78892