Internet Security ABC

07.03.2018
Social Engineering

Innovation has been always an essential part for successful business within the shipping industry, a characteristics which has been proven for sure by the last year announcement that Norwegian vessels are closing in to be to operate completely without a crew in the near future.

As extremes are mostly close to each other, it is not surprising that cyber-controlled vessels meeting malware infected IT networks within the shipping industry - a circumstance which should create some doubt, if a fully autonomous vessel can be 100% safely operated on high seas while some on-shore offices are not even able to operate their day to day business without opening doubtful email attachments.

Of course, a full-scale hacker attack may penetrate even the best IT-security, as happened while the major downfall of serveral Maersk operated terminals worldwide in 2017 caused by the Petya-Trojan, but usually it is more a "small cause, big effect" issue: the malware is usually spreaded by emails, containing a trojan masked in a faked files, which encrypts the files of infected computers for the extortion of ransom.

Taking into consideration, that such kind of malware could be easily prevented with an aware handling of incoming email and the use of off-the-shelf anti-virus software, it is clearly a sign of human error when even today (several months after the Maersk-Petra incident) the email accounts of renowned shipping companies are used to spread - more or less - social engineered messages with attached malware.

In particular such emails also directly focus on the maritime security industry, including PMSC or handling agents, with a text as follows:

"We would like to request your assistance with the embarkation of our security weapons and ammunition on the Mv [...]. The vessel's current ETA Galle is on 08/03/2018 at 2200 (TBC).

Please find attached equipment details. Could you please make the necessary arrangements for the embarkation?"

This is one of dozens of emails distributed to the maritime security industry within the last months and had a so called "Trojan.Fareit" virus, masked in a .pdf look-a-like file, attached. It only affects Windows based systems; the purpose of the infection varies between data pishing, enslaving of the computer up to the extortion of ransom by encrypting the computers files. 

The fact, that this kind of virus is now more than 5 years old and is still used for cybercrime clearly indicates, that there is still some "farming" ground within the maritime industry, even if protection against it can be easily done without an IT crisis response team:

In cases of doubt, many webpages are already offering a free scan services for email attachments simply by a forwarding of the suspicious file for a deep scan to their service. The scan result returns usually within seconds with an in-depth analysis of the attachment.

For more information about the topic please click on the links below:

Article on Maritime Executive 

Guide for email submission @ virustotal.com

Mitgliedschaften & Partner

Bundesverband für Logistik
Ghorfa Arab-German Chamber of Commerce and Industry
Logo LIHH
Logisitikinitiative Mecklenburg-Vorpommern

Kontakt

Hauptniederlassung Sittensen / Deutschland

Lindenstr. 11, 27419 Sittensen / Deutschland / Europa

Postfach 1417, 27416 Sittensen / Deutschland / Europa

Tel.: +49 4282 59 40 798
E-Mail: info@ibs-ops.com

Zweigniederlassung Hamburg / Deutschland

Georgsplatz 1, 4. Etage
20099 Hamburg, Deutschland, Europa

Hafencity Operations Office
Überseeallee 1, 2. Etage, 20457 Hamburg

Tel.: +49 40 879 79 85 0 
E-Mail: hamburg@ibs-ops.com

Repräsentanz Florida / USA

66 West Flagger Street, Suite 900,                                                                                                Downtown Miami
Miami / Florida 33130
United States of America

Tel.: +1 7867430733
E-Mail: miami@ibs-ops.com

Repräsentanz Maskat / Sultanat von Oman

Tamina Building, 02. Stock 
Al Nahdha Road, Wattaya, P.O. Box 395
PC 118 Maskat / Sultanat von Oman / Mittlerer Osten

Tel.: +968 2466 7782
E-Mail: muscat@ibs-ops.com

Repräsentanz Singapur / Singapur

3 Temasek Avenue
Centennial Tower / Level 21 / 039190 Singapore
Republik Singapore / Asien

Tel: +65 65 49 72 09
E-Mail: singapore@ibs-ops.com

Repräsentanz Vilnius / Lithuania 

Gedimino pr.20
Vilnius, Lithuania, LT-01103
Ost Europa

Tel: +370 520 78892
E-Mail: vilnius@ibs-ops.com