The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

US Coast Guard Issues Cybersecurity Best Practices for Ships

by Chris Brook on Wednesday July 10, 2019

Contact Us
Free Demo
Chat

In addition to a list of best practices, the Coast Guard confirmed in an alert this week that malware affected the shipboard network of a vessel in February.

The U.S. Coast Guard issued a safety alert on Monday strongly urging ship owners to fortify their defenses against cyberattacks.

As part of the alert, released by the U.S. Coast Guard's New York sector, the DHS branch acknowledged that one of its vessels was hit by a cyber-attack in February. In particular, a deep draft vessel - a large freighter that usually transports containers – on an international voyage bound for the Port of New York and New Jersey had its shipboard network impacted by malware, something which "significantly degraded the functionality of the onboard computer system."

According to the Coast Guard's Inspections and Compliance Directorate, upon inspection, the ship did not have effective cybersecurity measures in place, something that exposed the ship's control systems.

While the ship’s essential vessel control systems weren’t impacted, the Coast Guard is using the incident as a teachable lesson and aiming to better inform vessel and facility owners, and operators of the risks around failing to secure commercial vessel networks.

“With engines that are controlled by mouse clicks, and growing reliance on electronic charting and navigation systems, protecting these systems with proper cybersecurity measures is as essential as controlling physical access to the ship or performing routine maintenance on traditional machinery,” the Marine Safety Alert read, “It is imperative that the maritime community adapt to changing technologies and the changing threat landscape by recognizing the need for and implementing basic cyber hygiene measures.”

In the alert, the Coast Guard has five recommendations for mitigating cyber-attacks, including:

  • Segmenting Networks - By segmenting networking into subnetworks, adversaries have more difficulty gaining access to systems and equipment.
  • Per-user Profiles & Passwords – Vessels should create network profiles for each employee and do away with generic log-in credentials for multiple users. Users should only have enough access/privileges to do their job; use of administrator accounts should be few and far between.
  • Be Wary of External Media – The Coast Guard is urging that any external media be scanned for malware on a standalone system before its plugged into a shipboard network and that users no run executable media from an untrusted source.
  • Install Basic Antivirus Software - Install and routinely update basic antivirus software
  • Don’t Forget to Patch - Patch operating systems and applications to mitigate vulnerabilities

As the Coast Guard notes, there are already several resources out there that vessel owners can use to identify deficiencies in their cybersecurity posture, including  National  Cybersecurity and Communications Integration Center’s (NCCIC) Hunt and Incident Response Team (HIRT)

The alert follows up a Marine Safety Information Bulletin published by the Coast Guard's Director of Inspections and Compliance in May warning the maritime industry of email phishing and malware intrusion attempts targeting commercial vessels. The Coast Guard used the bulletin as a opportunity to remind those working in the sector that any suspicious activity or breaches of security, like malware infections or phishing attempts, need to be reported to the Coast Guard's National Response Center.

Tags: Government, Malware

RECOMMENDED RESOURCES


  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives
  • Find out why Digital Guardian has been named a “Leader” for 5 years in a row
  • Gartner’s yearly analysis of DLP vendors
  • DLP use cases and technology requirements

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.