The Most Comprehensive Data Protection Solution
Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.
First and Only Solution to Converge:
- Data Loss Prevention
- Endpoint Detection and Response
- User and Entity Behavior Analytics
In addition to a list of best practices, the Coast Guard confirmed in an alert this week that malware affected the shipboard network of a vessel in February.
The U.S. Coast Guard issued a safety alert on Monday strongly urging ship owners to fortify their defenses against cyberattacks.
As part of the alert, released by the U.S. Coast Guard's New York sector, the DHS branch acknowledged that one of its vessels was hit by a cyber-attack in February. In particular, a deep draft vessel - a large freighter that usually transports containers – on an international voyage bound for the Port of New York and New Jersey had its shipboard network impacted by malware, something which "significantly degraded the functionality of the onboard computer system."
According to the Coast Guard's Inspections and Compliance Directorate, upon inspection, the ship did not have effective cybersecurity measures in place, something that exposed the ship's control systems.
— US-CERT (@USCERT_gov) July 9, 2019
While the ship’s essential vessel control systems weren’t impacted, the Coast Guard is using the incident as a teachable lesson and aiming to better inform vessel and facility owners, and operators of the risks around failing to secure commercial vessel networks.
“With engines that are controlled by mouse clicks, and growing reliance on electronic charting and navigation systems, protecting these systems with proper cybersecurity measures is as essential as controlling physical access to the ship or performing routine maintenance on traditional machinery,” the Marine Safety Alert read, “It is imperative that the maritime community adapt to changing technologies and the changing threat landscape by recognizing the need for and implementing basic cyber hygiene measures.”
In the alert, the Coast Guard has five recommendations for mitigating cyber-attacks, including:
- Segmenting Networks - By segmenting networking into subnetworks, adversaries have more difficulty gaining access to systems and equipment.
- Per-user Profiles & Passwords – Vessels should create network profiles for each employee and do away with generic log-in credentials for multiple users. Users should only have enough access/privileges to do their job; use of administrator accounts should be few and far between.
- Be Wary of External Media – The Coast Guard is urging that any external media be scanned for malware on a standalone system before its plugged into a shipboard network and that users no run executable media from an untrusted source.
- Install Basic Antivirus Software - Install and routinely update basic antivirus software
- Don’t Forget to Patch - Patch operating systems and applications to mitigate vulnerabilities
As the Coast Guard notes, there are already several resources out there that vessel owners can use to identify deficiencies in their cybersecurity posture, including National Cybersecurity and Communications Integration Center’s (NCCIC) Hunt and Incident Response Team (HIRT)
The alert follows up a Marine Safety Information Bulletin published by the Coast Guard's Director of Inspections and Compliance in May warning the maritime industry of email phishing and malware intrusion attempts targeting commercial vessels. The Coast Guard used the bulletin as a opportunity to remind those working in the sector that any suspicious activity or breaches of security, like malware infections or phishing attempts, need to be reported to the Coast Guard's National Response Center.