Rising attacks on maritime assets, use of infostealers trigger alarm

By Prayukth K V
April 13, 2022
Maritime assets faces a sudden increase in cyberattacks

While many critical infrastructure segments such as oil pipelines, offshore refineries, utility companies, and water treatment plants were registering a spike in cyberattacks, the number of background attacks on shipping companies and assets quietly rose to an all-time high yesterday. When analyzed in the context of growing attacks on global supply chains, this does present many reasons for cybersecurity planners to not just worry about securing their assets but also act to improve cybersecurity across the Maritime industry.

After almost two-quarters of decline, cyberattacks on maritime assets started rising in February this year. The rise was not a steep one but instead, the volume kept rising till touching an all-time high of 1,09,333 as of noon yesterday.

One of the attacks isolated by Sectrio’s researchers involves the use of info stealers The sequence of events is triggered by a phishing mail that invites the user to download ‘clearance certificates’ from various multilateral agencies for port operations. The document hosted on shady websites does indeed contain a fake certificate. On preview, it shows the viewer a portion of the document that looks authentic. When downloaded, the document asks the user to enable parts of the content that relate to malicious macros.  

Also Read: Maritime Cybersecurity: Rising cyber threats

The macros then start assembling multiple payloads from various sources on the web. Once the final payload is assembled on the victim system, the payloads start executing and mopping up all kinds of information from the infected machine in addition to using the machine as part of a wider botnet.

Top 5 reasons why the Maritime sector is being attacked    

  • With global sea commerce rising, hackers feel shipping companies may be easy targets when it comes to paying a ransom
  • Many of the systems across OT and IoT have not been patched since 2020 or even earlier this has given bad actors a chance to access networks and resources using security gaps that have emerged since
  • Bad actors may be trying to disrupt global supply chains to push the prices of commodities even higher
  • Some of these attacks could be motivated by geopolitical factors
  • Some of the major ports are also key target cities for APT groups and other sophisticated hackers

Also Read: Why IoT Security is Important for Today’s Networks?

Top 5 impacts

  • Hackers are targeting navigation systems and this could cause a major accident on the high seas or even when the ships are returning to their ports
  • Delay in economic recovery if some of these attacks succeed
  • Loss of commodities could lead to a rise in prices
  • Supply chain attacks could create challenges downstream as a delay in the arrival of input components may cause an escalation of costs or a temporary shutdown of production lines
  • An ecological disaster could potentially result from a successful cyberattack on a shipping vessel

So how can Maritime companies defend themselves against such attacks?

Sectrio’s cybersecurity solutions and threat intelligence can help maritime companies operate with adequate levels of security by detecting threats and risks early and mitigating them. We are among the few companies with a solution deployed on ships and onshore maritime infrastructure.

Talk to our cybersecurity experts today to get to know more about our IT-IoT-OT cybersecurity solutions and threat intelligence. Book here.

We invite all cybersecurity leaders across verticals and countries to participate in this survey. Your participation will enable us to turn the survey into a more participative and comprehensive effort: CISO survey 2022

CISO peer Survey 2022
Get started with the CISO Peer Survey here: Begin the survey now!
2022 threat landscape assessment report
Get the latest copy of the OT and IoT threat landscape report

Try our threat intelligence feeds for free for the next two weeks.

Improve your cybersecurity through OT and IoT focused threat intelligence feeds free for 15 days

Get access to enriched IoT-focused cyber threat intelligence for free for 15 days  

Key Points

Get the latest news and insights beamed directly to you


    Key Points

    Get the latest news and insights beamed directly to you


      Maritime assets faces a sudden increase in cyberattacks

      Read More

      Protecting your critical assets is only a few steps away

      Scroll to Top