maritime (6)

7962214498?profile=RESIZE_400xThe current US administration is signaling it will be updating the US government’s approach to its maritime cybersecurity strategy.  Cyber security priorities are being discussed to enhance and secure the US’ ability to ‘project power at sea and defend against adversarial cyberattacks.’  The plan involves a re-examination of the national approach to information sharing and better emphasizing the use of operational technologies in ports. 

Hackers at all tier levels have long targeted shipping fir

7541747475?profile=RESIZE_400xCarnival Corporation & PLC is the largest cruise line operator in the world.  In 2019, Carnival pulled in a record revenue of $20.8 billion.  Even with the troubles of 2020, this makes them a significant target for attackers looking to earn a profit. On 15 August 2020, Carnival Corp & PLC detected a ransomware attack that encrypted a portion of one brand’s IT systems.  Attackers not only encrypted the data, but also downloaded certain files indicating some data was stolen. In their SEC filings,

6325083890?profile=RESIZE_400xThere is a Russian saying that rings true in protecting entities against cyber threats, “I am not concerned about all of the wolves in Siberia, I am only concerned about the wolves that are now chasing my sleigh.”  The world is full of cyber threats, hackers and state sponsored cyber terrorists who are targeting governments, businesses, and organizations.  The way Red Sky Alliance can help the maritime industry and its supply chain is to focus on the cyber threats directly targeting a specific o

3724012340?profile=RESIZE_710xChina Coverage of Report on the Cyber Vulnerabilities of Asian Ports

SUMMARY

Nanyang Technological University in Singapore has just released a report examining the economic losses expected if Asian port systems, including several in China, were subjected to a major cyber-attack.  This report did not assess the cyber vulnerabilities of Asian ports but rather postulated a major attack in order to calculate economic impact, with a focus on losses in the insurance industry.  The report concluded tha

Figure 1. AS-12/AS-31 Losharik tentative schema.

On 1 July 2019, fourteen Russian sailors died in a fire during the testing of a secret Russian military submarine.   The type of vessel is believed to be an AS-12/AS-31 “Losharik” deep-diving nuclear sub.  While the Russian government insists, they were just surveying the ocean floor for science, the high military ranks of the participating sailors show that the spy capabilities to include taping and severing undersea communication cables are the p

On 7-9 May 2019, Wapack Labs detected an increase in malicious emails with the spoofed sender field accounts@hhhmarine.com.sg.  Hackers deliver malicious attachments under the pretense of an incoming SWIFT transfer (Figure 1).

2539548681?profile=RESIZE_710x

Figure 1. Email text spoofing HHH Marine Services on 8 May 2019.

The attackers use the popular malware Lokibot.  Wapack Labs detected communications of these samples to known and new Lokibot C2s:

  • kbfvzoboss[.]bid/alien/fre.php
  • carlos-tevez[.]gq/raphael/fre.php
  • uenajrkja[.]ml/ch