shipping (12)

13095474273?profile=RESIZE_400x

 

Red Sky Alliance monthly queries our backend databases, identifying all new data containing supply chain keywords in the subject line of malicious emails.  Malicious actors use emails with various supply chain related keywords as a lure to entice users in the maritime industry to open emails containing malicious attachments.  The identified emails attempted to deliver malware or phishing links to compromise the entire Transportation Supply Chain.  Specific names or key words in the transporta

12494002075?profile=RESIZE_400xShipping is increasingly subject to growing volatility and uncertainties from war and geopolitical events, climate change risks, such as drought in the Panama Canal, and the resurgence of piracy.  Allianz Commercial marine experts look at some of the major consequences, including the effect on crew, the prospect of more cyber-attacks and drone strikes, the threat the rise of the ‘shadow fleet’ poses to vessels and the environment, as well as the multi-faceted impacts of rerouting.

Recent inciden

12372966856?profile=RESIZE_400xThe Digital Container Shipping Association (DCSA) is reporting that as container shipping is undergoing its digital trade transition, digital identity is a pivotal element.  A digital identity functions as an online representation for individuals, organizations or devices, uniquely identifying and authenticating them in the digital realm.

The verification of digital identity, as this crucial online representation, is a vital business process. Its significance extends beyond mitigating risks such

12281615072?profile=RESIZE_400xIt is not just the frequency of the cyber-attacks, but also the severity can be critical, for example the Port of Nagoya in Japan that had to shut down operations for more than three days after a ransomware attack.  In addition, new critical vulnerabilities were published in major hardware and software commonly used by shipping companies: just in the last month we saw new critical vulnerabilities in major brands of firewalls, routers, internet browsers (practically all of them), operating system

12263661693?profile=RESIZE_400xIn a world driven by connectivity and digitalization, the maritime industry is not immune to the growing threat of cyberattacks.  A recent report by Thetius, law firm HFW, and maritime cybersecurity company CyberOwl reveals a sobering truth: the average cost of a cyberattack in the maritime sector has soared to $550,000, a threefold increase from $182,000 in 2022.  Moreover, ransom demands have skyrocketed by more than 350%, with an average payment of $3.2 million, up from $3.1 million the previ

10732913864?profile=RESIZE_400xThe Port of Los Angeles has been making headlines after sharing an eye-opening statistic; the port faces around 40 million cyber-attacks per month.  As the busiest port in the western hemisphere handling $250 billion of cargo each year this astounding number of attacks could wreak havoc on the supply chain and international commerce.

The number of attacks has more than doubled since the beginning of the Covid-19 pandemic. The pandemic has also impacted the port’s efficiency as workers were force

10051011299?profile=RESIZE_400xShipping is an indispensable part of modern life.  It is the lifeblood of the global economy, with numerous large companies (and their equally large container ships) perpetually moving goods from one corner of the earth to the other to provide consumers and industries with the necessities of life.  Due to the critical importance of shipping and receiving goods to most organizations, threat actors often use shipping as a lure for phishing emails: such as false invoices, changes in shipping delive

7224994052?profile=RESIZE_400xMilitary patrols working outside their forward operating bases (FOB) are categorized as “working outside the wire.”  This is often where reconnaissance patrols and military intelligence officers collect and gather valuable military intelligence to provide back to its unit, base, and section commanders to use in future proactive combat operations.  This is no different from what RedXray does in cyber security.  RedXray collects and analyzes indicators of compromise (IOCs) to help customers identi

4168185373?profile=RESIZE_710xSummary

This document summarizes threats reported by Red Sky Alliance’ RedXRay for one of the largest shipping/transportation companies in the world.  Analysts observed hits in most collections.  The name of the company will be redacted for this report, and the company will be referred to as “Shipping Co.”  Recent international events have caused a significantly higher risk for all industries but especially an industry in charge of transporting important commodities around the globe.  With many

3772879530?profile=RESIZE_710xFrom our Friends and Colleagues at Dryad:
The coronavirus outbreak in China has forced several countries to resort to stringent quarantine checks in their battle to contain the spread and the measures are starting to have a knock-on effect on the global commodities shipping market.

3852293469?profile=RESIZE_710xDelays in loading and delivery of cargoes in the tanker, dry bulk and container shipping segments are being reported due to ships being forced to sit idle amid a lack of crew availability.
Merchant ships arriving in A

3724012340?profile=RESIZE_710xChina Coverage of Report on the Cyber Vulnerabilities of Asian Ports

SUMMARY

Nanyang Technological University in Singapore has just released a report examining the economic losses expected if Asian port systems, including several in China, were subjected to a major cyber-attack.  This report did not assess the cyber vulnerabilities of Asian ports but rather postulated a major attack in order to calculate economic impact, with a focus on losses in the insurance industry.  The report concluded tha

Summary

Wapack Labs reports on the use of vessel names as lures in malicious emails.  Using the names of Motor Vessel (MV), or Merchant/Motor Tanker (MT) in the subject line, is a social engineering tactic used by attackers when sending malicious emails to companies related to the shipping industry.  Successful infiltrations into transportation related networks can result in the theft of valuable financial information or corrupt a system with damaging results.   This report provides details about