transportation (21)

13095474273?profile=RESIZE_400x

 

Red Sky Alliance monthly queries our backend databases, identifying all new data containing supply chain keywords in the subject line of malicious emails.  Malicious actors use emails with various supply chain related keywords as a lure to entice users in the maritime industry to open emails containing malicious attachments.  The identified emails attempted to deliver malware or phishing links to compromise the entire Transportation Supply Chain.  Specific names or key words in the transporta

12057871866?profile=RESIZE_400xRed Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated

12945010901?profile=RESIZE_400xCybercriminals have been masquerading as sellers of GlobalProtect,[1] a virtual private network (VPN) software from Palo Alto Networks, and delivering a new variant of WikiLoader malware through search engine optimization (SEO) poisoning.

See:  https://redskyalliance.org/xindustry/shifts-in-cyber-attack-tactics

WikiLoader, also known as WailingCrab, is a downloader malware first discovered in 2022 by Proofpoint.  It's sold in underground marketplaces by initial access brokers, and hackers typica

12057871866?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

12057871866?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

12423995099?profile=RESIZE_400xThe use of computers has significantly improved the transportation industry over the past few decades. Digitizing documents, automating payments, and storing information in a central location has streamlined processes and made the job easier at all levels.  Unfortunately, it has also opened up the industry to cyberattacks from hackers and other forms of cybercrime.  These attacks are designed to take money or information from a company or otherwise disrupt its operations.  A 2021 study showed th

12360567483?profile=RESIZE_400xArtificial intelligence and machine learning technologies are helping the National Security Agency (NSA) and other US government agencies detect malicious Chinese cyber activity; a top US intelligence official stated recently that indicates how US security agencies are using AI to improve computer defenses.

Speaking on 09 January 2024 at the International Conference on Cyber Security at Fordham University, Rob Joyce, the director of the NSA Cybersecurity Directorate, said that AI is helping his

12281615072?profile=RESIZE_400xIt is not just the frequency of the cyber-attacks, but also the severity can be critical, for example the Port of Nagoya in Japan that had to shut down operations for more than three days after a ransomware attack.  In addition, new critical vulnerabilities were published in major hardware and software commonly used by shipping companies: just in the last month we saw new critical vulnerabilities in major brands of firewalls, routers, internet browsers (practically all of them), operating system

12125582881?profile=RESIZE_400xA recent survey conducted by Bridewell, a cybersecurity services company headquartered in the UK, revealed a concerning surge in insider cyber threats within critical national infrastructure (CNI) organizations.  The transport and aviation sectors are particularly at risk.  As economic uncertainties loom, organizations are facing budget cuts in cybersecurity, further exacerbating the threat landscape.  This research is some of the first conducted by Bridewell that focuses on the US.[1]

Bridewell

10854665084?profile=RESIZE_400xThe US Transportation Security Administration (TSA) have announced a new cyber-security directive regulating designated passenger and freight railroad carriers.  The announcement demonstrates the Biden Administration’s commitment to strengthen the cyber-security of US critical infrastructure.  Building on the TSA’s work to strengthen defenses in other transportation modes, this security directive will further enhance cyber-security preparedness and resilience for the nation’s railroad operations

10532607858?profile=RESIZE_400xBoth public and private maritime industries within the entire transportation supply chain is finally getting up to speed with cyber security.  The Port of Long Beach in California is poised to build its “Supply Chain Information Highway” digital infrastructure on the Amazon Web Services platform, following a new agreement with the online retail giant.

This “Information Highway” is being created to aggregate data collected at the port on a single platform for access by companies across different

10137717883?profile=RESIZE_400xAn unknown criminal hacking group is targeting organizations in the aviation, aerospace, defense, transportation and manufacturing industries with trojan malware, in attacks that researchers say have been going on for years.  The malware has been named TA2541 and detailed by cybersecurity researchers the persistent cyber-criminal operation has been active since 2017 and has compromised hundreds of organizations across North America, Europe, and the Middle East.

Despite operating for nearly 5 yea

10051011299?profile=RESIZE_400xShipping is an indispensable part of modern life.  It is the lifeblood of the global economy, with numerous large companies (and their equally large container ships) perpetually moving goods from one corner of the earth to the other to provide consumers and industries with the necessities of life.  Due to the critical importance of shipping and receiving goods to most organizations, threat actors often use shipping as a lure for phishing emails: such as false invoices, changes in shipping delive

9747897664?profile=RESIZE_400xA recent bipartisan report by the US Senate’s Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years.  A report published in 2019 found that eight federal agencies failed to meet even the basic cybersecurity standards and protocols. Two years later, cybersecurity at those agencies was again analyzed and the findings are as described in the new report “stark.”

The new report, titled “Feder

9271222487?profile=RESIZE_400xA recent cyber security blog by researcher Maahnoor Siddiqui, he provides a clear picture of the threats and vulnerabilities in the Transportation supply chain.  A concern shared by Red Sky Alliance.  Our 40-minute commute to work in the morning can feel like an insular event.  Whether it is by bus, train, ferry, or car; it can be hard to place this single event within the vast network of transit that occurs every day.  These small personal journeys make up a highly interconnected transportation

9246210092?profile=RESIZE_400xFor years, Red Sky Alliance has helped monitor cyber security threats and vulnerabilities during mergers and acquisitions (M&A’s).  Supporting businesses with cyber security is a big part of our business model.  For decades, corporate consolidation has been growing and now the US President is taking aim at this trend in a new Executive Order (E.O.), dated 9 July 2021.

Our friends at the US National Defense Transportation Association (NDTA) shared that this new E.O. is affecting the transportatio

8744873880?profile=RESIZE_400xWith the recent shipping stoppage in the Suez Canal, it became very apparent the transportation vulnerabilities in areas of constricted passages.  Preliminary reports indicate mechanical and weather errors caused the grounding; or was it?  Engine failure and heavy weather have both been cited as reasons behind merchant vessel (M/V) Ever Given’s grounding in the Suez Canal.  But neither are convincing and plain old navigation errors (humans) may be at the root of the casualty, report Lloyd's of L

8370100074?profile=RESIZE_400xThe Covid pandemic add numerous concerns with the shipment of cargo in many countries.  Part of these “concerns” are the drastic increase of ransomware into the IT and OT (operating technology) systems of the transportation sector.  Transportation Topics published a recent article regarding the growing transportation targeted ransomware threat.[1]  The authors report that ransomware attacks have jumped 715% year-over-year.   

United States Tennessee state-based trucking and logistics company For

Red Sky Alliance performs weekly queries of our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this weekly list of Motor Vessels in which Red Sky Alliance directly observed the vessel being impersonat

6325083890?profile=RESIZE_400xThere is a Russian saying that rings true in protecting entities against cyber threats, “I am not concerned about all of the wolves in Siberia, I am only concerned about the wolves that are now chasing my sleigh.”  The world is full of cyber threats, hackers and state sponsored cyber terrorists who are targeting governments, businesses, and organizations.  The way Red Sky Alliance can help the maritime industry and its supply chain is to focus on the cyber threats directly targeting a specific o