There is a Russian saying that rings true in protecting entities against cyber threats, “I am not concerned about all of the wolves in Siberia, I am only concerned about the wolves that are now chasing my sleigh.” The world is full of cyber threats, hackers and state sponsored cyber terrorists who are targeting governments, businesses, and organizations. The way Red Sky Alliance can help the maritime industry and its supply chain is to focus on the cyber threats directly targeting a specific organization and notify them ‘before’ these threats become cyber breaches. It is estimated that there are at minimum eight (8) major stakeholders in every shipment. These stakeholders include:
- An owner of the cargo
- Trucking and Rail services
- The vessel owner.
- The ship operator.
- Insurer of the ship.
- Insurer of the cargo.
- A banker who is holding the paper for payment.
- A port facility where the shipment is loaded and delivered.
Figure 1. A typical Supply Chain
Each one of these entities are at risk to suffer a financial loss due to a cyber-attack. These risks range along the loss of a shipment, cyber hijacking of a vessel, or a ransom of critical shipping data. The goal of cyber threat professionals is to reduce active threats and protect against breaches that can lead to financial and/or confidential data losses.
Our research and professional experience has shown that maritime port facilities are the most vulnerable and at risk, as their networks are a cyber hub for trucking firms, rail services, custom house brokers, shipping companies and crews, stevedores and unions and all the insurance carriers along the transportation supply chain. Many ports are becoming automated with AI systems, which present additional issues within Internet of Things (IoT) vulnerabilities. All these vulnerabilities and inherent risks offer an opportunity for a malicious bad actor to enter the intermodal transportation supply chain and begin to move laterally to conduct a wide variety of cyber-attacks.
An introduction of cyber threat services is more effective when the stakeholder(s) can see what is at risk specifically for their organization; not worldwide threats directed against their transportation sector. Presenting daily, actionable intelligence behind cyber threats and back to a transportation sector’s senior management - is critical. What they do not know about their current cyber situation can lead to dramatic losses.
Red Sky Alliance’s RedXray daily cyber threat notifications augment current shipper and associated transportation supply chain’s network protections by providing valuable indicators of compromise (IoC) data that can be used to black list and proactively protect against incoming cyber threats (available Indicator Packages). This data directly helps senior management officials observe and quickly make changes to their networks and servers ‘before’ losses occur. RedXray cyber threat notifications are a first step in any proactive cyber security plan for ships and all connected stake holders. RedXray enrollment is simple and Red Sky Alliance has the support staff to assist and support the transportation sector.
There are many levels of international cyber security training and certifications, yet it would not be in our best interests to try to compete and gain national recognition for any new type certification program. Our business, through the RedXray tool, is to help transportation cyber professionals strengthen their current network protections against immediate cyber threats.
Security Risk Management covers many aspects including insurance, physical and cyber security, and aggressive management practices. RedXray cyber threat notifications can add an additional view “outside the wire” of traditional network protections and can be used to help in actionable decisions for all stakeholders. Outside the Wire is the Deep, Dark, and surface web malicious postings RedXray collects every second, every day. When more stakeholders take a combination of proactive internal and external measures - all stakeholders benefit. Remember the sleigh driver in Siberia; Stop the Wolves.
Red Sky Alliance strongly recommends ongoing monitoring from both internal and external network perspectives. Internal monitoring is essential and is a common practice. However, external threats are often overlooked and can represent an early warning of impending cyber-attacks. Red Sky Alliance can provide both internal monitoring in tandem with RedXray notifications on external threats to include, botnet activity, public data breaches, phishing, fraud, and general targeting.
Red Sky Alliance is in New Boston, NH USA. We are a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com
Reporting: https://www.redskyalliance.org/
Website: https://www.wapacklabs.com/
LinkedIn: https://www.linkedin.com/company/wapacklabs/
Twitter: https://twitter.com/wapacklabs?lang=en
Comments