16 Oct 2019

On-Board ‘Mystery Boxes’ Threaten Global Shipping Vessels

A study by Pen Test Partners shows that shipping vessels across the globe are often vulnerable to cyberattacks, with one of the most common issues being the presence of vulnerable “mystery boxes” that are unknown to most of the crew members and understood by no one. The researchers found at

Read More
09 Jul 2019

US Coast Guard Issues Cybersecurity Warnings for Commercial Vessels

The US Coast Guard is urging commercial vessels to implement best cybersecurity practices in order to protect internal networks and control systems. The warning mentions a February incident in which a vessel was infected with malware that “significantly degraded the functionality of the onboard computer system.” The Coast Guard explains

Read More
05 Mar 2019

Chinese hackers use phishing emails to target engineering, transport and defence companies

Security researchers with FireEye believe that state-backed Chinese hackers are behind a cyber-espionage campaign that primarily targets US maritime organizations focusing on defense, engineering and transportation, although companies in various other countries have been attacked as well. FireEye says with “high confidence” that the group is supported by a nation

Read More
21 Feb 2019

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

According to Ken Munro, a security researcher with Pen Test Partners, gaining access to the network of a ship is in most cases “a low-skill attack.” As Munro explains: “[P]assword security and patch management are so poor at sea that compromise does not require significant expertise.” This is very worrisome, because a

Read More
08 Nov 2018

Troubled Waters: How A New Wave of Cyber-Attacks is Targeting Maritime Trade

“The historical ‘air gap’ separating industrial control systems from enterprise networks meant that factories and shipyards were more or less immune to cyber-attack. As long as systems were air-gapped it didn’t matter how pernicious or effective the cyber-threat became, we felt confident that these virtual concerns couldn’t impact our physical

Read More