On Monday, July 8, the Coast Guard issued a Marine Safety Alert claiming a vessel was struck by malware back in February. The craft is described as a 'deep draft' vessel on an international voyage which was struck by a "significant cyber attack" on its way to the Port of New York and New Jersey.
Fortunately, the crew avoiding losing total control of the ship. An investigation into the incident found that while the malware significantly degraded the functionality of the vessel's computer system, essential control systems were not impacted. Regardless, the investigation found the vessel had been operating without effective cybersecurity measures in place, exposing critical control systems to significant vulnerabilities.
The nature of the attack has not been revealed, but the crew admitted to knowing about the security risk to the ship's network before the attack occurred. While most crew members claim to not have used the network for personal business, it only takes one to expose the entire network. Members did, however, admit to regularly plugging USB drives into the ship's systems without scanning them for malware.
This incident follows a Marine Safety Information Bulletin published in May which warned of cyber adversaries targeting commercial vessels. In the memo, officials warn of email phishing and malware intrusion attempts in an attempt to snoop on arrival schedules and cripple vessel control systems.
This incident should serve as a wake-up call to vessels operating without proper security controls in place. To prevent such an attack, operators must segment the used networks, install and continuously update AV software, and avoid using external media, or scan it for malware prior to introducing to any vessel network.
Organizations must also ensure all known vulnerabilities are identified and mitigated within your infrastructure before they are exploited. NNT's Vulnerability Tracker helps organizations identify known vulnerabilities by continuously testing and assessing your IT network and any device connected to it against thousands of Network Vulnerability Tests (NVTs).
Learn more about Vulnerability Tracker by viewing our Solution Brief