The US Coast Guard recommended that ships update their cybersecurity strategies after a malware attack “significantly” degraded the computer systems of a deep draft vessel in February, according to a press release.
In the marine safety alert, the Coast Guard wrote that the vessel involved in the February cyber incident was inbound to the Port of New York and New Jersey during an international trip when it reported that its onboard network was being impacted by a cyber incident.
The Coast Guard responded, and after an analysis conducted alongside an “interagency team of cyber experts” it concluded that while the functionality of the boat’s computer system was impacted, control systems were not. The computer system was used for managing cargo data and communicating with the Coast Guard and shore-side facilities.
“Prior to the incident, the security risk presented by the shipboard network was well known among the crew. Although most crew members didn’t use onboard computers to check personal email, make online purchases or check their bank accounts, the same shipboard network was used for official business – to update electronic charts, manage cargo data and communicate with shore-side facilities, pilots, agents, and the Coast Guard,” the alert said.
Targeting governmental and military assets will continue to be valuable for those seeking to disrupt our society, said Tim Mackey, principal security strategist for the Cybersecurity Research Center at Synopsys.
“This incident highlights lessons for everyone to take – whether you’re in government or in a corporate setting – vigilance starts with preparedness. All systems contain weaknesses, and software systems are no different. An up-to-date inventory of all software assets, including versions, origins and update procedures, is a bare minimum operational requirement for deployed software,” said Mackey.
“This asset inventory should also include a detailed accounting for all known weaknesses, and procedures should be in place to ensure newly disclosed weaknesses or vulnerabilities are amended to the inventory. The goal of this process to ensure that systems are both patched and that the potential attack surface for the asset can be quantified. Armed with this information, threat models can be created which then guide mitigation efforts.”