US coastal and maritime defense is at risk, warns the Coast Guard. An alert released on Monday cautions that hackers have actively been targeting the networks of commercial vessels with phishing attacks. This is not a one-time hit. In 2018, the FBI, DHS and US Coast Guard worked together on investigating a major ransomware attack on the shipping industry that started with the Port of San Diego.
The US Coast Guard issued the alert following a preliminary investigation of an attack in February “when Coast Guard investigators were called to examine reports of a cybersecurity incident aboard an international deep draft vessel bound for the Port of New York and New Jersey.” There was no major damage.
A similar alert had been issued in May when cybercriminals resorted to phishing to steal sensitive information about the ships and their itineraries. No details have been released regarding the malware infection, but the network was not used by staff for personal business. “The ship’s network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard,” says the report.
“The team concluded that although the malware significantly degraded the functionality of the onboard computer system, essential vessel control systems had not been impacted,” according to the Coast Guard alert issued Monday. “Nevertheless, the interagency response found that the vessel was operating without effective cybersecurity measures in place, exposing critical vessel control systems to significant vulnerabilities.”