The Top 5 Cyber Activities Targeting Maritime Industry

Wednesday, November 6, 2024

In the first half of 2024, the Threat Intelligence team within Marlink’s Security Operations Centre has observed several activities carried out by malicious actors targeting the maritime industry.

These activities include phishing, where malicious actors sending fraudulent e-mails or messages try to trick individuals into revealing sensitive information like passwords or financial details.

Phishing attack trends include HTM/HTML documents with embedded links and QR codes to credential harvesting login landing pages hosted on difficult-to-block infrastructure, and typosquat and BEC senders.

Also, commodity malware was used to target the sector, whereby widely available malware is typically sold or distributed for common use by cybercriminals, often used in large-scale, automated attacks.

DDoS attacks are also one of the malicious activities carried out by the attackers where multiple systems overwhelm a target server or network with excessive traffic, causing it to become unavailable to users, especially port infrastructure and maritime transportation companies.

Typosquat domains and DMARC were also used, were domains that mimic legitimate websites with slight misspellings are set up with the aim to trick users into visiting them to steal information or distribute malware.

Another technique used by cyber criminals is password spraying - a type of brute-force attack where attackers try a few commonly used passwords across many accounts to avoid detection and gain unauthorized access. VPN gateway user accounts have been widely exploited by trying common passwords.

If you are in New Orleans on November 13, 2024, sign up now for a free lunch and moderated conference discussion to learn more about the new United States Coast Guard (USCG) cyber security rules and their impact on the vessel owner/operators, OEMs and shipyards. Featured speakers include:

  • Rear Admiral Wayne R. Arguin Jr., Assistant Commandant for Prevention Policy (CG-5P), U.S. Coast Guard
  • Dain Detillier, Executive VP – LNG Operations, Harvey Gulf, LLC
  • Stewart Alpert, Chief Information Security Officer & Head of Technology, Hornblower Group
  • Angeliki Zisimatou, Director, Cybersecurity, American Bureau of Shipping
  • Phillip Bannerman, VP Sales Americas, Marlink
Categories: Technology Industry News Cyber Security Activity Conference

Related Stories

Bureau Veritas, SHI Partner Up for Floating Storage and CCS Solutions

Aker, Aibel Get FEED Contracts for GreenVolt Floating Wind Project

Mingyang’s Giant 16.6MW Floating Wind Platform Starts Operating in China (Photos)

Current News

BOEM Okays New England Offshore Wind Project

Solstad Offshore Bolsters Ownership Stake in Omega Subsea

DeepOcean Takes Over Equinor’s Pipeline Repairs Contract from TechnipFMC

Petrobras Steps Closer to Developing Hydrogen Plant Powered by Renewables

Subscribe for OE Digital E‑News