NSA, FBI and ROK illustrate the DPRK hackers TTP, used to lure the victims and steal sensitive info. Especially with social engineering and spear phishing.
Commercial ships and maritime industry hit by waves of phishing cyber attacks
U.S. Cost Guard issues a Safety Alert with recommended cyber security best practices, after a rise of phishing cyber attacks on commercial ships and maritime industry
Phishing cyber attacks against commercial ships and maritime industry are on the rise. It has been denounced by U.S. Cost Guard, that issued and alert on the malware activity and on the precautions to increase protections. “The U.S. Coast Guard has released a Safety Alert with recommended cyber security best practices for commercial vessels,” the US-CERT reports. “With a dynamic cyber security threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the following basic measures: Implement network segmentation; Create network profiles for each employee, require unique login credentials, and limit privileges to only those necessary; Be wary of external media, Install anti-virus software, and Keep software updated”.
The cyber security community: It’s seems the ICT extension of the Iranian aggressive campaign in the Hormuz Strait
At the moment, there are no official attributions for the cyber attacks on commercial ships and maritime sector. But the cyber security community believes the phishing and malware campaigns is probably the work of Iranian threat actors. Tehran, in fact, after the new U.S. sanctions promised vengeance and started to attack tankers in the Hormuz Strait. So the ICT offensive could be the extension on the fifth domain of the Iranian aggressive posture on the sea. Furthermore a cyber war is ongoing between the two countries, culminated with the U.S. attacks on the Islamic Republic group, that recently shot down an american Global Hawk drone in international waters. After these episodes, the cyberspace operations stepped up on both sides. One actor is trying to spy or damage the enemy’s critical infrastructures. The other to prevent, counter and respond in the most effective way.