Welcome
Summary
Course
Exam
Certificate
Library
News
Verify
Support
My Account

Profiled Partners

  • Navarino
    The Maritime Industry's Most Advanced Communications & Connectivity Company
  • Be Cyber Aware at Sea
    Start the Course now!
  • CSO Alliance
    The World's First Global Members Alliance of Maritime Company Security Officers (CSO)
  • Be Cyber Aware At Sea
    A Global Maritime & Offshore Initiative.
 

 
 

First cyber attacks of the year reported in Australia and US

Splash 247 and Infosecurity Magazine, January - February 2020 
February 3rd 2020
Splash 247 and Infosecurity Magazine, January - February 2020
The new decade begins with yet more confirmed, and suspected, cyber attacks. Read the full articles online concerning Toll Group here, and 

We were warned that cyber attacks would proliferate as we cruised towards the new decade and so it has transpired so far. In the US there was reported over the Christmas period, and confirmed in January, that ransomware identified as Ryuk caused serious operational disruption at a 'Maritime Transportation Security Act regulated facility' - believed to be a port.

A bulletin reported that "Forensic analysis is currently ongoing but the virus, identified as 'Ryuk' ransomware, may have entered the network of the MTSA facility via an email phishing campaign. Once the embedded malicious link in the email was clicked by an employee, the ransomware allowed for a threat actor to access significant enterprise Information Technology (IT) files, and encrypt them, preventing the facility's access to critical files.

"The virus further burrowed into the industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations. The impacts to the facility included a disruption of the entire coporate IT network (beyond the footprint of the facility), disruption of camera and physical access control systems, and loss of critical and process control monitoring systems".

All told operations at the facility were disrupted for over 30 hours. Furthermore in February there has been a report of Australian transport and logistics company Toll Group having to shut down a number of systems in response to a suspected cyber security attack.

The company said it is investigating the cause of the incident.

“We expect several Toll customer-facing applications to be impacted as a result. Our immediate priority is to resume services to impacted customers as soon as possible. We will continue to provide regular updates,” the company said in a statement on its website.

Toll Group owns a fleet of seven vessels, made up of four roros, a general cargo vessel, an MPP and an anchor handling tug supply vessel.