Significant increase in malicious attacks cyber attacks in the area of maritime transport, notes the Marlink report.
Marlink warns that the hacker they find new ways to bypass security measures. The company, which offers smart grid services, operates a cybersecurity center and covers 1,800 functions ships all over the world.
However, during the first half of 2024, there was a sharp increase in malicious activity compared to the same period in 2023, including 79 “significant incidents” across the fleet it manages.
As an indication, in the period from January to June 2024, 14.8 billion security incidents and 1.4 million warnings of attempted breaches were recorded.
According to the same data, there has been an increase in the number of attacks using so-called “reverse proxy phishing”, a method of stealing login credentials without giving any indication that anything has happened.
Essentially, this technique is used to obtain information that will be sold or exploited by attackers for blackmail, money theft, or identity theft.
In fact, Marlink points out that in this case, attackers create a proxy server between the user and the real website, and the user never knows that their login information is falling into the hands of a hacker.
Ransomware gangs
As Marlink points out, in addition to the threat of data theft, shipping operators will have to bear the burden of dealing with ransomware groups, which have caused some of the most serious attacks in the industry’s history.
Marlink has identified nine ransomware gangs active in targeting shipping, including some of the biggest known names in this form of crime (Black Basta, BlackCat, PLAY, BianLian, etc.).
The relevant report also mentions other digital threats such as – among others – Commodity Malware, a widely available malware commonly used in large-scale automated attacks, and “Distributed Denial of Service” (DDoS), which is essentially a cyber attack that has target websites. and servers to disrupt services on a network.
Need to react
The best defense, according to Marlink, is to establish and properly operate a well-equipped security operations center (SOC) at each enterprise in order to proactively monitor.
In this context, Nicolas Furge, responsible for the company’s Digital and IT department, highlights that “malicious actors are evolving their attack patterns and launching fraudulent campaigns that bypass previously effective security controls”.
This, according to him, creates the need to react and increase the level of security, with the aim of ensuring that all operations in the sector are effectively protected.
“The digital future of maritime transport needs to incorporate cybersecurity and Marlink has the tools to support companies”, he adds.