There has been a 400 percent increase in attempted hacks since February 2020 coinciding with a period when the maritime industry turned to greater use of technology and working from home due to the Coronavirus pandemic, according to Israeli cybersecurity specialist Naval Dome.
Naval Dome ascribed the spike in malware, ransomware, and phishing emails to the COVID-19 crisis, adding that travel restrictions, social distancing measures, and economic recession are beginning to bite into a company’s ability to sufficiently protect itself. “COVID-19 social restrictions and border closures have forced original equipment manufacturers (OEMs), technicians, and vendors to connect standalone systems to the internet in order to service them,” Naval Dome CEO Itai Sela said.
OEM technicians are unable to fly out to ships and rigs to upgrade and service critical OT systems, resulting in operators circumventing established security protocols, leaving them open to attack, says Naval Dome. “As budgets are cut and in the absence of service engineers, we are seeing ship and offshore rig staff connecting their OT systems to shoreside networks, at the behest of OEMs, for brief periods of time to carry out diagnostics and upload software updates and patches themselves. This means that their IT and OT systems are no longer segregated and individual endpoints, critical systems, and components may be susceptible. Some of these are legacy systems which have no security update patches and are even more susceptible to cyber attack. The increase in OEM personnel working remotely on home networks and personal PCs, which are not well protected, adds to the problem,” noted Sela.
Sela said that during the first three months of 2020, attacks targeting home workers increased tenfold, adding that PC security software provider McAfee has reported that between January and April cloud-based cyber-attached on all businesses increase by 630 percent, notes the report. “Companies are stretched thin and this is benefitting the hacker,” said Sela. "It is not sufficient to protect only networks from attack. Each individual system must be protected. If networks are penetrated, then all connected systems will be infected.“