Cyber security

Naval Dome: 400% increase in attempted hacks since February 2020

There has been a massive 400% increase in attempted hacks since February 2020 coinciding with a period when the maritime industry turned to greater use of technology and working from home due to the Coronavirus pandemic.

Totem Plus System by Naval Dome, Image credit: Naval Dome/Seaborne Communications

The data was cited by Israeli cybersecurity specialist Naval Dome, which believes the pandemic is leaving the maritime and offshore energy sectors more vulnerable to cyber-attacks than before.

Naval Dome ascribed the spike in malware, ransomware, and phishing emails to the Covid-19 crisis, adding that travel restrictions, social distancing measures, and economic recession are beginning to bite into a company’s ability to sufficiently protect itself.

“Covid-19 social restrictions and border closures have forced original equipment manufacturers (OEMs), technicians, and vendors to connect standalone systems to the internet in order to service them,” Naval Dome CEO Itai Sela said.

OEM technicians are unable to fly out to ships and rigs to upgrade and service critical OT systems, resulting in operators circumventing established security protocols, leaving them open to attack.

“As budgets are cut and in the absence of service engineers, we are seeing ship and offshore rig staff connecting their OT systems to shoreside networks, at the behest of OEMs, for brief periods of time to carry out diagnostics and upload software updates and patches themselves.

“This means that their IT and OT systems are no longer segregated and individual endpoints, critical systems, and components may be susceptible. Some of these are legacy systems which have no security update patches and are even more susceptible to cyber attack.

“The increase in OEM personnel working remotely on home networks and personal PCs, which are not well protected, adds to the problem.”

Sela said that during the first three months of 2020, attacks targeting home workers increased tenfold, adding that PC security software provider McAfee has reported that between January and April cloud-based cyber-attached on all businesses increase by 630%.

As pointed out, the economic downturn and the drop in the price of crude oil is also having an effect, with oil companies and contractors being faced with limited budgets available to implement effective cyber security measures.

“Companies are stretched thin and this is benefitting the hacker,” said Sela.

“It is not sufficient to protect only networks from attack. Each individual system must be protected. If networks are penetrated, then all connected systems will be infected.

Naval Dome explained that its software solutions adhere to the strict cyber security protocols set by the National Institute of Standards and Technology (NIST) under the Purdue Model.

The model applies to industrial control systems and architecture and shows the interconnections and interdependencies of all the main components of a typical inter-connected system, dividing ICS architecture into three zones and six levels.

In this way, information security professionals and process control engineers responsible for protecting an organization’s most valuable assets can visualize how to protect against a security breach, whether involving confidentiality, integrity and/or availability.

“Our philosophy is that all systems must be protected using a risk ranking. If it is, then the entire platform is protected from both internal and external attack vectors. If only the network is protected, then whatever enters the net (such as an unintentional attack from authorised personnel) will infect all connected systems. This philosophy is more cost-effective,” Sela noted.

Ido Ben-Moshe, Vice President Business Development, said the problem is particularly acute in the marine and offshore oil and gas sectors.

“If hackers penetrate networks, and critical equipment is exposed there could be significant safety, downtime, financial and potential reputational damage,” he stressed, adding that remote working and the introduction of remotely controlled, autonomous technologies is likely to take place at a faster pace in a post-coronavirus world.

“This will see companies face new cyber security challenges if they fail to implement adequate protective measures,” he concluded