Watch Now

Phishing scam targets cargo ship operations

Photo Credit: Jim Allen/FreightWaves

Email phishing tactics have been added to the list of methods being used by outsiders to hack into commercial cargo vessel operations and navigation information, maritime regulators report.

According to a safety bulletin published by the U.S. Coast Guard (USCG) on May 24, “adversaries are attempting to gain sensitive information including the content of an official Notice of Arrival (NOA)” in requests that use email addresses posing as official Port State Control (PSC) authorities. Foreign vessel operators are required file NOAs at least four days in advance of arrival at a U.S. port to allow the USCG to prioritize vessel inspections.

In addition, the agency said it also recently received reports of malware “designed to disrupt shipboard computer systems.” A malware attack was used by hackers to infiltrate the operations of container shipping giant Maersk two years ago, which ended up indirectly affecting FedEx [NYSE: FDX].

Vessel operators and land-side ship company managers should be verifying the validity of email senders before responding to unsolicited emails, the USCG asserted in the bulletin. “If there is uncertainty regarding the legitimacy of the email request, vessel representatives should try contacting the PSC authority directly by using verified contact information,” it recommended. “Additionally, vessel owners and operators should continue to evaluate their cyber defense measures to reduce the effect of a cyber-attack.”

Despite the latest attacks, the USCG noted that vessel masters have been reporting suspicious activity to its National Response Center, in accordance with federal regulations, which is helping the agency to identify and counter cyber threats around the world.

Coast Guard officials were not immediately available to provide more details on the latest cybersecurity attacks.

U.S. Representative John Garamendi (D-California), a member of a subcommittee that oversees the U.S. Coast Guard, said at a public forum in April that there is not enough attention being paid to the growing cyber risks in the maritime sector, including the spoofing of vessel GPS devices.

The USCG warned in October and November of 2018 that “significant” GPS interference continues to be reported by vessels operating in the eastern Mediterranean Sea, concentrated near Port Said, Egypt; the Suez Canal; and near Jeddah Port, Saudi Arabia. “This interference is resulting in lost or otherwise altered GPS signals affecting bridge navigation, GPS-based timing and communications equipment,” the agency stated at the time.

Apart from the most recent safety bulletin warning of the renewed threats, the USCG is attempting to address cybersecurity vulnerability by sharing prevention procedures with maritime companies, as outlined its four-year (2018-2022) strategic plan. As part of a directive from the International Maritime Organization, it will also ensure that shipowners address cyber risks within their vessels’ safety management systems by 2021.

John Gallagher

Based in Washington, D.C., John specializes in regulation and legislation affecting all sectors of freight transportation. He has covered rail, trucking and maritime issues since 1993 for a variety of publications based in the U.S. and the U.K. John began business reporting in 1993 at Broadcasting & Cable Magazine. He graduated from Florida State University majoring in English and business.