OCTOBER 10, 2018 — October is National Cybersecurity Awareness Month and, in a posting on the U.S. Coast Guard's Maritime Commons blog, Charles Blackmore, cyber program specialist, Office of Port & Facility Compliance, cites some examples of cyber threats that can affect all industries and organizations, especially those in the maritime environment:
Phishing/Spear Phishing– Phishing is an attempt to induce individuals to reveal personal information such as passwords and credit card numbers. Spear phishing is a targeted attempt based on who the individual is (i.e. the company they work for). This is accomplished by trying to get an individual to download a file or click on a hyperlink. Users should be wary of emails received from people they do not know asking them to click on a link or download a file.
Malware – Similar to phishing/spear phishing, the intent of malware is to get individuals to download a file or click on a link. However, unlike phishing/spear phishing, such attempts do not try to garner information. The intent of malware is to gain access to a system or network with an end result of causing some sort of damage to the system or network. Terms you may hear in connection to malware are: computer virus, Trojan horse, spyware, and ransomware. A user must be wary of popups containing links or emails containing files from unrecognized sources.
Insider Threat – This is a malicious threat to an organization originating from a person within the organization itself. This could manifest itself in fraud, theft of information, or damage to internal systems. Individuals should make sure that they lock their workstations when they leave their desks and never share passwords with anyone.
Social Media Fraud – Nefarious characters increasingly use social media to engage in identity theft and entice individuals to download malicious code or reveal passwords. Users should take great care with the information they post online and avoid accepting "friend" requests from people they do not recognize. Additionally, it is a good practice to check social media settings to determine who can access your information and secure it to the greatest extent possible.
Maritime Transportation Security Act (MTSA) regulated facilities and vessels must report suspicious cyber activity or breaches of security to the Coast Guard. Cyber incidents that impact an MTSA regulated facility or vessel's physical security or result in a pollution incident must be reported to the Coast Guard's National Response Center (NRC) at 1-800-424-8802 or via their online reporting tool at www.nrc.uscg.mil.
For cyber incidents at a MTSA regulated facility or vessel that do not impact physical security or result in a pollution incident, the Coast Guard highly encourages reports be made to the National Cybersecurity and Communications Integration Center (NCCIC) at 1-888-282-0870 as the NCCIC may be able to provide technical assistance. Please note – when making a report to the NCCIC it is imperative that the reporting party inform the NCCIC a report is being made by a MTSA regulated facility or vessel. NCCIC will automatically forward the report to the NRC. This will meet the reporting requirements in 33 CFR 101.305.
For more information on reporting suspicious activity and breaches of security, including cyber incidents, please review CG-5P Policy Letter 08-16, Reporting Suspicious Activity & Breaches of Security.