Large logistics and transport operations haven’t traditionally thought of themselves as prime targets for hackers. However, rising cyberattack suggests otherwise — as cybersecurity specialist Stormshield explains.
Vincent Nicaise, Stormshield’s industrial partnership and ecosystem manager, says there has been a rising incidence of attacks on ports alone in the last decade, based on a report from Naval Dome.
“The number of cyberattacks in maritime transport increased 400% in 2020,” Nicaise says, adding that according to the Union des Ports de France, major seaports were attacked on average 10-12 times a day in 2017.
Nicaise details 12 known cyberattacks on ports in the past 10 years — ranging from the 2011-2013 keylogger hijacking of a container management system for the port of Antwerp (pictured) to an exploit in August 2021 targeting the port of Houston, USA.
This year’s Houston attack took advantage of a critical flaw in the port’s password management solution.
“This software flaw easily allows hackers to implant web shells in an organisation’s information system to facilitate various actions, from extracting critical data to installing malware,” writes Nicaise.
Cyberattacks on ports have taken place all over the world, and small organisations aren’t immune either, he adds.
“Size isn’t everything. In November 2020, the port of Kennewick was hit with ransomware, which completely locked access to its servers. The incident was a big surprise for this small inland port, since its strategic scope is much smaller than the major commercial seaports,” Nicaise explains.
He notes that it reportedly took nearly a week for port authorities to regain control over their data by rebuilding their information system using back-ups, as a result of what has been assumed was the inadvertent opening of a corrupted attachment.
You can read Nicaise’s comments in full here.
The need for newer solutions
Back in April, Nicaise warned that the cybersecurity landscape for industry was shifting.
“Early cyberattacks against industry mainly affected gas, energy, nuclear and water companies… and seemed to have more to do with geopolitics. But over the last few years, the targets have been diversifying,” he wrote in a blog post.
“It’s clear that no one is safe.”
Stormshield has just announced Stormshield Data Security (SDS) for Google Workspace in partnership with Google, to allow all companies using Google Workspace to encrypt all types of information, content and communications while maintaining the native user experience.
This news follows the announcement of a partnership with Nozomi Networks on cybersecurity advancements for OT/IT, and the launch of the new Stormshield ruggedised SNxr1200 firewall for critical environments.
Interested in SDS for Google Workspace? Learn more in a 23 November webinar — click here to register.