Maritime Cyber Michael Hawthorne Maritime Cyber Michael Hawthorne

The Maritime Sector and Virtual Stowaways

Another shipping company experiences a cyber attack. Whilst light on detail, (BW Group should be commended for sharing their incident), initial reports indicate that in July 2017, a cyber event occurred at BW group, that was initiated by unauthorised access to BW Group's computer systems resulting in the temporary non-availability of some business systems. It has been reported that future mitigation efforts to address this unauthorised access include “fool proof security products” and “dedicated personnel managing these products”.

Read More
Maritime Cyber Michael Hawthorne Maritime Cyber Michael Hawthorne

Admiral Nelson's blind eye, Maersk and petya

At the Battle of Copenhagen in 1801, Admiral Nelson famously stated that he had the right to be blind sometimes. He raised his telescope to his blind eye and thus did not read the signal to retreat from the battlefield. Sometimes in life, turning a blind eye at a problem can result in reaping the benefits, in this case the Royal Navy won a significant sea battle. When considering the cyber threat to the maritime sector, turning a blind eye will not lead to a resilient security posture.

Read More
Maritime Cyber Michael Hawthorne Maritime Cyber Michael Hawthorne

Petya, the maritime sector and wolf packs Two

My previous article on petya indicated that it was not clear if this cyber attack was motivated by ransomware or the more destructive wiper. It is still being assessed and there is some discussion as to who was the main target. However the Ukraine seems to have experienced the most disruption. So whilst it is reasonable to conclude that the maritime sector was not specifically targeted by petya, it is fair to say that this is the first substantive attack that has had worldwide impact upon maritime operations.

Read More
Maritime Cyber Michael Hawthorne Maritime Cyber Michael Hawthorne

Petya/Peyra- Ransomware or wiper?

For all of the discussion over the petra/pnetya/petya ransomware/wiper malware, what is abundantly clear is the requirement to implement more effective cybersecurity controls. It is self-evident that the decisions on which controls to select will depend upon an enterprise’s security posture and risk appetite.

Read More