The attack took place in 24 July 2018, Tuesday, at the Port of Long Beach where the company’s local email system and network telephone communication were in disarray. COSCO’s staff then isolated the affected servers from other networks to mitigate the damage.

Apparently, the ransomware had resided in some of the company’s servers that hosts the corporate website, www.cosco-usa.com, as well as phone and email systems, and WAN and VPN gateways. However, the shipping firm’s global website is up and running, unaffected from the cyberattack.

System back to normal

A week later, the shipping giant had picked up itself and had restored part of the its US computer network system. So far, its internet phone service and company email system had returned to normalcy except for its public mailbox for customer services which remained inaccessible.

COSCO has set a deadline for the restoration of its public mailbox system by the end of this week with the gradual recovery of its network applications in the US. So far, the shipping firm had announced that its global network is stable and secure at the aftermath of the cyberattack last week.

Slow to adapt to New Technology

Perhaps the burning question in everyone mind is how the attack happened, and the consequences that followed and what is meant for the stakeholders.

More than often, the shipping industry has sometime been stereotyped as ancient behemoth, slow to harness new technology with heavy reliance on big machinery and labor intensive in nature.

It was due to these factors that led Ken Munro, a researcher of Pen Test Partner, to coin that cybersecurity in shipping is still “in its infancy”.

Comparing the shipping cyberattack to doomsday movie scenarios, Munro foresaw hackers in hijacking vessels digitally and changed ships’ courses at the click of a mouse.

“We tested over 20 different Electronic Chart Display and Information System (ECDIS) units and found all sorts of crazy security flaws,” Munro told a local media.

“Most ran old operating systems, including one popular in the military (vessel) that still runs Windows NT.”

In the shipping industry, ECDIS is often used by navigators to autopilot and steering of vessels to destinations.

Upgrade and update are a must

An old and non-updated system is just inviting a break in for hackers to hijack a multi-million assets such as tankers, cruise ships and containerships.

And the consequence can be catastrophic as oil tankers may be used an ‘kamikaze’ or set on suicidal collision course against key military installations by the terrorists or even used to block ports access in ransoming for money.

Indeed, the imagination ran wild for a hijacked ECDIS vessels and often such ‘apocalypse’ scene can be prevented with simple precautionary steps.

Updates and revamp of the whole aging computer and network systems are a must for vessels and onshore operation network. For a start, all that one needed is passwords hygiene like frequent changing of passwords and setting up a strong password to secure the network system.

All these precautionary measures may prevent ransomware outbreak such as the case of shipping line, Maersk which was hit by NotPetya ransomware outbreak in June of 2017 and suffered a $300 million in damages.

The post Ransomware hits shipping lines again appeared first on Hack Ware News.