А теперь заметка из "Уолл-стрит джорнэл", о состоянии кибербезопасности в современном торговом судоходстве. Также раскрыты некоторые детали инцидента в феврале этого года, когда крупный контейнеровоз идущий в Нью-Йорк оказался буквально захвачен компьютерным вирусом и на него пришлось высаживаться киберспецназу ФБР. Выкладываю текст на английском, так как по ссылке там всё сложно. После текста очень интересная ссыль, не пожалеете.
NEW YORK—The cyberattack on a merchant vessel that prompted a U.S. Coast Guard warning
this month was due to an infection with the Emotet malware, which has been particularly
effective in attacking government and corporate networks.
The Coast Guard revealed more details about the February attack this week at a cybersecurity
conference hosted by Fordham University and the Federal Bureau of Investigation.
The Department of Homeland Security referred to Emotet in a 2018 advisory as “among the
most costly and destructive malware affecting state, local, tribal and territorial governments,”
costing on average $1 million per attack to fix.
It appears that the ship may not have been specifically targeted by hackers. Instead, the virus
could have been introduced into the ship’s systems due to shoddy cybersecurity practices. The
Coast Guard hasn’t named the ship in an effort to encourage others to report cybersecurity
Coast Guard Capt. Jason Tama, captain of the Port of New York and New Jersey and commander
of the Sector New York region, said the agency received a report in late February from a U.S.-
flagged ultra-large container ship, known as a deep-draft vessel, bound for New York City.
The crew reported that their shipboard network had been “totally debilitated” by malware,
Capt. Tama said at the conference. They couldn’t resolve the issue, and neither could the
shipping company’s system administrators, working onshore.
“I’m pretty confident there are cyber incidents happening on vessels throughout the world
every single day, most of which aren’t reported to any sort of authority,” Capt. Tama said. “So in
this case, the fact that it was reported meant we knew it was significant enough that there must
have been a big problem aboard that ship.”
The Coast Guard issued a marine alert in early July, describing the incident in broad terms and
warning the maritime shipping industry that it should be taking basic precautions against
WSJ Pro Cybersecurity at the time reported on the incident and the state of cybersecurity in
the maritime industry, which experts characterized as poor.
The Port of New York and New Jersey handles $1 billion to $2 billion in cargo per day, Capt.
Tama said. If the ship’s malware spread and shut down the port, it could be economically
disastrous. He wanted to act quickly.
“I needed to make a risk-management decision on how to deal with the ship. What was the state
of the shipboard network? What was the state of the ship’s critical navigation systems, engine
control systems, et cetera? We had to make a quick assessment,” he said.
The Coast Guard contacted the FBI and then sent its own team of cyber specialists by boat to
board the ship before it docked, to assess the damage.
Once aboard, the team quickly realized that the ship’s systems had fallen victim to a credentialmining virus, which Capt. Tama said was Emotet. The malware had infiltrated the ship’s
network due to an almost total lack of cybersecurity safeguards, he said.
An investigation by the Coast Guard and the FBI found that there was a single login to the ship’s
computer shared among all crew, that external hard drives and memory devices were routinely
plugged in without security measures, and that there was no antivirus software installed on the
In addition, Capt. Tama said, the vessel had visited ports in Pakistan, India and Oman. In those
ports, it had been common practice to share memory sticks—containing cargo and route data,
human resources information and fuel data—with third-party vendors, and plug them directly
into the network.
Speaking at the same conference, Paul Ferrillo, a partner at law firm Greenberg Traurig LLP,
said the publication of the alert was a “holy cow” moment for the industry, on par with the 2012
hack of Target Corp. or the NotPetya attacks in 2017.
The malware infection of the deep-draft vessel, he said, exposed just how much worse the
effects could have been.
“What if that’s a really dirty liquefied natural gas tanker loaded to the gills with fuel? That’s areal problem,” Mr. Ferrillo said, highlighting the potential for environmental disasters that
could occur in the wake of a damaging cyberattack on a shipping vessel in port.
The ship’s crew and operator cooperated with the Coast Guard and the FBI, Capt. Tama said.
July’s alert, he said, was meant to “ring the bell” on the poor state of cybersecurity in the
maritime shipping industry.
“I’ve been on a lot of ships,” Capt. Tama said. “What we found on this ship is not anomalous.”
В общем дорогие товарищи, скоро пираты будут не ребята Флинта и сомалийские нищеброды с автоматами на лодках, а вполне себе задроты на кухнях с ноутбуком. То, что Голливуд смаковал в фильмах "Хакеры" и "Скорость-2" то и получилось. О том, как это будет, выкладываю ссылку на самый интересный по моему мнению рассказ об истории одного взлома, когда парочка молодых ребят поимела команду из 300 сисадминов со всего мира. В тексте есть ссылки и на другие их художества. http://blogerator.org/page/lulzsec-vs-apache-infrastructure-team-vzlom-haking-hacker-setevaja-bezepasnost