Ransomware on a Charge: Another Wake-Up Call for U.S. Shipping Industry

 

As the threat of ransomware attacks increases, the U.S. shipping industry is facing a particularly high resistance in safeguarding its global supply chain. 

The U.S. shipping industry is on the hit list of ransomware attackers — specifically the heavily computerized ports that receive cargo ships, as well as the actual crafts, security experts warned. The other major factor is the increasing strain on the global supply chain due to the Covid-19 pandemic with U.S. citizens ordering more goods to their homes than ever before. The White House has issued an executive order mandating organizations to strengthen cybersecurity protocols. 

Data analytical firms are keeping a close eye on the surge of ransomware attacks. Here are the recent reports highlighting the ransomware trends and implications: 

• Security researchers at Trend Micro discovered that 84% of the US firms have filed a complaint regarding phishing or ransomware threats in the last 12 months.

 • In the first half of 2021, the average ransomware payment surged 82% to a record $570,000 from $312,000 in 2020, according to a report from Palo Alto Networks’ Unit 42 security consulting group. 

• By 2031, the ransomware costs are expected to reach $265 billion, and that there will be a new attack every 2 seconds as ransomware attackers are continuously upgrading their malware payloads and related extortion activities, a report from Cybersecurity Ventures predicted.

Shipping ports are the ripe targets for ransomware attackers due to their heavy reliance on robotic operations and digitized inventory rather than human labor. “It keeps me up at night. Most of those systems weren’t designed with the notion that somebody was going to try to mess with them. Wasn’t part of the calculus,” Nina Kollars, associate professor of strategic and operational research at the U.S. Naval War College said. 

In 2018, ransomware attackers targeted shipping ports in San Diego and Barcelona, Spain with minor ones. In July, hackers locked up Transnet, a South Africa-owned company that oversees operations for the country’s major seaports. A ransomware attack halted operations at four of the eight ports. While many of the company’s computer networks were quickly restored, it led to rolling delays that pushed back some shipments by weeks. 

Earlier this year, the European Union Agency for Cybersecurity predicted there will be four times more software supply chain attacks in 2021 than there were in 2020, as ransomware attackers shift to larger, cross-border targets.

Researchers analyzed 24 supply chain attacks between January 2020 and July 2021 and stated that 66% of supply chain attacks were committed by exploiting an unknown flaw, while 16% leveraged known software vulnerabilities. 

When it came to supplier assets, most attacks during the specified timeline aimed to compromise code (66%), followed by data (20%) and processes (12%). As for customer assets, supply chain attacks most commonly targeted customer data (58%), followed by key people (16%) and financial resources (8%).


from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/3j60FzB

Comments