Fishing can be a very profitable enterprise. Many commercial fishing fleets head out to sea each day hoping to land a big catch. Now these same boat owners have to be careful the big catch doesn’t land them.
According to an article on the Hot for Security website, “An alert released on Monday cautions that hackers have actively been targeting the networks of commercial vessels with phishing attacks. A similar alert had been issued in May when cybercriminals resorted to phishing to steal sensitive information about the ships and their itineraries.”
You might think that a boat at sea would be immune to a phishing attack. Nope. Hackers are only limited by their imaginations. And what do hackers want from these commercial vessels? To cause havoc, apparently.
According to an article on Professional Mariner website, “the Coast Guard has received reports of malicious software designed to disrupt shipboard computer systems.” They were also “attempting to gain sensitive information using email addresses that pose as an official Port State Control (PSC) authority such as: firstname.lastname@example.org.” The hackers were using email!
In response, the US Coast Guard has released a set of best practices for commercial vessels. The recommendations include the following:
- Implement network segmentation
- Implement access control
- Be wary of external media
- Install anti-virus software
- Keep software updated
None of these are bad ideas. But there is a glaring omission in that list: implement anti-phishing software. I suspect the omission is simply a lack of awareness of what leads to successful phishing attacks (i.e., social engineering) and how best to combat it. Or, maybe it’s just a lack of awareness of the existence of phishing protection software and how it uses real-time link click protection to protect users from advanced phishing emails. Either way, someone has got to tell the US Coast Guard to get on board.
Hey @joincoastguard, you need to add another recommendation to your list: Phish Protection software. You, on the other hand, don’t need to wait for the Coast Guard to tell you what to do. Head on over to our products and keep your vessel, and everything else, safe from hackers.