A ransomware infection has crippled the US network of one of the world’s largest shipping giants —COSCO (China Ocean Shipping Company). IT security experts commented below.
Javvad Malik, Security Advocate at AlienVault:
“Ransomware continues to wreak havoc within companies. It’s unclear whether this was a targeted or casual attack, but employees should be trained to be able to recognise suspicious emails and not click on links; or have an easy-to-escalate route where they are unsure as to whether an email is malicious or not.
Similarly, it’s important to have good threat detection and response controls in place so that any attack can be dealt with swiftly.COSCO was wise to segregate the infected network from the rest of the networks in order to prevent further spread.
It’s important for companies to have a recovery and response plan prepared in advance so that business functions can be resumed quickly.”
Andy Norton, Director of Threat Intelligence at Lastline:
“The costs from a loss of operational capability to Maritime organisations has been shown to run into the hundreds of millions of dollars in a matter of days. Ransomware with worm like features have demonstrated a vulnerability in many sectors of business. Perhaps it is a business necessity that shipping organisations have a relatively open network, that would allow the fast propagation of a worm. If this is the case the dynamic analysis of objects entering the environment would highlight the malicious propagation behaviours and offer risk mitigation against this type of attack.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.