Posts Tagged ‘hackers’

Cyberattacks Seek Industrial Targets

The malicious actors behind recent cyberattacks are increasingly targeting industrial companies, rather than individual users, according to a recent Kapersky Lab analysis.

The Kapersky Lab analysis shows supply chains will be increasingly threatened by cyber risk, as its logistics partners, suppliers and internal operations are threatened by malicious attacks. In fact, if the data suggests a trend, the recent cyberattack is unlikely to be the last roiling global logistics.

Such a pivot presents an increased threat to companies as a hack can affect not just systems and operations, but also human safety.  An analysis of the most recent attack shows at least 50% of the companies attacked last week were either manufacturing or oil and gas companies (which includes A.P. Moller-Maersk for its energy division).

 A look at the disruptions to A.P. Moller-Maersk shows how dependent global trade is on information systems. At the TOC Europe conference, Lars Jensen of cybersecurity firm CyberKeel told attendees he calculated the shipping line would suffer $2.7 million every hour its booking system was shut down. Even aside from lost revenue, which could amount to more than $60 million dollars, the disruption to Maersk also affects other lines with boxes on Maersk vessels, which remain unloaded as the Danish shipper seeks to right itself.

To date, Maersk continues its path to recovery and has only fully reopened 6(of 17) terminals that were affected by the June 27 cyberattack, JOC.com reports. However, associated terminals and truck drivers are also being impacted by the fallout of the attack, according to the Miami Herald.

Ultimately, Jensen hopes the attack serves as an object lesson for the industry, which he believes is woefully unprepared and has an inherent digital weakness. Building resilience into digital products must occur at the time of construction to be truly effective. Though costly, the method of building in security from the ground up has proven more reliable, according to Jensen.

In the meantime, supply chain managers can add cyberattacks to their growing list of risks capable of disrupting operations.

 

Source: SupplyChainDIVE

Maritime: The Next ‘Playground’ For Hackers

Cyber-security specialist CrowdStrike will be warning of the dangers the shipping industry faces from at hackers at Nor-Shipping 2017.

Appearing alongside the American Bureau of Shipping (ABS), CrowdStrike will lead a session focusing on the tactics, techniques and procedures of ‘invisible pirates’, and the actions the industry can take to rebuff them.

“Maritime has been described as ‘the next playground for hackers’,” said Crowdstrike’s John Titmus, director, EMEA – cybersecurity strategy advisor. “It’s an industry revolving around high value assets, moving valuable cargoes, that is transitioning to an increased reliance on digital systems. Smart shipping and the advent of broadband communication between ship and shore can unlock huge potential for the sector. Unfortunately that’s also true for the criminal fraternity.”

The joint CrowdStrike and ABS event takes place as part of Nor-Shipping’s Disruptive Talks program on May 31.

 

Source: Seatrade Maritime News

What’s Next After ‘Massive Disruption’ From Latest Cyber-Attack? A View From The Trenches

As the cyber-attack continues to spread around the globe causing massive disruption and damage for universities, hospitals, automakers and many other businesses including FedEx, only one thing is certain: It won’t be the last.

That’s because the cyber criminals are running a multibillion-dollar enterprise with the help of ultra-sophisticated tools, said Yuri Frayman, co-founder and CEO of Aventura-based cybersecurity company Zenedge. The company, which launched in 2014 after two years of development, helps companies worldwide protect their web applications and networks against cyber-attacks with its proprietary technology.

“If this was not a wake-up call to the corporate world, I don’t know what needs to happen next,” said Frayman, offering his view from the trenches. “About 220,000 companies have been hit, and this is just what we know. We are seeing a massive disruption in the network operations across the globe.”

A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing on Saturday. Thousands of companies were hit with a huge ransomware attack over the weekend that locked up computers and held users’ files for ransom in hospitals, companies and government agencies. (PHOTO CREDIT: Mark Schiefelbein AP)

None of the firms his company protects have reported any disruptions from the so-called “WannaCry” ransomware virus, he said. But as the attack has unfolded, Zenedge has been talking with industry security specialists around the globe about how they are mitigating the damage and seeking to stabilize large infrastructure companies.

What really worries Frayman is what comes next in this attack, and ones to follow. Companies such as FedEx will throw everything at this problem in the next three or four days at an unbelievable cost, said Frayman, who has himself been expecting a FedEx delivery for the past two days. But less-sophisticated firms may may not even know a virus lurks in their system.

 “A second problem is the massive shortage of cyber-security experts. The enemies are hackers who are years ahead, Frayman said.  “Telecommuting also creates risk. Ninety-eight percent of the world population doesn’t know if their home has been hacked. If I have your home, I can hack your corporate environment. Many people around the world work from home, and that is another black hole that is ready to explode.

The solution – beyond turning off the internet – is commitment to vigilance. Generally, the largest financial services companies are very proactive, appropriating the proper budget, staff and training and putting key processes in place. But take a step outside of that and you will see across the board that corporations have not taken this seriously. Hiring a chief security officer is not enough. It’s not about buying cyber insurance and hiring a couple of people – it’s about discipline. Having a dedicated staff and/or vendors whose single task is to secure and protect the company is key. So is continual staff training. You can’t just be clicking anymore…. Hackers are using very sophisticated tools to mimic regular emails you get every single day. If you click on one that downloads a virus, it eventually could discover the system administration credentials. Once the hackers know those, they can do whatever they want.”

Zenedge currently has about 250 clients spanning the financial, ecommerce, gaming, healthcare and manufacturing industries worldwide and also protects large internet service providers, said Frayman, who previously helped lead and sell four other companies. Zenedge raised $6.2 million in September to finance its global expansion; in total, it has raised $13.7 million in venture capital funding.

“Every single attack, every single malware, we take it apart, and we train our algorithyms to be able to pick up the behavior of an attacker,” Frayman said. “If you train a computer to think like a human, then you can protect as many customers as we do without a need for a human interaction.”

 

Source: Miami Herald