In a joint advisory issued on April 8, the US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and its UK counterpart warned that “a growing number of cybercriminals and other malicious groups online are exploiting the Covid-19 outbreak for their own personal gain.”
As Covid-19 restrictions lay bare the soft underbelly intrinsic of many remote communication and teleconference technologies, many companies, like those engaged in offshore oil gas development, have recognized the criticality of maintaining network security.
“We’ve been seeing more and more companies asking us to show up and do a breach assessment or a compromise assessment,” says Dr Mate Csorba, global service line leader, Security Architecture & Verification.
Experts say the risks of cyber-attacks occurring within the vulnerable maritime and offshore communities has grown appreciably as the coronavirus has forced most offices to lock down. This left information technology specialists scrambling to ensure updated security patches are installed on widely dispersed computers and has intensified monitoring of their respective networks for signs of malicious malware, ransomware and email phishing.
Advancing digitalization and connectivity, combined with more employees exiled to work from remote and sometimes poorly secured locations, has provided fertile ground for cyber-criminals set on injecting their own brand of virus into the pandemic-induced anxieties of companies from the inland waterways industry to the deepwater Gulf of Mexico.
“This experience reinforces that cyber security has got to be a focus for everyone,” said Jennifer Carpenter, president and CEO of the American Waterways Operators, which, so far, has helped head off any network disruptions to its tug and barge company members. “It doesn’t matter where you’re located, the size of your operation, or the complexity of your operation, we all have to make sure we have the network system that will get us through unusual events.”
The maritime sector is well-versed in monitoring and initiating response plans to unfolding events like slow-developing hurricanes, but the full brutality of Covid-19 hit quickly and with unexpectedly dire health and economic consequences.
Changing course
Given the travel risks associated with the highly contagious new coronavirus, DNV had to redefine the “show up” component during the late March execution of a planned cyber security assessment for a Gulf of Mexico asset. Normally, a certified ethical hacker would be installed aboard the asset to simulate a cyber security breach and evaluate the company’s vulnerabilities to a major attack. With travel off the table, Maritime Advisory and Digital Solutions at DNV collaborated closely with the client to enable the assessment and penetration tests to be carried out remotely between client personnel and DNV offices across three countries.
“We shipped hardware that was installed inside the company and could be remotely controlled,” Csorba said from his office in Trondheim, where he works with clients from the maritime, offshore oil and gas and utilities industries, among others. “Basically, we simulated an attacker on the inside of the corporate network and if a breach happened, we then looked at what the attacker can do from there, and what are the vulnerabilities offshore that an attacker would be able to exploit.”
A second remote assessment was underway in Europe in May.
Though cyber security occupies a high profile among many companies, especially within the increasingly digitalized offshore oil and gas arena, Csorba said the pandemic has further driven home the need for companies to elevate cyber security to a level equal to their uncompromising safety programmes.
“Generally, there is very good safety awareness within the oil and gas industry and there should be equally good security awareness, because there’s no safety without security,” he said.
Any renewed focus on cyber awareness, he said, must begin and end with the human factor. “Even before Covid, what we’ve seen from assessments is that some of the major threats you have in offshore cyber security come from the crew taking shortcuts. They often breach natural segregation by not following policies and procedures, by installing USB devices in drive ports, making network connections they’re not supposed to make, and thereby circumventing the technical defences that are out there. The crew also has onboard email access, so that’s a primary threat factor, even more so than remote access.”
Widespread work-from-home orders also further exposed the technical vulnerabilities of popular telecommunications technologies, which were on the rise well before the blanket pandemic lockdowns. “What happened with Covid is that the hackers started looking at these remote collaboration tools,” Csorba said. “Recognition of the vulnerabilities of remote access was rising before Covid, so hopefully now it will get more focus.”
This extracted and edited article was published with permission of WorkBoat magazine (from the July 2020 issue of WorkBoat magazine)
Read the full, original article here: https://www.workboat.com/magazine/magazine-archives/