AFTER A SPATE OF HIGH PROFILE RANSOMWARE ATTACKS TARGETING BUSINESSES AROUND THE WORLD, the problem has moved closer to home with Maersk’s APM Terminals units experiencing computer problems due to the recent global Petya attack.
Described by one industry analyst as having ‘a large economic impact for the company’, the damage experienced by Maersk was collateral in nature as the attack was primarily focused elsewhere. If, however, the perpetrators had specifically targeted this Danish conglomerate the effect could have been much worse.
It is considered that if determined hackers decided to target specific companies or installations that today’s digitally dependent drilling rigs could be a prime target for infection threatening productivity, safety and the wider environment.
A recent study conducted by DNV GL focusing on operations on the Norwegian Continental Shelf identified the following cyber security vulnerabilities:
- Lack of cyber security awareness and training among employees.
- Using standard IT products with known vulnerabilities.
- Limited cyber security awareness culture among vendors, suppliers and contractors.
- Insufficient segregation of data networks.
- The use of mobile devices and storage units.
- Insufficient physical security of data rooms and cabinets.
For some time, operators of MODUs have considered that due to the isolated operating environment and restricted access they had some level of protection which has resulted in a level of complacency. However, with the increasing sophistication of the threat and delivery methods of infection, these units now face a very real threat of a catastrophic impact to operations and reputation.
A significant current threat is posed by Ransomware which is defined as “Malicious software that threatens data by perpetually denying access”. Once a system is infected, this malware can propagate across networks. Backups and Images taken may no longer be effective because the good data is overwritten.
Ransomware is hugely profitable for the hackers; in 2015/2016, Ransomware had netted the attackers over $250,000,000. The incentive is there for the attackers to become more sophisticated, continuing to attack businesses of all kinds.
ADC has noted hazards such as Ransomware becoming a significant threat to management and IT infrastructures as well as distributed control systems. Poor network design, incorrect network implementation, low user security awareness and lack of monitoring and preventative systems all contribute to the problem.
FOR MORE INFORMATION ON HOW OUR CYBER SECURITY SERVICES CAN SAFEGUARD YOUR BUSINESS CONTACT US HERE