Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ships Infected With Ransomware, USB Malware, Worms (zdnet.com)

Posted by BeauHD on from the happens-more-often-than-you-think dept.

An anonymous reader writes: IT systems on boats aren't as air-gapped as people think and are falling victims to all sorts of cyber-security incidents, such as ransomware, worms, viruses, and other malware -- usually carried on board via USB sticks. These cyber-security incidents have been kept secret until now, and have only been recently revealed as past examples of what could go wrong, in a new "cyber-security guideline" released by 21 international shipping associations and industry groups. One of the many incidents: "A new-build dry bulk ship was delayed from sailing for several days because its ECDIS was infected by a virus. The ship was designed for paperless navigation and was not carrying paper charts. The failure of the ECDIS appeared to be a technical disruption and was not recognized as a cyber issue by the ship's master and officers. A producer technician was required to visit the ship and, after spending a significant time in troubleshooting, discovered that both ECDIS networks were infected with a virus. The virus was quarantined and the ECDIS computers were restored. The source and means of infection in this case are unknown. The delay in sailing and costs in repairs totaled in the hundreds of thousands of dollars (U.S.)." The document also highlights an incident involving ransomware. "For example, a shipowner reported not one, but two ransomware infections, both occurring due to partners, and not necessarily because of the ship's crew," reports ZDNet. Another ransomware incident occurred because the ship failed to set up proper (RDP) passwords: A ransomware infection on the main application server of the ship caused complete disruption of the IT infrastructure. The ransomware encrypted every critical file on the server and as a result, sensitive data were lost, and applications needed for ship's administrative operations were unusable. The incident was reoccurring even after complete restoration of the application server. The root cause of the infection was poor password policy that allowed attackers to brute force remote management services successfully. The company's IT department deactivated the undocumented user and enforced a strong password policy on the ship's systems to remediate the incident.

10 of 132 comments (clear)

  1. Windows, right? by JustAnotherOldGuy · · Score: 4, Insightful

    Don't run ships on Windows, for obvious reasons.

    Also, not carrying ANY paper charts as a backup? Dumb, dumb, DUMB.

    --
    Just cruising through this digital world at 33 1/3 rpm...
    1. Re:Windows, right? by chromaexcursion · · Score: 2

      Running windows? Wrong, they don't, they have at least that much of a clue.
      No paper charts, that's a different story. WTF do they do after a lightning strike?

      oh, by the way, I own a boat, and have paper charts.

    2. Re: Windows, right? by Anonymous Coward · · Score: 2, Interesting

      I can confirm this. I've personally been on 3 large ships in the last couple years and I remember being shocked at the Windows XP screens.

    3. Re: Windows, right? by Zero__Kelvin · · Score: 2

      If you had the technical accumen you claim you would know that RDP is Microsoft Windows Remote Desktop Protocol. Most major corporations are still so technically inept that they still run Windows. What made you think these ships administrators would be smarter?

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    4. Re: Windows, right? by sosume · · Score: 2

      > Most major corporations are still so technically inept that they still run Windows

      Yes, so sad, as this is the year of Linux on the Desktop, ofcourse! A Linux desktop won't present any issues at all - large ships can be easily patched mid-sea with a new kernel should a security issue occur! And as everyone knows only Windows is hackable, Linux is completely hackerproof. the X desktop is very well suited for day to day work, users just love its window composition, choice of available software and design. Since these ships have 24/7 high speed internet they might as well run all software in a browser. Wow, you are so technically proficient, I'm sure you would be an excellent architect at a shipping company!!

    5. Re:Windows, right? by pgmrdlm · · Score: 2

      I was curious after your statement what operating system is actual on ships. And according to this site, IT IS WINDOWS.
      https://www.marinemec.com/news...
      Shipowners should update their onboard computer systems to the latest Windows operating system, if they are on Windows XP for instance, to avoid viral disruptions. They should also consider upgrading satellite communications with VSAT and a smart communications module, such as Speedcast's Sigma Gateway.

      Navios group IT director Katerina Raptaki explained that most of the computers on ships it operates are updated to the latest operating systems. âoeWe have spent a lot of money and human resources to update our onboard computers to the latest Windows as it expands the possibility of the resources,â she said at a seminar co-hosted by Riviera Maritime Media and Speedcast.

      However, not all systems on Navios' ships were updated as the cargo control systems remain on Windows XP operating systems because of the cost of getting shipyards to update the software, Ms Raptaki explained. She was involved in discussions at the Reality and Future of the Digital Ship seminar during Nor-Shipping near Oslo, Norway.

      I only looked this up out of curiosity.

      --
      Anonymous comments are as pathetic as the anonymous "sources" that contaminate gutless journalism from the New York Time
  2. LOL @ terminology by Dunbal · · Score: 2

    If you are allowing people to plug USB sticks into your computer you aren't as "air gapped" as you think you are. Sneaker-net is still a net. Air-gapped means no connection to the outside AT ALL.

    --
    Seven puppies were harmed during the making of this post.
  3. Worms? by fredrated · · Score: 2

    Once it was the wood-eating teredo worm that sank ships, now it's data-eating worms!

  4. What? No backup systems? by techno-vampire · · Score: 4, Insightful

    I was in the Navy back in the early '70s, when LORAN was still king. Our ship not only had paper charts for the Quartermaster's Mates to track our position by dead reckoning, we took regular star sightings with a sextant for Celestial Navigation. And, we still had two mechanical chronometers that were kept wound, even though the ship's navigator had an Omega watch that was more accurate. The USN doesn't take chances with things like this and I'd bet that today's ships still use dead reckoning, hand-wound chronometers and sextants even with today's highly accurate GPS, just to keep in practice in case of an emergency.

    --
    Good, inexpensive web hosting
  5. Re:Access-control by nnull · · Score: 2

    That means spending money. How dare you suggest that?!?