New Coast Guard Cyber Command report shows threats are rising

Written by Nick Blenkey

Image: Shutterstock

U.S. Coast Guard Cyber Command (CGCYBER) has released its second annual Cyber Trends and Insights in the Marine Environment (CTIME) report.

Since December 2020, CGCYBER has rapidly developed resources, capabilities, and partnerships to protect the ME from increasing cyber threats. The observations and findings in this report provide Coast Guard units and port partners with relevant information to identify and address cyber risks. Coast Guard Cyber Protection Teams (CPTs) and the Maritime Cyber Readiness Branch (MCRB) identified these findings through technical engagements conducted with marine environment partners throughout 2023.

“As U.S. Coast Guard missions expand into the cyberspace domain and across the global maritime commons, CGCYBER remains strategically postured to protect maritime critical infrastructure from advanced cyber threat actors,” says, Rear Admiral Jay Vann. Commander, Coast Guard Cyber Command

Key Takeaways from the report:

Many of the same findings/recommendations discussed in the CTIME 2021 and 2022 reports were observed again in 2023.
Emerging technologies create new attack paths into the maritime environment
Ransomware attacks and Advanced Persistent Threats (APTs) continue to target the ME.
Timely information sharing is the most effective way to increase defenses against adversaries.

Volt Typhoon, a state-sponsored actor associated with the People’s Republic of China (PRC), is believed to have targeted networks across U.S. critical infrastructure sectors, including within the maritime environment.

Ransomware incidents continue to surge in 2023. Reports of ransomware incidents increased 80% from 2022 to 2023 and the average requested ransom more than tripled. Types of organizations targeted include:

Maritime shipping companies;
Liquid natural gas processors/distributors and petrochemical companies; and
Maritime logistics and technology service providers.

Network-connected Operational Technology (OT) introduces attack vectors to the ME. Across the maritime environment, organizations continue to expand the use of internet connected OT systems. In 2023, CPTs (Cyber Protection Teams) found that OT network segments often contained an organization’s most critical and most vulnerable systems. In most cases, CPTs observed OT systems running End-of-Life software with known exploitable vulnerabilities (KEV). Additionally, OT systems often utilized vulnerable network protocols allowing for further exploitation and privilege escalation. These risks are further exacerbated when OT networks lack sufficient access controls, allowing adversaries to jump from the information technology (IT) networks to the OT networks. This could allow adversaries to deliver effects in the physical domain

Much, much more in the full U.S. Coast Guard Cyber Command report, including a look at expected trends in 2024 that could expose new vulnerabilities as artificial intelligence (AI) comes into increasing use and ports get smarter.

Download it HERE

Categories: News, Safety and Security Tags: CGCYBER, Coast Guard Cyber Command, Connecticut Maritime Association CMA Angeliki Frangou Navios, CTIME, Cyber Trends and Insights in the Marine Environment, Jay Vann, Operational Technology, OT, ransomware, Volt Typhoon

RELATED ARTICLES

Innovative wing sail retrofit wins chemical tanker a Green Award

Dive boat fire captain sentenced to four year prison term

DNV: Steady increase in new orders for alternative fuel vessels

Trafigura commits to ammonia fueling with newbuild order for four gas carriers

VIDEO: Cunard’s new Queen Anne arrives in Southampton