- Improsec has looked into outwards facing indicators in 2014 and 2017 and found that the container shipping industry appeared to be quite vulnerable.
- There was only limited improvements in the security details between 2017 and 2020.
- 25% of carriers have be reportedly using a less secure web.
- 50% have basic email security controls.
Cyber attacks orchestrated by criminals have a tendency to be opportunistic in nature. They target companies which appear to have access to sufficient funds to pay a ransom and companies that have a low level of cyber security, says a report published in Improsec.
Introducing Improsec
Improsec is a cyber security company specialized in pragmatic IT security. Advising in both prioritization and implementation, as well as technical.
Improsec has looked into some of the most simple outwards facing indicators in 2014 and 2017. In both occasions, it was found that the container shipping industry appeared to be quite vulnerable. They have investigated the same indicators in 2020, and unfortunately found that the industry has only shown limited improvement over this 3-year period.
While assessing the strength of your cyber security the principle is the same, observe very simple elements of security exposed visibly by companies and use this as an initial assessment of whether it appears to be an easy target.
Unfortunately, if we look at the container shipping sector,
this is a sector which continues to appear as an easy target.
Factors that Cyber criminal target
Cyber criminals, like burglars in the physical world look for blind spots to enter. A few simple experiments can illustrate how mature an organization’s approach to cyber security is.
However, an analysis shows a critical current-state, and highlights improvements in how to strengthen cyber security. It is important to note, that seeing weak security elements from the outside is not solid proof that security behind the scenes is also weak. However, it is an indication that if the visible outward facing security is not good, then there is a higher likelihood that the internal security is also flawed. Companies that appear to have weak security are more likely to be attacked.
Is the company’s cyber security up to the mark?
In essence it is not possible to tell unless a genuine attempt is made to compromise the systems. However, you can do quite simple reconnaissance prior to choosing a target to increase your chance of selecting a weakened target. This can be related to ordinary burglary – you take a quick look at a variety of targets and select the location, which appears to have a low level of security and with no-one appearing to be home. At times you may be surprised to then find a solid safe and bolted steel-door despite the initial look from the distance, but the odds are that if the target looks weak from the outside, then your chances of success also increases.
Developments and issues regarding security in the recent years
Weakness in Password strengths
- 2014 – Improsec examined, which level of password security a carrier required from their customers when registering for their online e-commerce tools. It was found that 46% enforced a password policy requiring a password with a minimum length of 8 characters and with a mix of letters, numbers and characters.
- 2017 – It was now changed to 44%, enforcing such stronger password security. The recent examination in 2020 shows the level to have increased to 64%. But this still means that 36% of the carriers examined are perfectly OK with passwords of a length shorter than 8. There is even a case of a carrier willing to accept the single letter “x” as a password – and this as of October 2020.
Securing the web
Another outward facing element is, whether a carrier is using https for their customer facing web tools, or whether they only use http. In this case, 25% of the carriers examined use the less secure http – despite https being one of the elements you use to prevent man-in-middle attacks – an attack type also seen used in the maritime sector.
“Only 50% use basic email security controls”
Mail security
The third and final outward facing element Improsec has looked into, is whether the carriers use DMARC for security in their emails. The purpose of using DMARC is to prevent an attacker from being able to appear as a legitimate sender from the carrier itself. 50% of the carriers examined do not have DMARC enabled at all. 36% of the carriers do have DMARC enabled, but in a state where they actually do not prevent a third party from sending out fraudulent emails in their name. Only 14% have DMARC enabled in a way where fraudulent emails sent in their name are effectively blocked.
Conclusion
Container carriers exhibiting specific weaknesses is not proof that their internal cyber defenses are weak. It is, however, an indicator to potential attackers that this is an industry where cyber security might be compromised, because when the “simple” elements appear not to be in order, then there is an increased likelihood that the more important back-end defenses are also not in order. And this leads potential attackers to assume that this might be an industry which is an target, as the potential success rate of an attack would be higher.
Did you subscribe to our daily newsletter?
It’s Free! Click here to Subscribe!
Source: Improsec
