US Port State Control Authorities Impersonated in Phishing Attempts
The United States Coast Guard (USCG) have issued Marine Safety Information Bulletin 04-19 warning of attempts to gain sensitive information by using emails posing as official Port State Control authorities.
What attempts have been made?
The bulletin states that cyber adversaries have been attempting to gain sensitive information including the content of an official Notice of Arrival (NOA) using email address that pose as an official Port State Control (PSC) authority such as: port @ pscgov.org.
The USCG have also received reports of malicious software designed to disrupt shipboard computer systems.
Preventing security breeches
The USCG urges maritime stakeholders to verify the validity of the email sender prior to responding to unsolicited email address. Vessel owners and operators are also urged to continue to evaluate their cyber defence measures to reduce the effect of a cyber-attack. The USCG also reminds Masters of their duty to report suspicious activity to the Coast Guard National Response Centre (NRC) in accordance with Title 33 Code of Federal Regulations (CFR) §101.305.
The full Marine Safety Information Bulletin 04-19 can be found here.