Maritime Cybersecurity in the South Baltic Sea

More documents

Recommendations

Info

remain the most important motivating factor for cybercriminal behaviour. Sums in the hundredsof millions have been paid out, and the allure of such paydays - in the mind of the would-beattacker - is the fast track to an early retirement. Beyond financial motivation, so-called “personas”are used to understand the diverse motivations of attackers, especially in crime investigations.Such personas reveal motivations which lead to theorizing for the development of intuitivespeculation to seek information that may lead to evidence and the eventual apprehension of thecriminal. The motivation of cyber criminality is not in focus in this report because such informationdoes not provide information into the vector, nor is it obvious in its utility for the prevention,mitigation, and remediation of the cyberattack.Patterns in cybercrime business models.What: Blackmail; Extortion; Ransom. Who: Sleeper agents; Turning Allegiances; Insider targeting.Why: Financial; Disgruntled; Ideological; Hatred. How: Gather intelligence; Disable operations; Weaponization.10
2.2. ORGANIZATION TRENDSMore surveillance by cybercriminalsWould-be attackers are increasingly “listening on the line.” Any attempt to communicate andtransmit information, can in principle, be intercepted. A prevalent heuristic in cybersecurity relatesto traffic: If it can be transmitted or communicated, it can be disrupted. Open-Source Intelligenceallows cybercriminals to do reconnaissance and identify information that can provide insight onhow to develop attacks.Increasing vulnerability brokeringCombining advanced skills sets and capabilities with external markets, the emergence ofvulnerability brokerage markets can be expected to increase. Vulnerability brokering seesinformation about cybersecurity weaknesses being sold to would-be attackers, or to the financiersor contractors that hire cybercriminals for mounting attacks. Such markets enable and facilitatecybercrime educing transaction costs for employing specialized services.Increasingly more fradulent mechanisms• Increasing sophistication of impersonification and so-called “deep fakes”• Ordering unauthentic "knock-off" parts• Non-order deliveries• Payment interception by faked intermediariesIncreasing options for attack vectors• Weaponization of operational technology• Weaponization of cargo• Weaponization of cargo transportCyber-attack automationThe increasing number of attack attempts is well documented. Global Internet providers loghundreds of thousands attack attempts per day. These attacks are not, of course, individuallyprogrammed and delivered. In such “shotgun-blast” attacks, programs are bundled in packagesthat are delivered which automate exploitation of known vulnerabilities. Furthermore, such astrategy works to exploit the behaviours of workers. Probabilistically speaking, as more “clickable”opportunities appear on the screens of workers, the higher the total count of clicks on those links,accidental or otherwise.Faster attack spreadsOnce access to a network has been established, defences are mobilized. One way to improve thesuccess of an attack is the “pivot,” or compromising one system and then move laterally acrossother systems until it is possible to elevate access privileges to a network. This provides multipleavenues and stochastic pathways to improve the run probabilities for success.11
Page 1 and 2: LoremipsumMaritimeCybersecurityin t
Page 3 and 4: 1. INTRODUCTIONThe maritime industr
Page 5 and 6: Until recently, vessels have operat
Page 7 and 8: 2. ATTACKER TRENDSACROSS INDUSTRIES
Page 9: Improved organization of cyber crim
Page 13 and 14: Software code that is developed ope
Page 15 and 16: 4. DIGITALIZATIONOF MARITIMEThe fut
Page 17 and 18: 5. SCENARIOS: MARITIMEIN 2035Scenar
Page 19 and 20: B) INDUSTRY FRAGMENTATION AND POLAR
Page 21 and 22: 21
Page 23 and 24: 23
Page 25 and 26: to establish their effective in a h
Page 27 and 28: Lorem ipsum dolor sit amet, consect

Maritime Cybersecurity in the South Baltic Sea

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?