COP_2023_V7_pages
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
n 60% of fraud goes through mobile devices, 80% of which are generated from mobile apps<br />
n $1,077 is the average cash amount attackers demand<br />
n 81% of the US population has a social media account<br />
n Chinese Cyberattacks accounted for over 20% of Cyberattacks in 2017<br />
n $80 billion held in cryptocurrency is laundered annually<br />
5.6.2 According to reports (Cybriant – Appendix 1) as much as 0.8% of global GDP is lost to Cybercrime. In 2017<br />
Cybercriminals extorted around $1.5 trillion globally with $5 million attributed to ransomware. It is estimated that<br />
over the next 5 years private companies could lose more than $5 trillion dollars to Cybercrime. 53% of<br />
Cyberattacks result in average losses of over $500,000.<br />
5.6.3 On the 30th September 2020, the United Nations International Maritime Organisation (IMO) suffered a Cyberattack<br />
which disrupted many of its systems.<br />
5.6.4 On the same day the French maritime transport and logistics giant CMA CGM S.A. revealed it was also the victim<br />
of a malware attack, on 28th September 2020, that affected some servers on its network. This follows similar<br />
attacks on Maersk (2017), COSCO (2018) and MSC (April 2020) raising fears that the maritime industry, which<br />
accounts for the transportation of 90% of global trade, is regarded as a highly valued target for Cybercriminals.<br />
5.6.5 Cyber-crime is an unfortunate fact that we must live with. It is a very lucrative market estimated to be worth trillions<br />
every year. Innovative cyber security software and systems are constantly being developed but Cybercriminals<br />
then develop more divisive methods to circumvent the security systems and so the process continues. Cyber<br />
threats, similar to health and safety hazards, are always present and the best form of defence against them is to<br />
maintain a robust cyber security policy, which remains up to date, aware and informed of the latest threats and<br />
take the appropriate action to defend against them.<br />
5.6.6 As we progress to more automated and networked systems, such as MASS vessels, more extreme forms of<br />
Cybercrime could include:<br />
n Hijacking of vessels and cargoes for personal use/financial gain<br />
n Holding vessels and cargoes for ransom<br />
n Environmental terrorism, (threatening to release chemical cargoes or running vessel aground)<br />
n Terrorism (taking control of vessels to damage other vessels, assets or reputations.<br />
5.7 CYBERCRIMINALS<br />
5.7.1 A Cybercriminal is anyone who attempts to access a computer system or network without the appropriate authority<br />
or permission with the intention of committing a Cybercrime to:<br />
n Perform reconnaissance of Networks, Computers, ICT systems, IoT and OT Devices etc;<br />
n Discover potential software and hardware vulnerabilities;<br />
n Exploit identified vulnerabilities;<br />
n Propagate malicious code and infect ICT systems (Install viruses, trojans, worms and malware etc);<br />
n Gain administrator privileges and create user accounts;<br />
n Modify, delete, steal, encrypt/decrypt passwords, confidential files, configurations<br />
n Steal money, crypto currency, and Personally Identifiable Information (PII) such as credit card details, ID<br />
number, healthcare information etc;<br />
n Ransom and Blackmail for money;<br />
n Steal confidential data for sale on the Dark web;<br />
n Render servers and critical devices inoperative;<br />
n Jeopardise the confidentiality, integrity and accessibility of data; and<br />
MASS UK Industry Conduct Principles and Code of Practice Version 7 39