In the first half of 2024, Marlink’s Threat Intelligence team at the Security Operations Centre has detected various malicious activities targeting the maritime industry. These include phishing attacks, where fraudulent emails or messages are used to deceive individuals into disclosing sensitive information like passwords and financial details. Phishing trends observed include the use of HTM/HTML documents with embedded links and QR codes to credential harvesting login pages, as well as typosquatting and Business Email Compromise (BEC) senders.
Additionally, the team noted the use of commodity malware in targeting the sector. This type of malware, readily available and commonly used by cybercriminals, is often employed in large-scale automated attacks. Distributed Denial of Service (DDoS) attacks were also identified as a malicious activity, where multiple systems inundate a target server or network with excessive traffic, rendering it inaccessible to users, particularly impacting port infrastructure and maritime transportation companies. Typosquat domains and DMARC were also utilized to mimic legitimate websites with slight misspellings, aiming to deceive users into visiting them to steal information or distribute malware.
Furthermore, cybercriminals employed password spraying, a form of brute-force attack where a few commonly used passwords are tried across multiple accounts to avoid detection and gain unauthorized access. VPN gateway user accounts were a common target, with attackers attempting to exploit common passwords.
Share it now
More Stories
Fisherman Missing After Collision at Mongla Port
Singapore Methanol Collaborates to Promote Sustainable Marine Fuel Solutions
India’s Autonomous Vessel Completes Historic 1,500-Km Journey Enhancing Maritime Security