Friday 4 October 14:00 - 14:30, Red room
Jean-Michel Doan (SEKOIA)
Thanks to increasing signals sent in the past few years alerting to the sensitivity of the commercial maritime industry to cyber risks, and also because of some unfortunate experiences, the maritime industry has begun to develop stronger cybersecurity strategies. There is, however, a lack of intelligence dissemination relative to maritime-dedicated cyber threats as compared to other sectors - a situation which may not help improve security. We've therefore endeavoured to establish a prevalence level for threats that target this sector specifically. To do this, we've queried malware databases for maritime-specific delivery strategies and analysed the resulting data. The results show a drastic 15-fold increase of maritime-specific maliciousness between 2017 and 2018 followed by a plateau. Perhaps unsurprisingly, most of the threats observed represent malware-carrying BEC-style attacks. Does this increase represent a specific focus of BEC crime on the maritime industry or does it follow a general trend in BEC attacks? To answer this question, we intend to further categorize the threats based on malware families and observed TTPs and we will compare the trends in this sector with other sectors impacted by similar threats.
Jean-Michel Doan has been analysing cyber threats for the past ten years for French computer security providers. JM has a Ph.D. in Biology and no 'hard' computer background, so he feels lucky and thankful to have worked alongside great colleagues who have helped him on the technical side. He currently works at SEKOIA.
Miriam Cihodariu (Heimdal Security)
Andrei Bogdan Brad (Code4Romania)
Speaker TBA (TBA)
Martijn Grooten (Virus Bulletin)