Job Search
 
 
  CV Search
 
 
  News
Shipbrokers Expect Increased Interest for Product Tanker Newbuildings
  
2019 Prospects are Rosy for the Handy Supramax Bulker Segment
  
Dry Bulk Market Long Haul Cargoes of Iron Ore Could Dwindle
  
Carnival Cruise ship has technical issue causing ship to tilt to one side It was pure chaos Screams Cries Panic
  
The 2020 Global Sulphur cap
  
 
 

Maritime News

DNV GL The seven phases of a cyber attack

Changes in the cyber security industry

A recent set of attacks against critical infrastructure entities, such as oil and gas pipeline operators, utilities and even some city and state governments reveal new motives and methods. The attackers were not out to steel data but were looking to disrupt services. The attackers used a new attack vector that has not been seen before. Instead of attacking their primary targets directly, they attacked less secure vendors that those targets use. We will be looking at how they did this and then how it can be prevented.

Step one – Reconnaissance

Before launching an attack, hackers first identify a vulnerable target and explore the best ways to exploit it. The initial target can be anyone in an organization. The attackers simply need a single point of entrance to get started. Targeted phishing emails are common in this step, as an effective method of distributing malware.

The whole point of this phase is getting to know the target.

The questions that hackers are answering at this stage are:

1.Who are the important people in the company? This can be answered by looking at the company web site or LinkedIn.

2.Who do they do business with? For this they may be able to use social engineering, by make a few “sales calls” to the company. The other way is good old-fashioned dumpster diving.

3.What public data is available about the company? Hackers collect IP address information and run scans to determine what hardware and software they are using. They check the ICAAN web registry database.

The more time hackers spend gaining information about the people and systems at the company, the more successful the hacking attempt will be.

Step two – Weaponization

In this phase, the hacker uses the information that they gathered in the previous phase to create the things they will need to get into the network. This could be creating believable Spear Phishing e-mails. These would look like e-mails that they could potentially receive from a known vendor or other business contact. The next is creating Watering Holes, or fake web pages. These web pages will look identical to a vendor’s web page or even a bank’s web page. But the sole purpose is to capture your user name and password, or to offer you a free download of a document or something else of interest. The final thing the attacker will do in this stage is to collect the tools that they plan to use once they gain access to the network so that they can successfully exploit any vulnerabilities that they find.

Step three – Delivery

Now the attack starts. Phishing e-mails are sent, Watering Hole web pages are posted to the Internet and the attacker waits for all the data they need to start rolling in. If the Phishing e-mail contains a weaponized attachment, then the attacker waits for someone to open the attachment and for the malware to call home.

Step four – Exploitation

Now the ‘fun’ begins for the hacker. As user names and passwords arrive, the hacker tries them against web-based e-mail systems or VPN connections to the company network. If malware-laced attachments were sent, then the attacker remotely accesses the infected computers. The attacker explores the network and gains a better idea of the traffic flow on the network, what systems are connected to the network and how they can be exploited.

Step five – Installation

In this phase the attacker makes sure that they continue to have access to the network. They will install a persistent backdoor, create Admin accounts on the network, disable firewall rules and perhaps even activate remote desktop access on servers and other systems on the network. The intent at this point is to make sure that the attacker can stay in the system as long as they need to.

Step six – Command and control

Now they have access to the network, administrator accounts, all the needed tools are in place. They now have unfettered access to the entire network. They can look at anything, impersonate any user on the network, and even send e-mails from the CEO to all employees. At this point they are in control. They can lock you out of your entire network if they want to.

Step seven – Action on objective

Now that they have total control, they can achieve their objectives. This could be stealing information on employees, customers, product designs, etc. or they can start messing with the operations of the company. Remember, not all hackers are after monetizable data, some are out to just mess things up. If you take online orders, they could shut down your order-taking system or delete orders from the system. They could even create orders and have them shipped to your customers. If you have an Industrial Control System and they gain access to it, they could shut down equipment, enter new set points, and disable alarms. Not all hackers want to steal your money, sell your information or post your incriminating e-mails on WikiLeaks, some hackers just want to cause you pain.

Prepare for the attack

So, what now? What can you do to protect your network, your company, even your reputation? You need to prepare for the attack. Let’s face it, sooner or later the hackers WILL come for you. Don’t let yourself think that you don’t have anything that they want. Trust me, you do.

Source: DNV GL (Craig Reeds, CISSP, Cyber Security Senior Consultant, DNV GL – Digital Solutions)

Published On May 14th , 2018 @ www.seajobhunt.com !!!

 Featured Company
Nautai Marine Services and Trading Pvt Ltd,India EXECUTIVE SHIP MANAGEMENT,India LEEDAR SHIPPING MANAGEMENT PVT. LTD.,India
Marinova Ship Management,India RAMANANDI MARINE AND SHIPPING SERVICES (OPC) PVT.LTD,India Darya Shipping Pvt. Ltd.,India
AYZ Maritime Navigation Pvt Ltd,India Indiana Maritime Pvt. Ltd,India SIDDHI OCEAN SERVICES PVT. LTD.,India
Olympia Ship Management Pvt.Ltd,India SHAMS SHIP MANAGEMENT PVT.LTD,India INTEGRITY SHIPPING PVT LTD.,India
Blue Bird Shipping Management Pvt. Ltd.,India Sea Rise Marine Services Pvt. Ltd.,India AN-Line Shipping Pvt. Ltd.,India
Global Tankers Pvt. Ltd.,India Galaxy Mariners & Shipping Company,India Shipteck Marine Solutions Pvt. Ltd.,India
Seaways Offshore Marine India Pvt.  Ltd.,India Rudraksh Marine Services Pvt. Ltd.,India Fleet Line Navigation Marine Management Pvt. Ltd.,India
Blackhull Maritime Services Private Limited,India CASABLANCA SHIPPING PVT LTD ,India TANKER SHIP MANAGEMENT & OFFSHORE PVT. LTD.,India
NAVYLINE SHIP MANAGMENT PVT LTD,India Marine World ,India Nessa Ship Management,India
MV SHIPPING MANEGEMENT SERVICES PVT LTD,India HOLY ANGEL MARINE SERVICES PVT LTD,India Oceanwharf Shipping Services Pvt. Ltd.,India
Cromwell Ship Mangement Pvt Ltd,India BAMS MARINE SERVICES PVT LTD,India Accord Marine Management Pvt Ltd,India
Sea Wealth Marine Solutions,India Westline Ship Management Pvt Ltd,India Yak Marine Pvt Ltd. ,India
Jude Enterprises & Marine Services Pvt. Ltd.,India Mehdi Bros Ship Services Pvt. Ltd.,India RAS SHIP MANAGEMENT Pvt.Ltd ,India
K.R. Marine Services Pvt. Ltd.,India S S OFFSHORE PVT LTD,India AL-HUZAIR MARINE SERVICES PVT.LTD,India
West Zone Marine Pvt Ltd,India Admiral Marine Services Pvt. Ltd.,India Udya Shipping Services Pvt. Ltd. ,India
Nimbus Maritime Services Private Limited,India S K ENGINEERING SHIPPING I PVT LTD,India Vrinda Global Pvt. Ltd.,India
AUBURN SHIPMANAGEMENT DMCC,India Trycon Marine Services Private Limited,India ASIA MARITIME SERVICES PVT.LTD.,India
ASP Ship Management (India) Pvt Ltd,India Aark Shipping And Manning Pvt. Ltd.,India Euro Crewing Service LLC,India
Ocean Offshore Marine India,India AMAZE MARITIME SERVICES PVT. LTD. ,India BD Shipping,India
Global Jobs Pool. ,India CORPORATE MARITIME SER PVT LTD,India Arctic Offshore & Manning Company Pvt. Ltd.,India
Vigil Marine Services Private Limited,India NAAVEX MARINE SERVICES,India World Ships Management Pvt Ltd,India
Sea Wealth Maine Solutions,India TEJAS MARITIME PVT. LTD. ( MAC SHIP DESIGN AND CONSTRUCTION PRIVATE LIMITED ),India DP SHIP MANAGEMENT PVT. LTD,India
DS MARINE,India Trinitas Ship Management Private Limited,India OLIVE CREW MANAGEMENT,India
Nams Ship Management Pvt.Ltd,India IMS SHIP MANAGEMENT Pvt Ltd,India vencen marine solution,India
SS Maritime Services,India Seastrom Marine Pvt. Ltd.,India Malawat Ship Management Pvt.Ltd.,India
Mariners Community Ship Management Private Limited,India Primanav ship management pvt. ltd,India Oceanic Star Shipping Pvt. Ltd. ,India
SEASON SHIP MANAGEMENT & MARITIME SERVICES,India Tapti Waterways Private Limited,India Naz Maritime Services Pvt.Ltd.,India
Swar India Shipping Services Pvt. Ltd,India Quadrant Maritime Pvt Ltd,India Tangar Ship Management Pvt Ltd,India
SHOROX SHIPPING OPC PVT LTD,India Oath Marine Services Pvt Ltd,India MARVIN INTERNATIONAL SHIP MANAGEMENT,India
Rassiya Shipping Services Pvt Ltd,India AUBURN SHIPMANAGEMENT DMCC,India Macaroni Ship Management Private Limited ,India
Mr.Sushant,India Summai Shipping Pvt.Ltd.,India MMS Maritime (India) Pvt.Ltd,India
AMSWAY SHIP MANAGEMENT PRIVATE LIMITED,India AG. MARITIME PRIVATE LIMITED,India Pelorus shipping pvt.ltd,India
SVS MARINE SERVICES PRIVATE LIMITED,India Seashell Marine Service Pvt. Ltd,India East India Shipping Agency,India
Campbell Shipping Pvt. Ltd.,India Phelix Shipping Ventures Pvt. Ltd,India I-Marine Infratech (India) Pvt. Ltd,India
SHODEN MARITIME & SHIPPING VENTURES PVT LTD,India Coastal Shipping Links(India) Pvt.Ltd,India DMC SHIP MANAGMENT PVT LTD ,India
Unimar Marine Services Pvt. Ltd.,India Three Bees Shipping Pvt. Ltd,India Ocean Glaxy Marine Pvt. Ltd.,India
VR MARITIME SERVICES PVT LTD,India Seaprime Marine Mgmt Pvt.Ltd,India sarwamangla Marine Pvt Ltd,India
Twilight Shipping,India Indocean Maritime Services Pvt Ltd,India Valaf DMCC,India
 ABB Ship Management Pvt. Ltd,India Neptune Ship Management ,India Nimbusmaritime Service,India
MMS Americas LLC,India Amag Ships Pvt. Ltd.,India gwl maritime services india pvt ltd ,India
Blue Whale Maritime,India PRATISHTHA MARINE SERVICES,India INTER OCEANIC MARINE SERVICES PVT LTD,India
Royal Shipping Services,India Join Hands Marine Services Private Limited,India RAMAN MARITIME ACADEMY PVT. LTD.,India
DEMENTUS SHIP MANAGEMENT INDIA PVT LTD,India Meridian Marine Management Private Limited,India EKLAVYA SHIP & CREW MANAGEMENT,India
Penta Crystal Ship Management,India Oceanic Shipping Services Private Limited,India Synergy Maritime Recruitment Services Pvt Ltd,India
MAERSK ,India Oceans Pride Marine Services Pvt. Ltd.,India SeaJobhunt,India
APAC Marine Services Pvt. Ltd,India Angel Maritime (India) Services ,India Albatross  Marine Services  ,India
AET Shipmanagement (India) Pvt. Ltd,India Helm Shipping Management Private Limited,India SHRI MAHAVIR MARINE SERVICES PVT LTD,India
Ind-Aust Maritime Pvt. Ltd,India Bridgeview Maritime Pvt.Ltd,India Calm Seas Shipping and Maritime Services Pvt.ltd,India
Ad Ship Management pvt. Ltd,India Tristarr Maritime And Shipping Private Limited,India

Copyrights © 2012 seajobhunt.com
Terms and Conditions  -   Sitemap  -   Private Policy  -   FAQ  -   Contact Us
Site By : Pheunix