Nettitude Blog

Nettitude

Recent Posts

Is Email Putting Marine and Offshore Organisations at Risk?

Posted by Nettitude on Sep 20, 2019 3:30:26 PM

By Joel Snape, Senior Threat Researcher at Nettitude

Sometimes it feels like everything runs on email. We all know we get far too many each day, and crucial information is constantly being sent back and forth between individuals and companies. It has become so common that often we don’t stop to question whether it is the most effective way of carrying out a task, and whether it is exposing us to harm. One area in which email seemingly cannot be escaped is in communication with port authorities; this could be anything from arrival notifications to requests for bunkering, ballast discharge or diving. Although online reporting systems such as the CERS portal do exist, in many cases vessels still have to fill in a Word form or Excel spreadsheet and email it to the relevant authority. They may also then have to respond to follow up questions, or get more paperwork to fill out.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Tackling Cyber Threats in the Cruise Industry

Posted by Nettitude on Sep 17, 2019 4:19:59 PM

By Tom MacDonald, Managing Principal Security Consultant at Nettitude

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

ISO27701 & ISO27001: What's the Difference? And what does this mean for your Organisation?

Posted by Nettitude on Sep 5, 2019 5:57:29 PM

ISO27701:2019, a new international standard concerned with the management of personal data, has been published. ISO27701 is a Privacy Information Management System (PIMS), and provides an extension to the better known ISO27001:2013 Information Security Management System (ISMS).

In this blog, we’ll take a brief look at the new standard, how it differs from ISO27001:2013, and how it can benefit your organisation.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Leaving the Armed Forces? Our Guide to going from Soldier to Cyber, Part 3

Posted by Nettitude on Sep 4, 2019 2:51:53 PM

By David Lenehan, Security Consultant at Nettitude

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Leaving the Armed Forces? Our Guide to going from Soldier to Cyber, Part 2

Posted by Nettitude on Sep 2, 2019 4:27:01 PM

By Phil Buck, Senior Threat Intelligence Analyst

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Securing Remote Access Solutions for the Marine and Offshore Industries

Posted by Nettitude on Aug 30, 2019 6:36:48 PM

By Graham Sutherland, Senior Vulnerability Researcher

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Leaving the Armed Forces? Our Guide to going from Soldier to Cyber, Part 1

Posted by Nettitude on Aug 28, 2019 2:52:06 PM

By Tom MacDonald, Managing Principal Security Consultant

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Zero day impacts: How marine and offshore organisations should prepare for unknown vulnerabilities

Posted by Nettitude on Aug 15, 2019 1:51:53 PM

What is a zero day attack exploit?

Imagine setting sail with your bow doors still open. Or operating with an engine that leaked 50% of its fuel intake. Or if we let the bridge continue to operate with all the windows smashed.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Is Third Party Expertise in Security Risk Management Necessary?

Posted by Nettitude on Aug 14, 2019 7:05:43 PM

According to one survey, 95% of organizations outsource part or all of their Security Operations Center[i], and that includes incident management. Is leveraging third party expertise the most effective way to obtain security incident management services?

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

Cyber Attacks Reported by US Coast Guard

Posted by Nettitude on Aug 8, 2019 10:36:06 AM

Cyber Attacks Reported by US Coast Guard: Are Maritime Cyber Security Risks Unknown or Ignored?

The US Coast Guard issued a marine safety alert on July 8th 2019 following an "interagency response" to a cyber incident affecting a vessel bound for the Port of New York and New Jersey. This followed a more general briefing issued in May 2019 which warned of cyber adversaries attempting to gain sensitive information via phishing and malware intrusion attempts.

The investigation by the US Coast Guard and other agencies found that although the vessel's essential controls systems had not been impacted, the onboard computer system had been 'significantly degraded' by a malware infection. This had led the vessel to report the incident, and had exposed critical systems to additional risk. The alert highlights that although separate computers were used by the crew, the same network was used for official business, and it is assessed as likely therefore that an infection had been able to spread within the environment.

What is particularly noteworthy about this latest report is that the risk was 'well-known among the crew', and despite this, the same shipboard network was used to manage operations on the ship – to update electronic charts, manage cargo data and communicate with shore-side facilities, pilots, agents, and the Coast Guard. Is this because the crew were ignoring the risk, or were unaware of how likely it was that the issues could be exploited? More widely, is there adequate information available to organisations to make intelligence-backed risk decisions? The publication of this briefing, and the previous one in May, are to be welcomed as they bring greater attention to the likelihood of vessels being targeted in this way. Ideally, future reports will also include key technical indicators such as the type of malware, how the infection happened and what the intent was.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation

About Nettitude

Nettitude is the trusted cyber security provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

Our experts use an award winning Threat Intelligence led approach that incorporates real-time data, ensuring that your company is protected at every stage of its journey.

Receive an update when we post!

Recent Posts