You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Cybercrime Takes The High Seas

If you run a tugboat business, you might think cybersecurity isn't a huge concern. Well, maybe it wasn't. It certainly is now!

Ever thought your business isn't a cyber target?

In this line of work, we have the pleasure of speaking with a lot of businesses about their concerns and risks. From law firms and accounting firms to banks and hedge funds to manufacturing and non-profits. Cybercrime runs the gamut. Still, we never thought we'd be looking at protecting tugboat operators!

Towage vessels and their crews are increasingly connected to online services during operations, increasing their vulnerability to cyber threats, malware, viruses and hackers.

And for those of you who don't think your business is a target, they're targeting tugboats! I mean, "towage vessels." We know they've been hitting schools, non-profits, more schools and even cruise lines! But really, targeting tugboats??

This Phishing email spoofed the vessel operator as the sender and was sent to the tug with an Office 365 eVoiceMail Express-themed attachment.

So no, this wasn't some drive-by mistake by the hackers. They even spoofed the company in their Phishing emails!

How does this make sense? What do cybercriminals want with a tugboat company?

Every business has something of value to hackers. Your business has something of financial value, otherwise you wouldn't be doing it! Unless Mother Theresa is reading this, the rest of us do work for pay. And so do hackers. They just want YOUR pay.

So, back to the towage vessels.

All the hackers have to do to get paid is inflict just enough pain, like slowing or halting operations, with Ransomware. Those assets in tug are valuable! They need to be delivered on time and to the right place.

If they also happen to steal sensitive data in the process (like R&D or client information), they'll demand payment for destroying that data. As with any business, a tugger likely has trade secrets and sensitive information stored digitally.

Regardless of target industry, hackers continue finding novel ways to land their attacks.

The good news is that these hacks can be stopped!

The first step is training your team to avoid the initial Phishing email, the one that the tugboat employee received.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) sales team here!

Original article here.

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.