Could A Botched Ransomware Attack Have Caused The Massive Mauritius Oil Spill?



image courtest Pen Test PartnersI found a super interesting and at the same time scary article at Forbes by Nishan Degnarain about the cyber vulnerabilities of these massive oil tankers and container ships. It's enlightening how these vessels are put together network-wise and how pentesters have found multiple ways to get into these systems. 

Nishan started with: "Cyber attacks against global shipping firms have spiked 400% since  COVID-19 has hit. And this was before the two high-profile ransomware victims in the last month alone – the world’s fourth largest shipping company, French giant CMA-CGM, and the UN’s own global shipping regulator, the IMO.

Now questions are being asked whether Mitsui OSK Lines (MOL)-chartered Wakashio, could have been a dry run for cyber hackers this summer that led to its grounding and subsequent oil spill in Mauritius.

It turns out that one of the ship’s system that investigators have already revealed an anomaly with, the ship’s navigation system (called ECDIS, or Electronic Chart Display and Information System), had already been flagged by cyber security experts as one of the most vulnerable systems on large, ocean-bound ships like the Wakashio. "

Check out these ships possible cyber vulnerabilities, revealed by cybersecurity company Pen Test partners:

image courtest Pen Test Partners

The ECDIS system, which the ship relies on for its navigation, could have been exposed it to digital criminals, as five leading cyber security experts explain in interviews for this article.  This could also explain some of the discrepancies in the accounts from various authorities so far.

The reason cyber-criminal activities should be included as part of the investigation into the Wakashio incident is because when one looks at the layers of safety that MOL has in place for its fleets (including the vessels  it charters), several major, multi-million dollar layers of ship safety protection would have had to fail to explain how the Wakashio ended up on Mauritius’ reefs in July this year. 

This is a fascinating article with many open questions regarding responsibilities, unexplained mysteries like who would be motivated to perform such an act, and cyber security lessons to be learned. Warmly recommended for a lunch break! 

https://www.forbes.com/sites/nishandegnarain/2020/10/26/could-mol-chartered-mauritius-oil-spill-ship-wakashio-have-been-hacked/#39db8597fbbc

Happy reading!


Ransomware Has Gone Nuclear, How Can You Avoid Becoming The Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

GoneNuclear-WEBINARJoin us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

  • Why data backups (even offline backups) won’t save you
  • Evolved threats from data-theft, credential leaks, and corporate impersonation
  • Why ransomware isn’t your real problem
  • How your end users can become your best, last line of defense

Watch Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/nuclear-ransomware

Subscribe To Our Blog


Ransomware Hostage Rescue Manual




Get the latest about social engineering

Subscribe to CyberheistNews