Maritime Cybersecurity Policies, Amazon Phishing Alert, Red Sea Spoofing
Is time passing really quickly since 2020, or are the cyberattackers getting super swift with every move of theirs?
Every week, we bring you a fresh dose of cyber bulletin, comprising global cybersecurity news. Every edition encourages you to learn more about prevalent cyber threats and secure yourself from potential cyberattacks. This is the 4th week of July, and we are back again with another edition of cyber news.
This week, our focus will be on new cybersecurity protocols designed for maritime safety. Additionally, we will analyze the threats surrounding Amazon Prime members. Lastly, the sudden surge in the Red Sea GPS instance will also be highlighted.
Read on to know the details!
Coast Guard issues cybersecurity policies to ensure maritime safety
New cybersecurity rules have been introduced to bolster maritime safety. The new set of policies (Cybersecurity in Marine Transportation System) is applicable to Outer Continental Shelf (OCS) facilities, US-flagged vessels, and all facilities that come under Maritime Transportation Security Act of 2002 (MTSA).
Cybersecurity threats are emerging as a major concern for US ports. That’s precisely why the Coast Guard is introducing MTS to combat the dangers associated with “increased interconnectivity and digitization of the MTS.” The newly designed policies will address both existing and emerging cybersecurity threats. They will also help to identify and respond to threat attacks without wasting any time.
The following are some of the different rules added to the MTS to strengthen maritime security:
- Changing passwords before carrying out any operational technology systems
- Deploying a multifactor authentication system
- Using different user credentials on crucial OT and IT systems
- Revoking or removing user credentials when a team member or employee leaves the organization for good
Amazon warns Prime members against potential phishing attempts
If you are an Amazon Prime member, you can be the next target of phishing actors. A new phishing scam is doing the rounds, where cybercriminals are impersonating Amazon to gain access to the sensitive data of Prime members. This data can include your Social Security Number, bank details, or even login credentials.
Amazon has informed that last month, it took down around 55,000 phishing websites, as well as 12,000 fake phone numbers, using which the impersonation scam was being carried out. It has been reported that a significant increase in impersonation scams has been observed, where threat actors send malicious emails or text messages to Prime members. Amazon is currently working on consumer protection against such impersonation threats and educating Prime members on how to avoid such scams.
Cybersecurity experts stress the critical role of DMARC, DKIM, and SPF protocols in safeguarding email systems from phishing, spoofing, and domain impersonation attacks
The scammers often use emails, calls, or texts to confuse the member about a purchase they don’t really remember. The cybercrooks coax the users to “verify” the order details by clicking on a specific link or sharing personal information. Some emails may also contain messages about renewed high prices. They add a fake “cancel subscription” button, clicking on which the Prime member will be directed to a malicious Amazon login page.
Amazon will soon launch measures to safeguard users against such scams. One of the crucial changes is to include the Amazon Smile logo, which will help Yahoo, Gmail, and other email service users determine the authenticity of emails. Amazon also emphasized that no Amazon representative will ever ask for payment over email or by phone call.
Steep rise in Red Sea GPS spoofing as crews seek immediate support
Ships that sail through the Red Sea are consistently being targeted by cybercrooks through GPS spoofing and jamming attacks. This makes it incredibly difficult for sailors to navigate across the Red Sea. These attacks can even render it impossible for the crew to send out distress signals in emergencies.
Marlink, the satellite communication provider, has experienced a significant increase in support requests from ships sailing across the Red Sea. In 2024, the distress calls were as few as one every two weeks. However, currently, as many as 150 ships connect with Marlink in a single day to report irregularities in GPS services.
Due to these spoofing attacks, ships are often compelled to travel at an abnormal speed. Sometimes they appear to be on land. At other times, they appear to be circling around sensitive locations. Experts believe these are clear indications of radio frequency cyberattacks.
The cybercrooks not only disrupt the navigation of a ship but also affect crucial safety features such as GMDSS or Global Maritime Distress and Safety System. If this system is spoofed or jammed, then crew members won’t be able to send even SOS calls in distressful situations.
Marlink is attempting to mitigate the issue by providing a dedicated call support system for affected crew members. Meanwhile, their engineering division is trying to build a robust, anti-spoof solution.
