Could your crew be targeted through Social Engineering?


2021 is predicted to see an increase in coordinated social engineering cyber-attacks.

Social engineering uses information gained on an individual or organisation to build bespoke profiles and use that data for targeted attacks. Whether the subsequent cyber-attacks take the form of Phishing emails or Smishing text messages, the attacks are more successful due to the use of information scaped from the internet.

The Maritime industry has seen specific targeting of crew members. A phishing email about a fine or a Smishing text around a vaccination: the aim of these attacks will be to compromise security controls by gaining access to user credentials (i.e. passwords) that are then used to access the systems onboard the yacht.

To keep crew, and ultimately the yacht, safe from criminal attempts it is important that all crew (regardless of position) receive awareness training regarding cybersecurity. Training means individuals can recognise and report cyber-attacks, gain additional understanding and be able to implement security protocols to protect themselves and systems onboard a yacht.

Have you trained your crew to recognise a suspect email or text?

This article forms part of Isle of Man Maritime Member and cyber security specialists, CSS Platinum‘s January edition of their Security Newsletter.

Other features of this edition include: SolarWinds hack: The biggest cyber-attack yet? and How much are you worth on the dark web? 

Click here to view the full edition.