APT Hackers Target Ships With Ransomware in Escalation

Advanced persistent threat groups have escalated cyberattacks on the maritime industry, exploiting its global trade significance to deploy ransomware. APT hackers target ships through a blend of espionage and destructive tactics, aiming to cripple operations and demand ransom. Analysts have tracked over 100 attacks on maritime and shipping firms in the past year, marking a sharp increase in activity.

These campaigns combine geopolitical motives and technical sophistication. APT hackers targeting ships now embed ransomware in operational systems, using USB-based infections to bypass traditional defenses. Chinese group Mustang Panda compromised shipping companies in Norway, Greece and the Netherlands. Others, like APT41, use frameworks such as DUSTTRAP to evade forensics and deploy malware like ShadowPad.

Attackers often access systems through vulnerabilities in COBHAM SAILOR 900 VSAT terminals. They then encrypt navigation data and port management systems. Groups including Turla and Tomiris have refined USB-based attacks, spreading ransomware across maritime fleets.

Read the full article at: https://cybersecuritynews.com/apt-hackers-attacking-maritime-and-shipping-industry/