Increasing Cyber Security at SEA through digital training
Challenge: Ransomware
Overview
Malicious software, designed to access or damage a computer without the knowledge of the owner. There are various types of malware including trojans, ransomware, spyware, viruses, and worms. Ransomware encrypts data on systems until a ransom has been paid. Malware may also exploit known deficiencies and problems in outdated/unpatched business software. These vulnerabilities may be exploitedremotely or triggered locally eg a piece of malicious code may often be executed by the user, sometimes via links distributed in email attachments or through malicious websites. The attack of a ransomware on the Power management Systems is very dangerous, because is very important to the safety of the crew, ship, cargo and environmental, thanks these systems are the generators of the electricity of the ships for the propulsion and sailing aids equipment’s. An attack to the PMS can provoke collision, running aground, contact, etc.
Objectives
- Understand different power management systems hackers attackson the OT, sailing or in Port, but mainly sailing.
- Identify main manufacturers of critical shipboard IT and OT equipment.
- All risk factors Threats, Vulnerabillities, etc.
- The identification and implementation of mitigation measures.
- Develop an action plan.
Instructions
- Read carefully the provided materials on resources section.
- Enter the Moodle course and read the instructions how to connect there: https://course.cybersea-project.eu/
- Take account the four phases of a risk assesment: 1. Pre-assesment activities. 2- Ship assessment. 3- Debriefing and reporting. 4- Manufacturer's debriefing.
- The four phases of incident response: 1- Response, 2- Detection and analysis, 3- Containment and eradication, 4- Post insident recovery.
Outcome
Once you have completed this challenge, you will have a better knowledge and skills in this area, such as focusing on malware prevention techniques and ransomware protection.