- Domestic Ports

11/17/14: Ongoing sophisticated malware campaign compromising Industrial Control Systems

Written by Capt. Andrew Tucci

Cyber dependent technologies are an increasing part of the Marine Transportation System. Vessel and facility operators use computers for navigation, communication, business processes, cargo operations and countless other functions. While an attack or failure of any of these systems could have significant consequences, Industrial Control Systems, or ICS, are a particular concern. ICS is a general term that includes various systems that control physical processes.

The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) routinely publishes alerts concerning malware and other threats to Industrial Control Systems. One recent alert addresses a variant of the BlackEnergy malware. BlackEnergy and other malware may be present in cyber systems used in maritime industry.

The Coast Guard strongly encourages facility and vessel operators to review their cyber security practices, and to take full advantage of the alerts and other information provided by ICS-CERT. The Coast Guard also publishes cyber security information on the cyber security section of Homeport.

Vessel and facility operators that experience a cyber related impact to the MTS portion of their operations should report that incident, along with any other suspicious activity, to the National Response Center at 1-800-424-8802, in accordance with 33 CFR 101.305. Any questions or assistance needed regarding cyber threats, training, and/or industrial control systems, please contact US Computer Emergency Readiness Team, US CERT, at 1-800-282-0870. Victims are also encouraged to report the incident to the FBI at the Internet Crime Complaint Center.

This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official source documents, such as the Federal Register, Homeport and the Code of Federal Regulations. These documents remain the official source for regulatory information published by the Coast Guard.