Cyber threat to merchant vessels

Hackers target merchants in Gulf of Guinea.

Maritime Vessels in Gulf of Guinea Targeted by Email Phishing

THE MDAT-GoG (Marine Domain Awareness for Trade – Gulf of Guinea) has received information that there have been numerous attempts to encourage mariners, in the Gulf of Guinea region, to send in information that may have sensitive commercial elements to questionable recipients.

The Nigerian Navy have also sent a message to ‘All Ships Transiting in/off Nigeria Waters / GOG. A copy of one of the phishing emails is shown below

From: Regional Coastguard []
Sent: Montag, 27. Juni 2016 14:38
To: xxxx
Subject: GOG Coastguards/ security alerts

Dear Vessel Owner,

The regional coastguards require the following information for your vessel: XXXX That is presently in the Gulf of Guinea regional waters:
Vessels VHF channel
Call sign
Vessel Email
This is to enable our office to give any necessary alerts to vessels while they are approaching the different ports.

Kugo Pascal Darcy
GOG Regional Coastguard

Vessels and shipping companies are advised to be on alert and to verify such messages.

This apparent phishing attempt follows the earlier reports of security breaches at MTISC-GOG during the months prior to its’ closure 20 June 2016. The alleged security breach led to an official warning from shipowner association BIMCO. This concern has also been blamed for significant under-reporting of ship incidents in the region, but some believe that the problem is simply related to an inefficient handling of information by the reporting centre, reported IHS Fairplay.

The International Chamber of Shipping issued The Guidelines on Cyber Security Onboard Ships (Feb 2016) (Download PDF Here) published by BIMCO.

The Guidelines are designed to develop understanding and awareness of key aspects of cyber security.

The guidelines details that Phishing is the ending emails to a large number of potential targets asking for particular pieces of sensitive or confidential information. Such an email may also request that an individual visits a fake website using a hyperlink included in the email.

Whilst sea piracy is prevalent in the Gulf of Guinea region with the very real risk of seafarers being kidnapped and held for ransom, the increased awareness of cyber-based security attacks has become more pervasive as the shipping industry becomes more connected. Understanding that cyber security is made more challenging by the absence of any definitive information about the incidents and their impact.

The report by MDAT-GOG of this phishing attempt is a welcome development to enhance security for vessels transiting the already dangerous region.


Previous Article
Next Article