NSM warns shipowners on cybersecurity vulnerabilities

The National Security Authority (NSM) and the Norwegian Maritime Directorate warn Norwegian shipping companies, seafarers and other employees in the Norwegian maritime sector against hacking attempts through the LinkedIn service and e-mail inquiries.

The National Cyber Security Centre (NCSC) is a part of NSM, and is continuously following and analyzing situations that in the cyber domain can affect or have affected Norwegian companies and organizations. 

Since June 2019 NSM NCSC received information about cyber campaigns targeting several different sectors. The scope of these campaigns and the following incidents have been global, but companies in the United States of America, Europe, and the Middle East have been the main targets. 

The threat actors have demonstrated high ability and capacity to conduct their operations. It has been reported attempts of digital activity with malicious intent against several companies.

Based on the received information, NSM NCSC, the Norwegian Maritime Authority, and the Norwegian Shipowners’ Association assess that all types of ships and ship owners’ land-based infrastructure can be vulnerable to cyber incidents within the maritime sector. Especially ship owners that operate in MARSEC level two areas or higher should be aware of the situation. Companies and organizations should be prepared for continuous activity in the short to medium term.

NCSC encourages businesses and employees in the maritime sector to be more vigilant, and to follow the measures in Appendix 1: Recommended Measures. Suspicious incidents should be reported to the Norwegian Maritime Directorate and the Norwegian Shipowners' Association.  

Or send a copy of the request to NSM NCSC if the incident is suspected of activity as described in Appendix 2: Observed Campaigns or some other form of cyber activity. NSM NCSC can be contacted 24 hours a day on 02497 and e-mail [email protected].