Coast Guard Issues New Guidance on Cyber Risk Management

Coast Guard Cyber Command issued Maritime Cyber Alert 03-22 on August 17.  Maritime Cyber Alert 03-22 KILLNET TLP WHITE.pdf (uscg.mil)

Companies are encouraged to review this information and also consult the Coast Guard’s Best Practices for Cyber Risk Management for more on developing a comprehensive cybersecurity plan.

The alert follows Coast Guard observations of malicious activity connected to a cyber-criminal campaign targeting critical infrastructure in Europe and threatening the U.S. energy sector’s segment in the Marine Transportation System (MTS).  The alert specified that these threats were discovered via dark-web posts made by the Russian-based cyber-criminal and hacktivist group known as KILLNET.  KILLNET is one of many hacktivist groups whose malicious cyber activity increased in the wake of the Russia’s invasion of Ukraine.

A number of mitigation measures were recommended in the alert, such as not hosting internet-facing applications that are not essential to business operations, requiring multi-factor authentication (MFA) for remote access and hosting all public-facing servers in a segregated, demilitarized zone (DMZ).

For additional information, contact the Coast Guard at maritimecyber@uscg.mil or for immediate assistance call the Coast Guard Cyber Command 24×7 Watch at 202-372-2904

In related news, the Coast Guard announced on August 22 the release of the first annual Cyber Trends and Insights in the Marine Environment (ME) report to continue the tradition of collaborating with owners and operators and provide information about best practices to secure their critical systems.  The aim of the report is to provide Coast Guard units and their port partners with relevant information to identify and address cyber risks.

For more information and to access the report, please visit Coast Guard Cyber Command releases 2021 Cyber Trends and Insights in the Marine Environment report – Maritime Commons.