The Steamship Authority in the US state of Massachusetts has been subject to a ransomware attack that has seriously disrupted operations.
The Steamship Authority in Massachusetts is the latest victim of a major ransomware attack, which has disrupted the company's payment systems, online and phone reservations services, ticketing system, and website.
This trend is expected to continue and increase in frequency, according to Charlie Gero, CTO of the Security Technologies Group at Akamai.
"The internet is not just the technology that powers social media and memes, it has become a core piece of infrastructure that we rely on for physical services daily: energy from gas, shipments of food, transportation, banking, and more," Gero added.
"As industries utilise the internet to ease operations and deployment, they must balance the tremendous advantages connected infrastructure gives with the high risk of being on a global platform where attackers can probe, infect, and hold their assets hostage from half a world away."
A week after the attack, the MA Steamship Authority is continuing to work with their internal team along with local, state, and federal officials to address the ransomware incident.
"Antivirus software, at minimum, should be installed on every critical machine in an enterprise," Gero said.
"Tight access controls should be enforced on every application’s access, utilising Zero Trust principles, and services such as Cloud Access Security Brokers and Secure Web Gateways should be introduced to perform additional malware checks on data flows, and limit the spread of sensitive information out of customer networks.
"Systems which need not be on the internet should be completely 'air-gapped' from those that do."
According to the MA Steamship Authority's website, the company has engaged with a third-party cyber security company and forensic investigators to assist with working to determine the full nature and scale of the event.
While the MA Steamship Authority's website is offline, the company has strongly recommended cash for transactions.
The MA Steamship Authority is the latest victim of the recent spate of cyber security attacks that saw Colonial Pipeline operations crippled for days and took JBS meat packing facilities offline. All three of these cases utilised ransomware to disable the operations of these companies, and at least the first two were launched from actors operating within, or associated with, Russia.
“It is telling that so many critical pieces of infrastructure have been taken offline within such quick succession in the past few weeks,” Gero said.
"As the attackers continue to advance in both pace and sophistication, this should serve as an incentive for all companies to audit their internal security practices and measures to ensure they are doing everything they can not to be the next headline.
"This tells us that our current security posture for many companies are not yet at the level they need to be."
Assistant Minister for Defence Andrew Hastie has also weighed in on the spike in cyber crime, stressing that the recent attack on JBS' Australian operations is further evidence of the need for greater vigilance.
"Hitting JBS – one of the world's biggest meat processors – is a significant thing, but we're going to see more of this, we've been seeing a lot of it already," he said.
"Australians need to start realising that we can no longer think of cyber security in personal terms – you know, in the context of our phones, our own iPads, our own laptops.
"We've got to start thinking about our digital sovereignty as a country, because an attack on a single Australian business can have devastating impacts."
Assistance Minister Hastie pointed to data from the Australian Cyber Security Centre in Canberra, which reported 60,000 cyber crime incidents last year.