The Port of London Authority (PLA) fell victim to a cyberattack last night which has knocked its website offline. The attack, thought to have been carried out by the Altahrea Team hacking gang, appears to be politically motivated, according to security researchers. More information: https://techmonitor.ai/technology/cybersecurity/port-of-london-authority-cyberattack
In response to this, Dr Kemedi Moara-Nkwe, Research Fellow, Maritime Cyber Threats Research Group, University of Plymouth has offered the following comment:
“The attack on the Port of Tilbury Authority serves to provide yet more evidence that organised attackers who wish to cause maximal disruption are increasingly looking at maritime ports and vessels as primary targets for their attacks. These cyberattacks are usually in the form of ransomware-based attacks or DoS/DDoS based attacks such as the attack that was launched on the Port of Tilbury. DoS/DDoS attacks have long been identified as attacks of key concern due to the ease at which attackers can launch them and the degree to which they can disrupt customer-facing operations.
The maritime industry handles a very large proportion of the goods that are traded in (and out of) the UK and so any disruption to operations at a major port has the potential to cause long-lasting disruptions which could take long periods of time to resolve. It is therefore critical for any major port which may be facing disruption to any of its services due to a cyber-attack to act quickly to mitigate the potential impacts that the attack may cause on its own operations, other stakeholders in the supply chain and the maritime sector as a whole. This should involve, among other things, engaging the National Cyber Security Centre (NCSC) – which acts as the UK’s designated computer system incident response team (CSIRT) for the UK’s critical industries. The NCSC can then, if they deem appropriate, act to both assist the port in the attack recovery process and also act to warn other UK ports of potential risks of this attack spilling over to them. If the port authority has officially been designated as a provider of an essential service or an operator of critical infrastructure, then the Network and Information Systems (NIS) incident reporting regulations compel the port to undertake the above action.”
