News + Resources

Industry news, Astaara press releases & maritime cyber risk resources

Friday, May 23, 2025
NSA and NCSC global advisory to ports and logistics operators: You have been warned

The UK’s National Cyber Security Centre, with 9 allies, has just issued an advisory (www.ncsc.gov.uk/uk-partners-expose-russian-intelligence-campaign) for ports, logistics operators and other companies who may be involved in supporting Ukraine.   It has attributed a range of malicious activity to a sub-unit of the GRU (Russian military intelligence).   The threat actors are reportedly getting access to victim’s networks and either using this access to gather intelligence on suppliers to Ukraine, what is being supplied and when – with the possibility of using that knowledge to interdict the support in some way.

The methods used are not novel: credential guessing, spear phishing, MS Exchange permissions exploitation – all getting them access to networks and systems. Much of this is blockable.   Ensuring you keep your systems secure is not just prudent – it is good business.  Good cyber hygiene enables you to continue to trade in these tricky times.  Ports are particularly vulnerable given their need for continuous working and their role as critical infrastructure.

We have already seen the US requiring their ports to remove all China-originated software from their cranes.  This guidance includes ensuring that your IT and OT systems are patched – and if no patches are available, that they are protected through other methods – e.g. network segregation.  This means more monitoring, strong authentication (e.g. using non-SMS based authentication or passkeys (where available)) and ensuring security updates are applied as soon as possible after release.

As we have said before, this is basic good cyber hygiene.  The GRU have been able to achieve their access thus far because they know that there are gaps.  Now that the NSA, NCSC and others have broken cover and come out publicly, those companies considered critical will not be given a further pass should they come up wanting.  The regulations are clear and are being toughened to include not only the port operators but also their service providers.  The regulations are there for reason:  They have been warned.

  • Robert Dorey
    CEO
    • Back to News + Resources

    More news articles

    May 23rd, 2025
    News

    NSA and NCSC global advisory to ports and logistics operators: You have been warned

    December 11th, 2024
    Insight

    Caught in the tech trap: why IT contracts need a shake-up

    July 18th, 2024
    Case Study

    NIRS2:  It is happening soon, so get your houses in order    

    Astaara Underwriting UK Limited is an appointed representative of Davies MGA Services Limited, a company authorised and regulated by the Financial Conduct Authority under firm reference number 597301 to carry on insurance distribution activities. Astaara Underwriting UK Limited is registered in England and Wales company number 12570450. Registered office at 5th Floor 20 Gracechurch Street, London, United Kingdom, EC3V 0BG.

    © Astaara Company Limited 2021