Due to the current awareness and cyber security profile in sipping companies, threats to shipping is the reality that should be given immediate attention. In the year 2015, shipping was one of the top most cyber-attacked industry. Futurenautics (2015) cites that sipping agencies should use the wakeup call in securing its critical infrastructures (both data assets and physical assets). 2015 survey by Futurenautics suggests that 12% of shipping companies have received training on cyber-security. The survey additionally finds that 43% of shipping companies have been aware of cyber-security management controls availed by their organization for personal web browsing and use of external data storage.
Based on the analysis, we can reach at a troubling conclusion about lack of cyber safety in shipping companies, especially companies’ databases. Following this basis, this article seeks to explore security management techniques in shipping agency database. Database is the heart of every organization and hacking it may lead to serious loses to the organization.
Firstly, we will explore the risks associated with shipping company database.
Secondly, we will find out various physical and software solutions to the security problems and their respective limitations.
Lastly, business continuity and disaster recovery plan that should be revoked on the off chance that the agency is attacked by cyber-criminals.
RISKS IDENTIFIED IN THE SCENARIO
Assets
Risks Supporting Arguments Impacts
Database server Packet sniffing Cyber-criminals can gain access and control the company network where the database server is hosted and use sniffer to capture the packets which are flowing to and from the database server. They may then analyze the packets and decrypt passwords and usernames in the server (Gurban, Groza, and Murvay, 2018, pp. 223-230).
The main purpose for this information is to access the cause database administration and compromise the company database which might end up losing the integrity, availability and confidentiality of the company’s data. The primary target of packet sniffers is to get the company details for malicious purposes. Therefore, this threat may lead to lose of the customers’ sensitive information from the company’s database like credit card details among others. It may end up causing harm to the organization customers. Packet sniffing is dangerous to the company as it makes the organization to be responsible for the attack, which might degrade the image of the agency in the market (Sicari, Rizzardi, Cappiello, Miorandi, and Coen-Porisini, 2018, pp.59-74).
Organization’s customers’ sensitive information Email phishing and malware. Shipping company information system contains the company and customers’ sensitive information. Hackers may use email phishing to persuade the customers into giving their sensitive information (Chiew, Yong, and Tan, 2018, pp. 23-29). Also, unaware that malware has infected the company information system database may lead to lose of sensitive data to cyber-criminals. When cybercriminals launch phishing and malware attacks, they may lead to impacts of considerable magnitude ranging from monetary fraud to thievery. Cargos and even customers may be hijacked, which may not only affect the company’s individuals but also compromise the confidence in the company’s products and services (Chiew, Yong, and Tan, 2018, pp. 23-29).
PHYSICAL SECURITY SOLUTIONS AND LIMITATIONS
Assets Risks Physical security solutions Limitations
Database server Packet sniffing The physical means for reducing packet sniffing is to ensure that all the physical machines hosting the company’s database server are locked in a secure room and monitored using CCTV in order to prevent unauthorized entry and theft (Sharma, Batra, Pandey, Narwal, and Kumar, 2018, pp.9). This technique is limited as hackers may use wireless packet sniffers to access the database servers from outside the server room and may go unrecognized.
Organization’s customers’ sensitive information Email phishing and malware. Creating a physical security awareness and training program would be the most appropriate physical method for mitigating this risk (Wash and Cooper, 2018, pp. 492). This method involves making the organization’s employees aware of the email phishing and malware risks and training them how to avoid the risks. It is important as the emphasis on physical security now a days tend to be neglected by employees and customers which may lead to attacks in the organization’s database, so reinforcing physical awareness and security training would reduce the chances of such attacks. This is limited by the fact that crews may not practice their due diligence affecting to mandatory physical security requirements as said in the training and awareness sessions.
This may make the company to be legible if by any chance an attack occur which may reduce the image of the company.
SOFTWARE SECURITY SOLUTIONS AND LIMITATIONS
Assets Risks Software security solutions Limitations
Database server Packet sniffing There are several software security solutions that can be executed to mitigate the sniffing attack. First, this attack can be avoided by running an admin script on a daily basis on the network in order to disable the promiscuous mode on the network interfaces which results into shutting down the sniffing software.
Another important way of dealing with sniffing attacks is the use of anti-sniffing tools to detect the interface mode of the network along with different process as well as software which are present in the organization’s server.
Most importantly, the company should ensure that the computers within the headquarters and those that are in ships are encrypted network protocol like IPSEC to encrypt any movement from the system. (Balasubramanian, 2018, pp. 1312-1342). These approaches cannot fully solve packet attacks no matter how good they are.
Sniffers may only see network traffics which cross the data lines where they are connected, they capture the data which is coming out and in to the company database servers which is good but may not be sufficient.
A lot which are going on in the network may not be known if captures take place only at the edge.
Organization’s customers’ sensitive information Email phishing and malware. To avoid email phishing and malware attacks to the company database, the organization’s email security gateway must be reinforced with multiple scanning solutions for increasing the protection from known and unknown threats, so decreasing the vulnerability that disables or avoids anti-malware engines. (Sampat, Saharkar, Pandey, and Lopes, 2018, pp.121). Additionally, this risk can be reduced by applying data sanitization to remove all active codes from attachments in the emails. This helps in automatic removal of other threats. The limitation of this approach is that phishers can sometimes bypass the filter’s database by transforming words. This may lead to phishing which may result to hijack of cargos and even customers.
BUSINESS CONTINUITY AND DISASTER RECOVERY PLAN FOR A SHIPPING COMAPNY
This section presents a strategy for maintaining business continuity in the event of disruptions from network sniffing and email phishing attacks. The business continuity and disaster recovery plan is in compliance with NIST SP 800-34. This plan should be appealed if by any case the company suffer loss of data, hijack of cargos and ransomware from the aforementioned attacks (Charlesworth, Mazur, and Marinelli, 2018, pp.22-30).
• SENSITIVE INFORMATION BACKUP
All sensitive information of the organization including customers data that would be stolen on the off chance that a cyber-terror occur are maintained and controlled by the disaster recovery department (Ferguson, 2018, pp.243-255). Some of the information will be backed up periodically at an offsite location as part of the organization disaster management department’s normal operation.
• HIJACK OF CARGOS
The organization shall insure all its assets so that whenever a phishing attack lead to hijack of the company’s goods, the company shall receive recovery from insurance to continue the business.
• RANSOMWARE ATTACK
If a ransomware attack occurs, the organization users, including staffs may be decrypted from system until a ransomware fee is paid. To recover from such attack, the company should allocate funds for recovering from the ransomware attacks.