PortandTerminal.com, October 12, 2020
U.S. Cybersecurity and Infrastructure Security Agency (CISA) issues warning on October 6 that state and local governments need to fortify their systems against the trojan Emolet.
WASHINGTON – Port Authorities and shipping companies pay heed. A dramatic uptick in Emotet phishing attacks since July has led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue a warning that state and local governments need to fortify their systems against the trojan.
“Costing $1 million per attack to fix”
The Department of Homeland Security referred to Emotet in a 2018 advisory as “among the most costly and destructive malware affecting state, local, tribal and territorial governments,” costing on average $1 million per attack to fix.
Container Ship Emolet Attack
In February 2019 the US Coast Guard advised that a cyberattack on a ultra-large container ship bound for New York/New Jersey was due to an infection with the Emotet malware.
The crew on the box ship reported that their shipboard network had been “totally debilitated” by malware said Coast Guard Capt. Jason Tama, captain of the Port of New York and New Jersey and commander of the Sector New York region.
“I’m pretty confident there are cyber incidents happening on vessels throughout the world every single day, most of which aren’t reported to any sort of authority,” Capt. Tama said.
“The Port of New York and New Jersey handles $1 billion to $2 billion in cargo per day, Capt. Tama said. If the ship’s malware spread and shut down the port, it could be economically disastrous.”
The latest alarm from CISA comes at a time when municipalities are already strained, juggling the concurrent crises of the COVID-19 pandemic, widespread social unrest and a caustic election season. Emotet, which can load other malware and self-propagate, is the last thing they need.
What Is Emotet Malware?
Emotet was first detected in 2014 as a threat targeted at banks. In late 2019 it re-emerged with new social-engineering tools and the novel ability to customize phishing emails with messages tied to recent holidays, headlines (COVID-19 is popular these days) and events.
Emotet belongs to the malware strain known as banking Trojans. It primarily spreads through malspam, which are spam emails that contain malware (hence the term). These messages often contain familiar branding, mimicking the email format of well-known and trusted companies such as PayPal or DHL to convince users.
With reporting by ThreatPost.com, the New York Times and Heimdal Security
Other articles you may find interesting
Copyright © 2020 PortandTerminal.com