Presentation is loading. Please wait.

Presentation is loading. Please wait.

Marine Industry Day 2015 Sector Command Center (24 hours): (504) 365-2200 National Response Center: 1-800-424-8802 Website:

Published byKellie Rich Modified over 9 years ago

Similar presentations

Presentation on theme: "Marine Industry Day 2015 Sector Command Center (24 hours): (504) 365-2200 National Response Center: 1-800-424-8802 Website:"— Presentation transcript:

1 Marine Industry Day 2015 Sector Command Center (24 hours): (504) 365-2200 National Response Center: 1-800-424-8802 Website: http://homeport.uscg.mil/nola

2 2015 Industry Day New Orleans, LA Cyber Risk Management Presenter: LCDR Bob Kinsey Coast Guard Sector New Orleans 2

3 PRESENTATION OVERVIEW Why worry about Cyber? Real life examples Recommended Tasks & Resources 3

4 Ships Then

5 Ships Now

6 Cargo Operations Then

7 Cargo Operations Now

8 The Evolving Threat…Call to Action “Cybersecurity is one of the most serious economic and national security challenges we face as a nation…” - President Obama, February 2013 “Cyber affects the full spectrum of Coast Guard operations…it cuts across every aspect of the Coast Guard. We all have a role in cybersecurity and protection of our networks, and we must treat them like the mission-critical assets that they are.” - Admiral Zukunft, September 2014 “All sectors of our country are at risk…the seriousness and the diversity of the threats that this country faces in the cyber domain are increasing on a daily basis.” - DNI Director Clapper, March 2013 “The loss of industrial information and intellectual property through cyber espionage constitutes the greatest transfer of wealth in history.” - General Alexander, August 2013

9 Threat Actors Self-inflicted Nation-states Hacktivists Criminals Insiders Natural

10 Hackers/Intrusion Sets Phishing Social Engineering or Elicitation Malicious Code Mirrored Websites Insider Threat How about accidents? 10 Cyber Threats Social Engineering Phishing Insider Threat Hackers Mirrored Websites Malicious Code Types of Cyber Threats We are Facing

11 1991 – United States A fired employee of an oil and gas industry's emergency alert network disabled the firm’s alert system in 22 states by hacking into computers During an emergency at the refinery the system could not be used to notify the adjacent community of the release of a noxious substance.

12 2000 - Russia A hacker was able to control the computer system that governs the flow of natural gas through the pipelines. A Trojan program was inserted into SCADA system software that caused a massive natural gas explosion along the Trans-Siberian pipeline. The Washington Post reported that it yielded "the most monumental non-nuclear explosion and fire ever seen from space." The explosion was subsequently estimated at the equivalent of 3 Kilotons. (In comparison, the 9/11 explosions at the World Trade Center were roughly 0.1 kiloton.)

13 2001 – Port Facility An 18 year old hacker brought the systems of a Port Facility to a halt during a revenge attack on a fellow internet chatroom user. Hacked into the computer server at the Port Facility in order to target a female chatroom user following an argument. The port's web service, which contained crucial data for shipping pilots, mooring companies and support firms responsible for helping ships navigate in and out of the harbor was inaccessible.

14 Insider Threat – Malware via USB Device What happened? Targeted attack against refinery Disgruntled employee loaded malware on company computers Impact to business systems Remediation required 3 rd party assistance

15 GPS Spoofing 15 In 2013, a University of Texas team conducted an experiment to take control of auto-pilot function by spoofing GPS The 213-foot White Rose is the US$80M megayacht whose GPS navigational system was spoofed by about $2,000- $3,000 worth of equipment (Photo: U of Texas at Austin)

16 HOW DO WE GET THESE GROUPS TO WORK TOGETHER ? 16 ITSecurityBusiness

17 Evaluate your Vulnerabilities –Website: http://homeport.uscg.mil/nola –DHS ICS-CERT offers free training –NIST Cyber Security Framework (voluntary) Evaluate your Resiliency –What would you do if your computers suddenly become paper wieghts ? Create an culture of Cyber Awareness –Cyber is not just the IT staff’s problem Report all Cyber Incidents –Sector Command Center (24 hours): (504) 365-2200 –National Response Center: 1-800-424-8802 –DHS US-CERT https://www.us-cert.gov or 1-800-282-0870https://www.us-cert.gov –FBI reporting: http://www.IC3.gov Recommendations

18 THANK YOU FOR YOUR TIME! 18

Download ppt "Marine Industry Day 2015 Sector Command Center (24 hours): (504) 365-2200 National Response Center: 1-800-424-8802 Website:"

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.

CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.

Information Security Governance in Higher Education Policy2004 The EDUCAUSE Policy Conference Gordon Wishon EDUCAUSE/Internet 2 Security Task Force This.
Maritime Cyber Risks – What is real, what is fiction?

Maritime Cyber Risks – What is real, what is fiction?
Did You Hear That Alarm? The impacts of hitting the information security snooze button.

Did You Hear That Alarm? The impacts of hitting the information security snooze button.
Network Security Resources from the Department of Homeland Security National Cyber Security Division.

Network Security Resources from the Department of Homeland Security National Cyber Security Division.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Information Warfare Playgrounds to Battlegrounds.

Information Warfare Playgrounds to Battlegrounds.
7 Information Security.

7 Information Security.
Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.

Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.
Cyber Security Nevada Businesses Overview June, 2014.

Cyber Security Nevada Businesses Overview June, 2014.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

Similar presentations

Ads by Google