Mariners' Advisory Committee
for the Bay & River Delaware
www.MacDelRiv.org
   
Posted   04-19-2019 10:14    
MSIB 10-19 Suspicious Cyber Incident - Commercial Vessel

The purpose of this Bulletin is to inform the maritime industry of a recent cyber incident on a commercial vessel. On January 29th 2019, a commercial vessel reported to U.S. Coast Guard Sector Miami that it received an email from an individual or entity claiming to represent an official Port State Control body. The email originated from the email address port@pscgov.org. It was sent directly to the vessel’s Captain requesting sensitive information about the vessel, its crew, and its cargo. The vessel’s master was suspicious of the request and activated elements of the vessel security plan. He reported the incident and forwarded the suspicious email and information to the local USCG Captain of the Port (COTP) for investigation.

Cyber technologies enable the Marine Transportation System to operate reliably and at a high capacity, driving the U.S. economy and supporting national defense and homeland security. While cyber systems create benefits, they also introduce risk. Exploitation, misuse, or failure of cyber systems could cause harm to the marine environment or disrupt vital trade activity. As a result, cyber risk management and reporting is important.

Suspicious activity (SA) and breaches of security (BoS) of Maritime Transportation Security Act (MTSA) regulated vessels and facilities shall be reported in accordance with 33 CFR Part 101.305. The Coast Guard’s National Response Center (NRC) (800-424-8802) remains the USCG’s primary point of contact for notifications of all USCG regulated entities SAs or BoSs. However, for cyber incidents that do not impact physical security or cause pollution incidents, the Coast Guard allows parties to report to the National Cybersecurity and Communications Integration Center (NCCIC) in lieu of the NRC. The NCCIC can be reached at (888) 282-0870. If contacting the NCCIC in lieu of the NRC, it is important that the reporting party inform the NCCIC that it is a Coast Guard regulated entity in order to satisfy the reporting requirements of 33 CFR. The NCCIC will forward the report electronically to the NRC, who will then notify the appropriate COTP. For further details on what constitutes SAs and BoSs and reporting requirements, refer to Policy Letter 08-16 “Reporting Suspicious Activity and Breaches of Security”.

For your awareness, Sector Delaware Bay regularly uses the following email addresses:

Port State Control: SecDelBay.PortState@uscg.mil
Duty Marine Inspector: DutyMI.SecDelBay@gmail.com
Domestic Vessels: DomesticVessels@uscg.mil
Waterways Management: DelawareBayWWM@uscg.mil
Investigations Officer: PhillyIO@uscg.mil

All mariners are advised to access the homeport website (https://homeport.uscg.mil/ ) to keep up to date with the current port conditions and applicable MSIBs. If you have any questions regarding the contents of this bulletin or expectations of the Captain of the Port, please contact the Inspections Department at 215-271-4887 between 8:00 am and 4:00 pm. For after-hours inquiries, contact the Coast Guard Command Center at (215) 271-4807.


S. E. ANDERSON
Captain, U.S. Coast Guard
Captain of the Port, Delaware Bay
View Attachment 1 (.PDF)