Did You Know? Reverse Proxy Phishing Serious Threat to Maritime Industry

October 28, 2024

Did You Know? Reverse Proxy Phishing Serious Threat to Maritime Industry
© ZETHA_WORK / Adobe Stock

Reverse proxy phishing, a more sophisticated version of classic phishing cyberattack, could significantly impact maritime sectors operations, from the disruption of shipping logistics to the manipulation of sensitive communication systems, resulting in delays, loss of reputation, and costly recoveries.

According to the report from Marlink’s Security Operations Center (SOC) on cyber security threats, a significant portion of the threats neutralized by the SOC have continued to follow the most common attack vector seen since 2022: phishing.

However, in the first half of 2024, there has been a notable increase in a more advanced form known as ‘reverse proxy phishing’.

Phishing is a classic cyberattack method where attackers impersonate legitimate entities (like banks or service providers) to trick users into providing sensitive information, such as login credentials or financial data. Traditional phishing often relies on fake websites or fraudulent e-mails to capture user data.

Reverse proxy phishing, on the other hand, is a more sophisticated version. Instead of simply creating a fake website, the attacker sets up a ‘proxy’ that sits between the legitimate website and the victim. This proxy captures the user’s credentials and, in real-time, forwards them to the actual site, making the victim feel like everything is normal.

The danger of reverse proxy phishing lies in its ability to bypass multi-factor authentication (MFA), making the victim feel like everything is normal while attackers gain full access to sensitive systems, which could have serious repercussions for the maritime industry.

The U.S. Coast Guard (USGC) plans to introduce new cyber security rules soon, with implications for maritime and offshore energy cyber space as well.

If you are in New Orleans on November 13, 2024, sign up now for a free lunch and moderated conference discussion to learn more about the new USGC cyber security rules and their impact on the vessel owner/operators, OEMs and shipyards. Featured speakers include:

  • Rear Admiral Wayne R. Arguin Jr., Assistant Commandant for Prevention Policy (CG-5P), U.S. Coast Guard
  • Dain Detillier, Executive VP – LNG Operations, Harvey Gulf, LLC
  • Stewart Alpert, Chief Information Security Officer & Head of Technology, Hornblower Group
  • Angeliki Zisimatou, Director, Cybersecurity, American Bureau of Shipping
  • Phillip Bannerman, VP Sales Americas, Marlink
Northern Lights Expands LCO2 Fleet with Vessel Charter for MISC, K Line

June 3, 2026

Northern Lights Expands LCO2 Fleet with Vessel Charter for MISC, K Line

MODEC, Eld Energy Partner on CCS-Integrated FPSO Fuel Cell Power System

June 4, 2026

MODEC, Eld Energy Partner on CCS-Integrated FPSO Fuel Cell Power System

Oil Slips as Oman Reports Normal Operations at Key Oil Terminal

June 5, 2026

Oil Slips as Oman Reports Normal Operations at Key Oil Terminal

Eni and Petronas Launch Southeast Asia Gas Joint Venture Searah

June 8, 2026

Eni and Petronas Launch Southeast Asia Gas Joint Venture Searah

Hormuz Reopening Could Trigger OPEC’s Next Big Challenge

June 11, 2026

Hormuz Reopening Could Trigger OPEC’s Next Big Challenge

BP Hires Noble Corporation’s Giant Semi-Sub Rig for Drilling Ops off UK

June 9, 2026

BP Hires Noble Corporation’s Giant Semi-Sub Rig for Drilling Ops off UK