It emanates from Them. Dracula himself would have been scared of Them. They are watching you, and you are unaware that they even know of your existence. They can dart out of the Cloud and disappear back into the Dark Web with vital bits of your life. They can overpower your PC tower, they can hack your Mac, they can void your Android.
Who are they? Mostly unknown. Where are they? Even more unknown. Why should you care anyway?
Maybe you shouldn’t care. At the moment you probably don’t, because vain as you may be in all other respects, you consider yourself, in this respect only, as unimportant, not worth bothering with. You know of these phantoms I am writing about, you know their score cards.
You know the tally of the bodies that these vampires have sucked dry in the very recent past– first the life data of some 18,000,000 US government employees; then days later they gorged on the innards of the US Army recruiting site. Less than two weeks later they shut down all flights of the Polish airline LOT for several hours by gnawing at LOT’s flight data.
Previously they had made the headlines when their fangs drew blood from Sony Pictures. Big banks have felt their sting; international corporations have suffered from the siphoning-off of their liquid assets into their hungry maws; the contents of government social security sites have been beamed up into cyber space for their digestion.
But not to worry. You are not a bank or a government entity. You’ve made an informal risk assessment and decided that you need take no defensive action in this area. You are off the radar. And anyway you are smart, right? You don’t answer emails from a benevolent lawyer in Nigeria offering you the lion’s share of an unclaimed inheritance in exchange for a few personal details and of course the bank account into which you will receive the money. You don’t click on a dodgy looking link from your purported email provider instructing you to “refresh” your account.
Well, maybe you’re not so smart. Maybe you’re actually more important, more attractive, than you think. Why? Because you are a treasure house of information with a market value. Try making a list. Even at entry level you know people in your crew, you have friends on other yachts, you have more friends and family back home.
You know a whole crowd of people on social networks. You refer to their names, addresses, birthdays, travel records, job history, current whereabouts, etc. You know the names of the companies that deliver supplies to your yacht, the name of your management company, and the Agencies which handle your yacht’s business in various countries.
The more senior you are, the more details you have access to. You know the access codes too. You unlock the computers holding the personal and banking details of all crew members. You keep guest records. If you’re on a charter yacht you are required to retain copies of contracts, APA disbursements , credit card receipts, and most of these will be held electronically as well as in hard copy.
Owners and charterers are by definition wealthy: they control wealth-creating assets in the form of companies or financial structures. And they communicate with their assets from on board via your yacht’s IT networks which contain fat dossiers of the listed records.
So you actually offer the prospect of lots of lovely loot to these watchers, if they can access it. You keep them at arm’s length with your ISPS Ship Security Plan, so they can’t sneak a dongle or memory stick into your onboard systems? Ho! Ho! Ho! Everything is password protected? Ho! Ho! Ho! That gets a “Thank you Santa Claus” from these ethereal thieves.
Those “protections” went out the window before the print was dry on the first hard copy of the ISPS Code, even before the last shard of glass from the Twin Towers hit the ground on the morning of 9/11.
If teams of cyber security specialists can’t keep them out of well-defended corporate and government IT systems, what chance do you have of protecting your systems? You are a luscious vulnerable victim for the web vampires.
They will drape over you their invisible electronic veil, they will silently and secretly ingest your most valuable secrets while you type away on the very equipment that they are mockingly using to undermine you.
In return, they may leave you a parting gift by infecting your system with cyber poisons. Poisons so vile in their effects, and so clandestine in their operations, that you may not become aware of your close encounter with this miasma of evil until the after-effects begin to show up.
This could be when the investigative branches of civil, criminal or security authorities arrive at your passerelle with their warrants or subpoenas or notifications of lawsuits.
They, Them, have long since figured out how to penetrate and corrupt your reception of GPS signals. Today they are hovering like vultures over flight control systems. They have hacked into merchant shipping and been richly nourished by what they extracted.
Yachts are next on the menu, such soft targets they are. And notwithstanding Ship Security Plans and scary non-disclosure clauses in crew contracts, a hacked yacht will never be able to keep its shame a secret, because they, Them, will tell each other about their easy score, and jubilantly let all the world know.
Are you coming awake now? Are you beginning to realize that past years of ignorance or complacency about cyber security are now setting you up for a brutal mugging? Not going soft, are you? Or are you content to roll over, be a victim and pay the after-price?
The media are currently doing a great public service job by headlining stories about the latest attacks by Them, and bringing Them to your attention. But actually the media are only doing half the job. The other half of the job is up to you: you need to go pro-active, now, in face of the threat from Them.
Part II: Cyber Security: Are You Protected?