Security News > 2021 > February > US Coast Guard orders maritime facilities to report SolarWinds breaches
Image: USCG. The U.S. Coast Guard has ordered MTSA-regulated facilities and vessels using SolarWinds software for critical functions to report security breaches in case of suspicions of being affected by the SolarWinds supply-chain attack.
"Reporting malicious cyber activity enhances maritime domain awareness and allows us all to be better postured to prevent and respond to cyber incidents that could disrupt commerce or jeopardize national security."
The order applies to operators or owners of maritime facilities and vessels regulated by the Maritime Transportation Security Act.
MTSA security regulations address the higher risk of transportation security incidents concerning high capacity passenger and cargo vessels, offshore extraction platforms, as well as port facilities that serve them.
They note any system with a critical security function displaying any signs of compromise, including those that may have not originated from the SolarWinds Orion compromise but utilize similar TTPs. Scanning for activity connected to the SolarWinds incident.
The USCG also advised using open-source tools developed by the Cybersecurity and Infrastructure Security Agency and private security firms for detecting and remediating malicious activity stemming from the SolarWinds security incident.