CyRComms – Cyber-Cerber Blog

As we all are already aware, the Russian invasion of Ukraine started (officially) on February 24th, 2022, and it came along the so-called, classic war, with many other new, developed, and extensive types of warfare: cyber, radio, psychological, financial, etc.

This time, I will show you a quick and very simple OSINT demo, of the AIS spoofing and GPS jamming in West side of the Black Sea region.

AIS stands for Automatic Identification System and is digitally broadcasted information data, over VHF, consisting of ship name, course and speed, classification, call sign, registration number, MMSI, and other information. The Bridge Officers onboard the vessels are then using such information, as an additional tool, for enhancing the ship’s safety navigation and operations.

Since navigation (maritime, aero, auto, etc) is mainly based on the GPS constellation, the obvious target and scope was to interfere with its functionality in certain areas of interest. GPSJam is a live source of such activities.

Other alternative navigation satellite constellations: Galileo (owned by the European Space Agency), BeiDou (owned by the Chinese state), etc.

Now, returning to our AIS topic, today, 10.07.2024, at 03:20 UTC, I did a quick research on some publicly available sources, and here is what I’ve got:

On Marinetraffic, on an overall view over the western side of the Black Sea, you may notice some unusual reported positions inside of the Crimea Peninsula, just NE of Sevastopol.

Zooming in a bit, you’ll observe that there is no “water” in the area, sea, lake or river).

Going to Google Maps, and finding the same location, you might wonder (or not), what few ships will do in the area of an airport… Simferopol Airport (between Rodykove and Ukromnoye area).

Then, I picked up randomly, an AIS of the bulk carrier, named “Magic L”.

To verify the data is accurate, I cheked the same AIS on Vesselfinder, and surprise, here the position on the map was correct.

As the minimum rule of 3rd, I check on another AIS marine traffic source, Shiplocation, and the confusion increased as pinpointing the ship’s name and AIS is resulted in double locations…

The air traffic is affected too due to the shorter response time needed for taking the proper actions, the maritime AIS traffic spoofing is meant to create confusion, traffic jams, chaos or even accidents.

An extensive OSINT & Radio survey will follow, so stay tuned and safe!

Later update: on October 24th, the national TV post, ProTV, confirmed my above statements: Sistemele de navigație GPS după care se ghidează avioanele în zbor au fost lovite intens de bruiaj. De unde vin interferențe.

InfoSec & ICT Maritime & SMB/SOHO:

OmnisMares.com Cyber-Cerber.com

CV – Curriculum Vitae… or Resume… no, I will not go into this topic. You can find some good guidance in this Harvard Resume/CV guide.

Also, I will not go into the design concept, which format is better or preferred… as there is none. Every recruiter has their own view and opinion, therefore, whatever you’ll choose, you’ll not be good enough for all. Just kidding.

But what I will like to highlight now is your privacy. Your cyber-privacy!

We are all hunting for better jobs. Some of us are getting the dream job thru a direct recommendation, others by direct hunting, others thru a recruitment agency.

The recruitment agency has the privilege of working on our behalf, hunting and matching the best job as per our CV/resume. They deal with the bureaucratic details in the background, the interviews, etc.

And we are happy. And they are happy. So far, so good.

One of the duties of every accredited agency, at least in the EU, is to properly manipulate and store the data. Including our data. Our CV/resume. As per the GDPR. They have certain procedures and protocols, including cybersecurity and cyberprivacy.

And this is good, this is what we want. To have our data, our personal information, in safe hands!

But recently, over the past months, I started to see a lot of individual recruiters, advertising jobs and collecting CVs into, most of the time, Gmail accounts.

Nothing wrong with or against individuals offering jobs to others, don’t take me wrong. Not going into the professional recruitment process (background check, profile match, certifications and skills verified, etc)… if is properly done or is just passing the paper from one hand to another…

My main concern is how our CVs, or personal data, are manipulated, stored, and protected by the @gmail.com user. Is the device “malware” free? Is the user cyber-clean, cyber-aware, and with good internet and computer habits? Is the data stored in a cyber-protected and encrypted environment? For how long the data is stored? What happens with that data after the “recruitment” process is finished? Is deleted? When? How? Do you get any feedback on the status of your CV/resume after the recruitment process is done?

You may say… is just a CV. No bank details, no PIN. Nothing to lose. Right?

Let’s review… In your CV, you have a name, a picture, DOB, location/address, email, telephone number, in-depth details of your previous jobs, medicals & references details… And the list can go on. And what can happen? Well… sit tight and brace for impact…

Impersonating, fake profiles, spare phishing, or even whaling, and cyberbullying, online harassment are just a few of the real dangers behind personal data (CV) in the wrong hands.

Just do a quick test… type “CV” in any search engine? What you’ll get? Tons of data, private data. Add a name… and there you go. And you don’t want to be on that visible list. Not to mention the dark web and deep web!

Don’t post your CV online. Don’t give your CV to anyone who is just posting a job offer… Is that job offer even for real? Sometimes, we see “recruiters” of large (yes, large) yachts with Yahoo, Gmail, or other free accounts. If for a yacht of 30-40mtrs that is self-managing, this might be OK, for a large yacht with solid logistic support… it does not sound professional.

A few pieces of advice before sending your data:

Do a bit of basic research (searching engines, social media, etc) before jumping with “CV sent. Thank you Sir/Madam”…

Ask your recipient for an email confirmation and application status (forwarded, accepted, rejected, denied, etc). I know…most of the recruiters are demanding professionalism but they deeply lack basic polite feedback so… even fewer expectations from a @Gmail “recruiter”!
Ask for written confirmation of CV/resume/data deletion after the recruitment process is completed

Personal and professional data must be carried out in the most private and professional way. Treat the subject seriously and good luck in your job hunting!