b'COAST GUARD REPORT:Recommendations For Fending OffCOAST GUARDMalicious Email AttacksT heMarine TransportationSystemBuilding on those attack methods, advanced Domain-Based Message Authentication (MTS)continuestobeatargetcybercriminalsareregisteringdomainsReporting and Conformance (DMARC):ofincreasinglysophisticatedwithdeliberatelymisspellednamesofIt is strongly recommended that organizations maliciousemailspoofi ngtechniques.companywebsitesandusingthemtoimplement DMARC to help ensure all emails InSept.2020,theU.S.CoastGuardlaunchspear-phishingattacks.Theseeventsthat appear to come from official sources pass published MarineSafetyInformationhavebeenanalyzedandinvestigated,andthe Sender Policy Framework/Domain Keys Bulletin19-20,highlightingmaliciousthefollowingarerecommendationsforIdentifi ed Mail (SPF/DKIM) checks to confi rm email spoofi ng events targeting the MTS.MTS stakeholders: origin. For more information on DMARC, click here.Email Greylisting: Organizations should implement email greylisting as a method for reducing potentially malicious spam. Greylisting will initially block any email from an unknown sender and return a temporary SMTP error code informing the sending server the email was temporarily rejected. A legitimate SMTP server will try resending the email after a period of time, whereas a typical spamming server will not attempt to resend. If the sending server resends the email within the specifi ed time limit then it will be treated as legitimate and accepted. User Awareness and Training: Employee awareness and engagement is key to eff ective cybersecurity protection. It is strongly recommended that organizations implement Information Technology Security Awareness training programs in accordance with National Institute of Standards and Technology Special Publication 800-50, ISO 27001 or similar standards, and per guidance set forth in Navigation and Vessel Inspection Circular (NVIC) 01-20: Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities to meet this objective.As always, any potential threat to the cybersecurity ofyourunit,vessel,orfacilityshouldbetaken seriously. Breaches of security or suspicious activities resulting from cyber incidents shall be reported to the National Response Center at 1.800.424.8802. Consideralsoreportingtheeventtoyourlocal Coast Guard Captain of the Port or the Coast Guard CyberCommand247watchat202.372.2904 or CyberWatch@uscg.mil.Yourwillingnessto comply and report in a timely manner helps the U.S. respond quickly and eff ectively and makes the maritime critical infrastructure more secure.46 FOGHORN'