So it has happened. The screens on the business PCs in the engine control room and bridge have all locked down. The computers are simply displaying a black screen with a blank pop up window. No text. There is no ransom note (yet). One of the ECDIS systems is also no longer functioning properly and keeps restarting randomly.

The vessel has entered US waters and a pilot has boarded to bring the vessel into safe harbour. The crew have also received notification from the US Coast Guard of their intention to dispatch an inspector and are anticipating a Port State Control examination when the vessel is in port.

The master is on the phone to the Technical and IT Managers, trying to follow instructions in order to rapidly diagnose the problem. But the phone line isn’t great at the moment as the vessel is currently in a position with poor connectivity. In his mind, he is working out the best way to explain what is happening to the authorities, while trying to make up contingency plans on the fly. The pressure is on to avoid a detention.

This scenario is entirely plausible from January 1 next year when the cyber security requirements set out in IMO 2021 becomes effective and as cyber attacks on shipping operations continue to increase.

“We thought we were prepared for a cyber attack and then we got a nasty surprise when one actually occurred.” This is a common reaction of those who have lived through a cyber attack.

Based on CyberOwl’s experience engaging with nearly 100 fleet operators, less than 5% of them would be able to answer a few fundamental cyber security questions when they are under pressure during a high profile cyber incident, such as: what is actually happening to the onboard systems? Are we sure we have been cyber attacked? Will it spread and how do we stop it spreading? And how quickly can we recover operations?

This is before the more complicated questions that come later during forensic analysis, such as: what has been the full scale of the impact of the cyber attack? What systems have been compromised? How did the attack actually happen? How do we prevent the same attack in future? In fact, there are some security teams that never properly answer these latter questions.

If you’re the fleet IT manager, scrambling around trying your best to quickly put fires out during such a cyber incident is not going to be a fun day at the office. One of the key decisions you are going to have to quickly make is whether you should be reporting the incident to the leadership team. If so, when do you report it and what do you say? Then, how regularly do you update them?

This is why an effective cyber risk management approach actually starts with the leadership. Recent IMO guidelines and the guidelines on cyber security onboard ships (version 3 produced by BIMCO et al) makes it very clear that “effective cyber risk management should start at the senior management level”.

So developing emergency response plans with senior management early means you’ll already know what information they expect and when.

How does your leadership team perceive the level of cyber risk in shipping? CyberOwl is working on an initiative addressing Cyber Readiness for Boards (CRfB) to uncover this, supported by the UK’s National Cyber Security Centre (NCSC) and the Lloyd’s Register Foundation. Initial findings suggest:

• a key factor that drives a leadership team’s cyber risk perception is their trust in their organisation’s ability to respond to it. If you’re a fleet IT manager, that’s you and your team. And in many cases, this is likely to be overly-optimistic. Certainly, the ability to handle a cyber attack is rarely stress-tested in shipping, unlike in some other sectors.
• the current focus for the shipping sector is on compliance. While timely, this doesn’t suffice to actually address cyber risk.
• the responsibility for cyber risk still rests too heavily on IT or HSSEQ managers.

Instead, cyber risk needs to be owned and managed as a core business risk, with ultimate accountability at the leadership level. If you are the IT or HSSEQ manager shouldering that perceived responsibility, it is in your interest to get your leadership team to understand that.

What does a cyber-ready leadership team look like? The leadership team needs to more clearly understand the cyber risks the organisation faces, ensure there is sufficient budget to ensure cyber resilience and set clear roles and responsibilities to preserve business continuity. This includes knowing what their roles are during a cyber attack crisis.

This is where cyber drills offer a useful starting point.

The concept of a drill isn’t new to shipping. Safety drills have long been a requirement either by legislation or as part of a shipmanager’s safety management system (SMS).

A scenario-based cyber exercise provides an ideal means for leadership teams to engage with and to rehearse for an effective response to a potential cyber-attack. The scenarios offer a creative license to run through both common incidents and also simulate low probability, high impact situations (also known as black swan events). It is easy to write off the need to prepare for such black swan events. And yet, Covid-19 shows us how the lack of preparedness may pose an existential threat to an organisation. Indeed, other sectors have shown how ‘doomsday exercises’ have been important to them to cope with the current crisis.

Ultimately, the goal here is to build increased awareness and understanding of cyber risks in your leadership team. It prepares them for when (rather than if) a cyber attack occurs. The drill also helps you identify ways to improve your organisation’s ability to execute effective mitigation strategies.

How would they react?

What information would they need to make decisions?

Who do you need to communicate with and when?

MPA has released maritime cyber risk management for shipowners,  ship  managers,  operators,  and  masters  of  Singapore-registered ships subjected to the ISM Code, and MPA’s ROs.

This circular provides information on the requirement to incorporate maritime cyber risk management in the safety management systems (SMS) of companies operating Singapore-registered ships.

Cyber risk management refers to the process of identifying, analysing, assessing, and communicating a cyber-related risk and accepting, avoiding, transferring, or mitigating it to an acceptable level, considering costs and benefits of actions taken to stakeholders.

Maritime cyber risk refers to a measure of the extent to which a technology asset is threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised. The goal of maritime cyber risk management is to support safe and secure shipping, which is operationally resilient to cyber risks.

As affirmed in Resolution MSC. 428(98)1 (Annex A), an approved SMS should take into account cyber risk management in accordance with the objectives and functional requirements of the ISM Code2, MPA will require cyber risks to be appropriately addressed in the company’s SMS no later than the first annual verification of the ISM company’s Document of Compliance after 1 January 2021.

In line with the guidance presented in MSC-FAL.1/Circ.3 (Annex B), to consider cyber risks as being appropriately addressed in SMS, the ISM company is required to demonstrate that they have appropriately incorporated the five functional elements to address maritime cyber risks, namely:

Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations;
Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations;
Detect: Develop and implement activities necessary to detect a cyber-event in a timely manner.
Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber-event;
Recover: Identify measures to back-up and restore cyber systems necessaryfor shipping operations impacted by a cyber-event.

ISM companies of Singapore-registered ships are reminded to review the identified risks to its ships, personnel and the environment and to establish appropriate safeguards to ensure that maritime cyber risks are appropriately addressed in the SMS, and that the five functional elements stated in para 5have been incorporated into their risk management framework.7.

MPA has co-funded several maritime cyber security courses under Maritime Cluster Fund and Training@MaritimeSingapore. MPA is also aware that Recognised Organisations (ROs)have developed maritime cyber security training courses and relevant consultancy services to assist ISM Companies in developing and preparing their cyber risk management strategyand procedures.

Source: portnews

The COVID-19 pandemic has seen classification societies around the world adapting their services to cope with global travel restrictions, allowing inspections to be conducted remotely and for more services to be available online. For the Korean Register, increasing digitalisation and embracing new technologies has been a long-held strategy and the society quickly adapted its services to support customer’s business operations in these challenging times.

KR’s remote survey service was launched over a year ago and is well established, conducted via bi-directional communication with a vessel, by sharing photographs, video contents and digital images from the ship. It can be completed effectively and confidently anywhere in the world without requiring a surveyor’s attendance on board.

Travel restrictions as a result of COVID-19 have prevented KR from conducting some physical surveys and the need for social distancing has made it impossible to send surveyors on board ships. In these cases, KR has been granting extensions for one month or the period of a voyage to the next port, whichever is longer, in close consultation with the relevant flag administrations. In addition, KR has been using a range of remote survey techniques which have been undertaken with the authorization of the respective flag administrations.

Since the global pandemic was declared on 11 March 2020, KR has conducted a range of surveys remotely including; continuous machinery survey (CMS), 3-month extension of shaft survey, 3-month extension of boiler survey, minor damage survey, Outstanding Condition of Class (COC) or confirmation of repairs done for deficiencies or corrective actions. Overall, the number of remote surveys conducted by KR since the beginning of the pandemic has increased tenfold. KR is now working to include the inventory of hazardous materials (IHM) surveys for ships in service as well as all occasional surveys in its remote survey range.

KR has – where needed – granted force majeure extensions for vessels scheduled to dry-dock for repairs or renewal surveys in the areas acutely affected by COVID-19. In these instances, KR has liaised with the relevant flag administration to seek their agreement on the extension of the relevant statutory certificates.
The global pandemic is accelerating the pace of change in classification, with digitalization offering new opportunities and the means to adapt in this changing environment. As a result, KR is investing in technology to support the further digitalization of its classification services and has diversified its business portfolio to include third-party certification in the ASME and MED sectors and has increased its naval services to cover a wide range of technical applications ranging from patrol vessels to submarines.

Since 2014, KR has been developing its range of VR (virtual reality) based application systems. These now include a ship inspection training simulator and a ship crew safety training simulator both of which use digital 3D replicas of the relevant ships, and KR has further applications in development.

KR has been prioritizing the development and application of innovative information and ICT systems for the maritime industry for some time, such as the use of drones to conduct ship surveys, ship cyber security certification, KR’s 3D based drawing approval, e-certificates and condition-based maintenance (CBM).

Traditionally, design approval of a ship by a classification society has been a paper-based process, involving the exchange of numerous large-format drawings between the shipyard and the classification society. However, KR has developed and launched a 3D model-based (paperless) design approval system which provides a more accurate and intuitive review of ship structure.

E-certificates are already widely used as they offer a more secure way of reducing the risk of falsification. KR is authorized by many flag state administrations to issue e-certificates on their behalf, but KR expects this to increase even more moving forward.

As the shipping industry becomes more and more digitalized, so the number of cyberattacks on shipping companies and ships have increased too. An effective response and comprehensive cyber security protection measures are now essential for any maritime organization.

The classification society has provided cyber security certification services for companies and ships since 2018, and cyber security type approval services for ship networks and automated systems in compliance with IEC 62443 4-2 and IEC 61162-460 standards since 2019.

In 2021, the International Maritime Organization’s (IMO) Resolution MSC.428 (98) enters into force, which will further increase demand for company and ship cyber risk management services. As a result,

KR has established a cyber security certification process which is in line with the international security standards – ISO 27001, IEC 62443, the NIST Framework, the IMO and BIMCO cyber security guidelines.

KR’s expert cyber security team is now expanding its technology services to cover the cyber certification of newbuilds and the assessment of software conformity for ships, so its customers can respond quickly and effectively to any cyber security challenge as it arises.

Looking ahead, KR expects that, as a result of the global pandemic, there will be a significant drop in global trade which will affect cargo carried. This will lead to over-capacity in the market which will lead to an increasing number of lay-ups and scrapings – all of which will affect the work handled by KR.

But with the global population continuing to grow, it’s expected that long term growth will return. During this time, KR will continue to increase the level of digitalisation across its organisation and services and will apply new technologies to support customers businesses no matter what the challenges.

Source: By Mr Hyung-chul Lee, Chairman and CEO of Korean Register, arranged on behalf of Hellenic Shipping News Worldwide (www.hellenicshippingnews.com)

The Navy is exploring how to better protect its unmanned vessels with anti-tamper measures to prevent hacking from adversaries.

“We are looking at specifics of anti-tamper [technology] as we do for any platform, but obviously for unmanned, it’s a little bit of a different problem” because sailors won’t be on board to deal with issues that arise, said Rear Adm. Casey J. Moton, program executive officer for unmanned and small combatants.

The sea service is investing big in robotic platforms. Over the future years defense program, the Navy has allocated about $12 billion for unmanned aircraft, surface vessels and underwater systems in fiscal years 2021 through 2025, according to Bloomberg Government.

The ships could be deployed in high-risk environments without putting sailors in harm’s way.

“Although they will be under the protection of their carrier strike group, the vessels are probably at times going to have higher attrition,” Moton said during a webinar hosted by the Center for Strategic and International Studies. “That’s part of our calculus and part of the way that we’re going forward from that standpoint.”

The service is testing anti-tamper capabilities in its unnamed prototypes to address cybersecurity issues, he said.

The Navy envisions its future large unmanned surface vehicle, or LUSV, as part of the Aegis integrated control system network, which means the vehicle will still be overseen by a human who will make decisions remotely such as telling the vessel when to fire munitions, he said.

The service has taken the need to prevent tampering into account during its wargaming and other studies, Moton said. “From our standpoint, we are doing some robust things for the fact that these vessels will operate [network] capable. Certainly the cyber efforts are robust.”

Source: nationaldefensemagazine

New digitization solutions, such as big data, blockchain, automation, drones, and robotics, are enabling the maritime freight industry to introduce game-changing approaches that will significantly reduce or eliminate non-value-added activities.

Over the next five years, maritime suppliers across the value chain will increasingly adopt solutions to address security, overcapacity and accurate cost models, according to new research from ABI Research.

“Along with consolidation and pressures on profits, long-standing players must adapt and work with partners within and outside the industry, from startups to technology leaders in connectivity, AI, and more, including the competition, to align on much-needed standardization,” says Susan Beardslee, principal analyst at ABI Research. Recent examples include Wärtsilä’ s acquisition of Transas to support an intelligent maritime ecosystem and Artificial Intelligence (AI),  as well as Orange Business Service’s deal with Cargotec for smart cargo handling.

Global maritime freight transportation revenue is expected to grow from $166 billion last year to over $205 billion in 2023.

Enhanced revenues and profits will be driven by technologies best poised to disrupt the maritime shipping industry including big data and analytics, blockchain, electrification, assisted and automated operations, drones and robotics, Augmented Reality (AR), and Virtual Reality (VR).   Maritime cybersecurity, also necessary to address current and emerging threats, will have a global spend expected to rise to US$1.7 billion in 2023.

Beneficial Cargo Owners are gaining greater supply chain visibility and automation from start-ups including predictive logistics provider ClearMetal, Xenata’s crowdsourced, on-demand, real-time benchmark and market intelligence, Flexport’s digital procurement platform and Freightos’ marketplace for rate management.  Sigfox debuted a new service offering real-time geolocation tracking for containers. Industrial IOT provider ORBCOMM offers reefer management solutions as well as two-way vessel monitoring via satellite and cellular.  IBM partnered with Maersk Line on blockchain as well as with Cisco on smart connected ports.  Microsoft is partnering with OOCL on AI for maritime. Electrification is growing including efforts by Guangzhou Shipyard International Company, Port Liner, and Torqueedo.

Source: mhlnews

In response to parliamentary questions regarding the Singapore Navy’s capabilities to survey maritime traffic, in the wake of two recent incidents of ship collision (here and here) in Singapore’s territorial waters, the Minister for Defence, Dr. Ng Eng Hen provided an overview of Singapore’s approach to dealing with threats at and from the sea through an oral reply.

Dr. Ng said that Singapore adopts a Whole-of-Government (WoG) approach to ensure a comprehensive coverage of varied scenarios as well as co-ordinated responses. An overview of approach was also provided in a factsheet from the Ministry of Defence (MINDEF) released in June 2017.

Singapore Maritime Crisis Centre

The Singapore Maritime Crisis Centre (SMCC) was set up in 2011 to bring together the Republic of Singapore Navy (RSN), the Police Coast Guard (PCG), the Singapore Civil Defence Force (SCDF), the Immigration and Checkpoints Authority (ICA), the Maritime and Port Authority (MPA), and the Singapore Customs.

The SMCC maintains a comprehensive maritime situation picture, shares information between agencies and coordinates responses to deal with potential threats.

It achieved full operational capability in 2013, and serves to tighten linkages between the national maritime security agencies in the areas of (i) sense-making and threat assessment, (ii) doctrine and operations planning, (iii) conduct and monitoring of current and future operations, (iv) capability development, and (v) conduct of training and exercises. This strengthens interoperability between agencies during a maritime security contingency, allowing for a more coordinated operational response and minimising the duplication of efforts.

The SMCC comprises the National Maritime Sense-making Group (NMSG) and National Maritime Operations Group (NMOG).

The NMSG uses Artificial Intelligence (AI) and data analytics collected from multiple sources to generate unique signatures and build profiles for the close to a thousand commercial shipping vessels that pass through Singapore’s waters daily. It is able to detect deviations from these signatures, picking out anomalies and suspicious behaviour for further investigation.

The NMSG also continuously monitors indications of threat scenarios. The results of its analyses and pick-ups are shared with the relevant national agencies so that decisive actions can be taken to neutralise the identified threats. Such methods detected a possible ISIS supporter on board a tanker in 2015, and that person was barred from disembarking in Singapore.

The NMOG drives training, builds common protocols and conducts exercises to tighten operational responses between the various agencies. It has also been leading efforts to review the national maritime security response framework to close any operational gaps and build a more coordinated operational response. For example, the NMOG coordinated a layered defence plan involving all national maritime agencies to safeguard the National Day Parade, which was held at the Sports Hub in 2016.

Maritime Security Task Force

Also as part of WOG efforts, the RSN’s Maritime Security Task Force (MSTF) feeds its information to the SMCC. This information is obtained from monitoring close to a thousand ships passing through the Singapore Strait each day, through a network of sensors such as coastal surveillance radars, electro-optic devices and RSN ships on patrol. This surveillance is continuous through day and at night. MSTF comprises two groups: (i) the Comprehensive Maritime Awareness Group (CMAG); and (ii) the Operations Group.

CMAG works closely with the NMSG, national agencies, international partners and the shipping community (such as ship owners, ships charterers, agents and port operators) to share maritime information. The Operations Group comprises operations planners who undertake planning and execution of all maritime security operations. It conducts daily patrols, boarding and escort operations in the Singapore Strait and Sea Lines of Communication, to ensure maritime security and the protection of key installations and potential targets.

On a daily basis, MSTF conducts threat evaluation for every vessel calling into Singapore’s ports or transiting through the Singapore Straits. MSTF does this by deploying analytic tools to build profiles of each vessel based on attributes such as their voyage, owners, crew and cargo, as well as additional data shared by government agencies. MSTF would then decide the appropriate operational responses, which include for example, closer monitoring, escorting or even boarding the ship to mitigate the threat.

In the event of maritime incidents, the MSTF, coordinated by the SMCC, works hand-in-hand with representatives from the other national maritime agencies, to forestall and interdict any potential maritime threats. Linkages are exercised regularly in scenarios ranging from the interdiction of hijacked vessels to responses to maritime emergencies.

The MSTF’s key focus is on potential threats to Singapore, while the MPA watches over the navigation of ships in our waters. For both their purposes, the International Convention for the Safety of Life at Sea (SOLAS) mandates the use of the Automatic Identification System (AIS) to identify ships at sea.

This AIS however, does not apply to warships. For ships that are not required or have not complied with vessel identification, their presence can still be detected via our network of coastal surveillance radars and electro-optic devices.

With regard to the two recent incidents which resulted in collisions, Dr. Ng said that the sensors had detected, and identified, the vessels involved in the both collisions. In both these incidents, none of the ships were designated as potential threats to security, which was correct.

In compliance with standard protocols, they did not require close monitoring by the MSTF and by the rules of navigation under the International Regulations for Preventing Collisions at Sea (COLREGS), the master and crew of the vessels involved were responsible to guide their ships safely through. The various parties involved with the collision will now have to investigate what went wrong and what remedial actions to take if necessary. The Transport Safety Investigation Bureau (TSIB) is also conducting an investigation and have announced that they will make the findings public.

Source: opengovasia