Cyber defence expert Naval Dome and the offshore division of a supermajor have completed a joint project to identify and mitigate cyber risks common to offshore deepwater drilling rigs.

Findings from the two-year project, culminating in the installation and pilot testing of Naval Dome’s Endpoint cyber defence system aboard drilling rigs in the Gulf of Mexico, indicate that the minimum industry guidelines, regulations and security techniques are out of step with current platform technology, connectivity requirements and cyber-attack methodology.

In a joint research paper presented at an Offshore Technology conference in Houston last week, the authors state: “Activities over two years have demonstrated shortfalls and real challenges that need to be addressed if we are to create a more cyber-secure deepwater drilling rig environment.”

In presenting the Cyberdefence of Offshore Deepwater Drilling Rigs paper to conference delegates, Adam Rizika, Head of Strategy, Naval Dome, said: “Where systems installed on offshore platforms had traditionally been isolated and unconnected, limiting cyber hack success, the increase in remote monitoring and autonomous control, IOT and digitalisation has made rigs much more susceptible to attack.”

Going on to reveal how the test rigs’ OT (operation technology) networks were penetrated using a software installation file for dynamic positioning (DP) and workstation charts, Rizika, explained that Naval Dome simulated an OEM service technician unwittingly using a USB stick with malicious software containing three zero-day exploits.

“The modified file was packaged in a way that looked and acted like the original one and passed anti-virus scanning without being identified as a cyberattack or picked up by the installed cyber network traffic monitoring system,” he said.

Although the attack was carried out internally, Rizika noted remote execution was feasible using the rig’s externally facing network connections.

“Penetration testing confirmed how a targeted cyber attack on a deepwater drilling rig could result in a serious process safety incident, with associated financial and reputational impact,” he said.

In the paper, the authors state that pilot tests confirm traditional, “perimeter type” IT transplanted OT cyber security solutions, such as anti-virus, network monitoring and firewalls, are not enough to protect critical safety and processing equipment from attack, leaving rigs vulnerable.

“It is abundantly clear that more advanced purpose-built solutions are needed to better protect an offshore platform from exposure to external and internal cyber attacks, whether targeted or otherwise,” reported Rizika.

The paper goes on to highlight a shortage of OT cyber domain skilled staff, regulation and controls that are slow to evolve and be implemented, an IT-centric approached being applied to an OT environment, and a mismatch between drilling rig systems and equipment and their supporting software.

Rizika said: “Although industry guidelines and regulations offer minimum standard requirements, we found the advancement in rig technology, connectivity and cyber-attack methodology has outpaced the regulations, driving the need for a more comprehensive approach.”

Commenting on the project’s findings, Naval Dome Chief Executive Officer Itai Sela, said: “The project and successful pilot testing of a multi-layer cyber defence solution aboard these rigs has demonstrated that both new and legacy OEM systems can be better protected from internal and external cyberattack vectors, without the need for expensive equipment upgrades, or higher overheads that lead to an increase in total cost of ownership.

“Results to date demonstrate that the endpoint system is robust and can operate without interfering with ongoing rig operations. The cost of upgrading the obsolete systems is high, and even if upgrades are undertaken vulnerabilities can still remain.”

By approaching the problem differently, Naval Dome and the oil major  believe that the attainment of a cyber resilient environment can be accelerated onboard offshore installations at a critical time for the industry.

Source: maritime-executive

Piracy is no longer just a matter of gangs entering your yacht in the middle of the night. The threat of cyber space is building up rapidly, with the potential of posing even bigger risks, to the owners, their family and the crew. Good training can help.

This Cyber Security for Superyacht online course provides you with knowledge about common cyber attacks that the ship’s crew can face. Additionally, the course suggests best practices for the protection against cyber threats. As a result, all aboard are better protected.

This course aligns with:

The ISM Code (MSC.428 (98) Maritime Cyber Risk Management in Safety Management Systems)
MSC-FAL.1/Circ.3 Guidelines on maritime cyber risk management
ISO/IEC 27001 – Information Security Management, 2013
BIMCO Guidelines on Cybersecurity Onboard Ships(v4)

Source: stcw.online

In the last two decades, the cases of cyberattacks against Institutions have increased exponentially, so much so that they pose a real threat to the defense of the state and organizations.

As the global shipping and commerce industry becomes increasingly dependent on highly sophisticated technical equipment and software to keep it running efficiently, it also becomes more vulnerable to the risks that cyberattacks pose – herein lie the importance of maritime cyber security

SEAFUTURE is the convention on maritime and dual-use technologies, designed to provide civil or military Institutions and Organizations with the progress of science in the maritime industry and defense, also and above all about the theme of maritime cyber security.

From 29 September to 1 October 2021 Telsy will participate in the SEAFUTURE 2021 convention, at the naval arsenal of La Spezia, during which the major national and international defense and security players engaged in the maritime field will be present.

THE CYBER THREAT

Some of the major factors that make maritime cybersecurity such a topical topic are the proliferation of automated systems onboard ships, the integration of multiple systems, the growing ability to monitor systems remotely, and the fact that all of these systems rely on the Internet for their connectivity.

Ships and ports can be damaged by malware, system failures, and other harmful computer activities. That’s why maritime cybersecurity must be able to better protect and inform sea workers who rely on technology to assist them in everything from vessel navigation and control to cargo and shore management issues.

The Internet of Things (IoT) can make a home smart and more efficient, but at the same time make it vulnerable to hackers looking to disable its security system and steal the personal data of its occupants.

Ships that rely on advanced technologies can be equally vulnerable. For this reason, maritime cyber security is as much about the adoption of new technologies as it’s about the awareness of the susceptibilities that derive from that technology.

For further information, an article on the risks deriving from cyber threats is available on our blog.

MARITIME CYBER RISK

Maritime cyber risk aims to quantify how much a technological asset may be threatened by a potential circumstance or event, which could lead to operational, security, or compromise-related failures of information or systems. From these assumptions arises the need for effective maritime cyber risk management.

Cyber risk management refers to the process of identifying, analyzing, evaluating, and communicating an IT risk and accepting, preventing, transferring, or mitigating it at an acceptable level, considering the costs and benefits of the actions taken by the stakeholders.

In this sense, cybersecurity represents a conditio sine equa non to affirm substantial success for the marine industry.

THE MARITIME EMPOWERMENT

Italy – and the enlarged Mediterranean in general – is an essential crossroad for world trade and shipping. Located in the center of the Mediterranean basin and “closed” by the two most strategic “choke points” of the old continent (the Strait of Gibraltar and the Suez Canal), it has the potential to be the protagonist of the international maritime transformation.

With the growing need for greater quantities of traded goods and the newly formed Italian EEZ (Exclusive Economic Zone), the entire private and institutional maritime organization is in an epochal modernization and development process about its capabilities.

Among these, cyber security is an indispensable element for virtuous and far-sighted development.

TELSY AT SEAFUTURE 2021

During the SEAFUTURE 2021 convention, the hot topics in the fight against cybercrime and, in particular, maritime cyber security will be exposed. The event will be attended by the major exponents in the field of industry and maritime defense, both in the civil and military sides.

Competence Center of the TIM Group in the cyber and crypto sector, Telsy provides innovative security technologies to support strategic assets and critical infrastructures in the fight against maritime cybercrime.

On September 30 Telsy, in addition to exhibiting its technologies, will be the official sponsor of the main event dedicated to cybersecurity, during which Eugenio Santagata, CEO of the company, will speak.

Source: telsy

SeaCyber is a specialist Marine Cyber Security Consultancy. Our important work, aligned with industry guidelines, helping clients across the marine sector to not only identify and evaluate their most critical vulnerabilities but to establish the essential frameworks and solutions to mitigate or eliminate any potential threat and ensure regulatory compliance.

Source: seacyber

The primary mission for cyber security on a superyacht is ensuring that the guest experience is transparently fulfilled. Our experience in providing cyber security to superyachts has demonstarted to us that one size doesn’t fit all and we have had to learn through trial and error which cyber security technologies, which work well on a terrestrial deployment, don’t work for maritime.

CND also supply preformed packages of cyber security services, according to the size of ship, risk, or budget. (Bronze, Silver and Gold) each crafted to meet the IMO 5 elements of Cyber Risk Management for both Information Technology (IT) and Operational Technology (OT). Our Platinum package is designed for fleets of ships, where resources are shared across the fleet to save money and provide correlated cyber security situational awareness.

From the 1st of January 2021, cyber security will come under the remit of the International Safety Management System (ISM) Code, supported by the IMO Resolution MSC.428(98), requiring ship owners and managers to assess cyber risk and implement relevant measures.

Source: cndltd

Source: franman

The Marine Transportation System (MTS) should be on heightened alert as a result of two recent developments. The first is a cyber-attack impacting port operations at container terminals in several South African ports due to “an act of cyber-attack, security intrusion and sabotage.” The impacted terminals use a popular Terminal Operating System (OS) widely used throughout the U.S., and certain processes handled by the Terminal OS were suspended as a result of the cyber-attack. The attack is believed to be related to the “Death Kitty” ransomware, although full details are still not available.

The second development is the recent release of leaked Iranian documents detailing research into how a cyber-attack could be used to target critical infrastructure, including MTS entities. These documents cover research into topics such as how to use ballast water systems to sink a vessel and how to interfere with MTS satellite communications.

Coast Guard Cyber Command is continuing to monitor these situations and is fully engaged with cybersecurity agencies worldwide to identify and take action to mitigate vulnerabilities and threats to the MTS.

The Coast Guard strongly encourages vessels and facilities operating in the MTS to take prompt action in the following areas:

• Review controls protecting Operational Technology,
• Closely monitor network and system logs for any signs of unusual activity,
• Review incident response plans, security plans, business continuity plans, and disaster recovery plans,
• After reviewing these plans, with the context of these recently identified threats, implement increased security measures to mitigate any identified vulnerabilities.

Any Breach of Security or Suspicious Activity resulting from Cybersecurity Incidents shall be reported to the National Response Center at 1-800-424-8802 in accordance with CG-5P Policy Letter No. 08-16, Sections 3.B.ii-iv. You are strongly encouraged to report any abnormal behavior with your operational technology to your local Coast Guard Captain of the Port or the CG Cyber Command 24×7 watch at 202-372-2904 or CyberWatch@uscg.mil, as it may related to the developments described in this article.

As part of the effort to protect the MTS, Coast Guard Cyber Command has created Cyber Protection Teams and the Maritime Cyber Readiness Branch as detailed in the Cyber Strategic Outlook released on August 3, 2021.  Additionally, the Coast Guard is in the process of hiring 40 individuals as Marine Transportation System Specialists (MTSS)-Cybersecurity, to further aide in the coordination of efforts at our Area, District, and Sector/Marine Safety Unit Commands to strengthen the MTS against cybersecurity attacks.

If you are a stakeholder in the MTS and would like to assist in our effort to combat cybersecurity attacks against the MTS, please reach out to your local Captain of the Port to become a part of their Area Maritime Security Committee (AMSC).  Many Committees have established cybersecurity subcommittees for the specific purpose of hardening our nation’s ports against cybersecurity attacks.

Source: hstoday

The crippling ransomware attack against the Colonial oil pipeline in the U.S. in May 2021 should be a wake up call for the maritime industry. As a critical part of the global supply chain, the shipping industry could become an attractive target for cyber criminals and politically motivated attacks. Marine insurer Allianz Global Corporate & Specialty explores these challenges in its latest Safety & Shipping Review 2021.

The 9,000km long Colonial Pipeline, which connects some 30 oil refineries and nearly 300 fuel distribution terminals, was brought down by a cyberattack, which resulted in petrol shortages across the eastern U.S. The company paid a $4.4 million ransomware demand to hacking group DarkSide in return for getting its systems back online.

The attack has far reaching implications for critical industries, including shipping. Not only did it reveal weaknesses in cyber security, but also the attractiveness of critical infrastructure to cyber criminals and nation states. Given its perceived success, the attack could encourage similar attacks, and result in tougher cyber security requirements and higher penalties for critical service providers.

Ransomware has become a global problem. All four of the world’s largest shipping companies have been hit by cyberattacks, including the Mediterranean Shipping Company (MSC), which suffered a network outage in April 2020 from a malware attack, and CMA CGM SA, which was hit with a ransomware attack in September 2020. Even the International Maritime Organization (IMO) was recently targeted by a cyberattack, forcing some of its services offline.

According to security services provider BlueVoyant, shipping and logistics firms in 2020 experienced three times as many ransomware attacks last year as in 2019. A spike in malware, ransomware, and phishing emails during the pandemic helped drive a 400% increase in attempted cyberattacks against shipping companies through the first months of 2020.

“To date, most cyber incidents in the shipping industry have been shore based, including ransomware and malware attacks against shipping companies and ports,” said Captain Nitin Chopra, Senior Marine Risk Consultant at AGCS. “But with growing connectivity of shipping, and with the concept of autonomous shipping, cyber will become a more important exposure that will require more detailed risk assessment going forward.”

The shipping community has grown more alert to cyber risk over the past couple of years, in particular in the wake of the 2017 NotPetya malware attack that crippled ports, terminals and cargo handling operations. However, reporting of incidents is still uncommon as owners fear reputational risk and delays from investigations. Meanwhile, cyber security regulation for ships and ports has been increasing. In January 2021, the IMO’s Resolution MSC.428(98) came into effect, requiring cyber risks to be addressed in safety management systems. The EU’s Network and Information Systems Directive also extends to ports and shipping.

Increased awareness has translated into an increased uptake of cyber insurance by shipping companies, although mostly for shore based operations, according to Justus Heinrich, Global Product Leader Marine Hull at AGCS. “However, the threat to vessels is growing as more and more ships are linked to onshore systems for navigation and performance management. Smart ships are coming, and we would expect demand for insurance to develop accordingly,” Heinrich said.

Geopolitical conflict is increasingly played out in cyber space, as illustrated by spoofing attacks on ships. Recent years have seen a growing number of GPS spoofing incidents, particularly in the Middle East and China, which can cause vessels to believe they are in a different position than they actually are, while concerns have been growing for a potential cyberattack on critical maritime infrastructure, such as a major port or shipping route.

“From a hull perspective, the worst case scenario is a terrorist attack or nation state group targeting shipping in a bid to inflict damage or major disruption to trade, such as blocking a major shipping route or port. While this would seem a remote possibility, it is a scenario we need to understand and monitor,” Chopra said.

“Although an accident, the recent blockage of the Suez Canal by the ultra large vessel Ever Given is an eye opener on many fronts as it shows the disruption a momentary loss of propulsion or steering failure on a vessel navigating a narrow waterway can cause.”

Source: maritimeprofessional

Piracy is no longer just a matter of gangs entering your yacht in the middle of the night. The threat of cyber space is building up rapidly, with the potential of posing even bigger risks, to the owners, their family and the crew. Good training can help.

This Cyber Security for Superyacht online course provides you with knowledge about common cyber attacks that the ship’s crew can face. Additionally, the course suggests best practices for the protection against cyber threats. As a result, all aboard are better protected.

Source: stcw