CYBER SECURITY Archives - Page 3 of 6 - SHIP IP LTD

CMA CGM and MSC to Join Maersk’s Maritime Blockchain Platform

CMA CGM and MSC Mediterranean Shipping Company (MSC) have announced they will join TradeLens, a blockchain-enabled digital shipping platform, jointly developed by A.P. Moller – Maersk and IBM.

TradeLens enables participants to connect, share information and collaborate across the shipping supply chain. The attributes of blockchain technology are ideally suited to large networks of disparate partners, says Maersk. Blockchain establishes a shared, immutable record of all the transactions that take place within a network and enables permissioned parties access to trusted data in real time.

The platform now has over 100 participants. The addition of CMA CGM and MSC will result in data for nearly half of the world’s ocean container cargo being available on TradeLens. The companies will promote TradeLens and create complementary services on top of the platform for their customers and partners.

TradeLens is already processing over 10 million discrete shipping events and thousands of documents each week for shippers, carriers, freight forwarders, customs officials, port authorities, inland transportation providers and others.

CMA CGM and MSC will operate a blockchain node, participate in consensus to validate transactions, host data, and assume the critical role of acting as Trust Anchors, or validators, for the network. The companies will be on the TradeLens Advisory Board which will include members across the supply chain to advise on standards for neutrality and openness.

“Digitization is a cornerstone of the CMA CGM Group’s strategy to provide an end-to-end offer tailored to our customers’ needs. We believe that TradeLens, with its commitment to open standards and open governance, is a key platform to help usher in this digital transformation,” said Rajesh Krishnamurthy, Executive Vice President, IT & Transformations, CMA CGM Group. “TradeLens’ network is already showing that participants from across the supply chain ecosystem can derive significant value.”

The TradeLens platform has enormous potential to spur the industry to digitize the supply chain and build collaboration around common standards, said André Simha, Chief Digital & Information Officer, MSC. “We think that the TradeLens Advisory Board, as well as standards bodies such as the Digital Container Shipping Association, will help accelerate that effort.”


Cyber Adversaries Targeting Commercial Vessels

This bulletin is to inform the maritime industry of recent email phishing and malware intrusion attempts that targeted commercial vessels. Cyber adversaries are attempting to gain sensitive information including the content of an official Notice of Arrival (NOA) using email addresses that pose as an official Port State Control (PSC) authority such as: port @ pscgov.org. Additionally, the Coast Guard has received reports of malicious software designed to disrupt shipboard computer systems. Vessel masters have diligently reported suspicious activity to the Coast Guard National Response Center (NRC) in accordance with Title 33 Code of Federal Regulations (CFR) §101.305 – Reporting, enabling the Coast Guard and other federal agencies to counter cyber threats across the global maritime network.

As a reminder, suspicious activity and breaches of security must be reported to the NRC at (800) 424-8802. For cyber attempts/attacks that do not impact the operating condition of the vessel or result in a pollution incident, owners or operators may alternatively report to the 24/7 National Cybersecurity and Communications Integration Center (NCCIC) at (888) 282-0870 in accordance with CG-5P Policy Letter 08-16, “Reporting Suspicious Activity and Breaches of Security.” When reporting to the NCCIC, it is imperative that the reporting party notify the NCCIC that the vessel is a Coast Guard regulated entity in order to satisfy 33 CFR §101.305 reporting requirements. The NCCIC will in turn forward the report to the NRC that will then notify the cognizant Coast Guard Captain of the Port (COTP).

The Coast Guards urges maritime stakeholders to verify the validity of the email sender prior to responding to unsolicited email messages. If there is uncertainty regarding the legitimacy of the email request, vessel representatives should try contacting the PSC authority directly by using verified contact information. Additionally, vessel owners and operators should continue to evaluate their cyber defense meaures to reduce the effect of a cyber-attack. For more information on the NCCIC’s services, cyber-related information, best practices, and other resources, please visit: https://www.dhs.gov/CISA.

The Coast Guard applauds companies and their vessels for remaining vigilant in the identification and prompt reporting of suspicious cyber-related activities. Questions pertaining to this bulletin may be directed to the Coast Guard Office of Commercial Vessel Compliance’s Port State Control Division (CG-CVC-2) at PortStateControl@uscg.mil.

DOWNLOAD THE BULLETIN

 

 

 


Final preparations are underway for a 12-metre-long ship to set sail from Canada and attempt the world’s first transatlantic crossing without a crew.

 

TOLLESBURY, England: 

Final preparations are underway for a 12-metre-long ship to set sail from Canada and attempt the world’s first transatlantic crossing without a crew.

The USV Maxlimer, an unmanned surface vessel, is bound for the south coast of England and will conduct deep sea surveys on the way, guided by a skipper in a control station in Britain. The voyage is expected to take about 35 days.

The ship was built by Sea-Kit International, which develops vessels for the maritime and research industries, for the Shell Ocean Discovery XPRIZE, a competition to autonomously survey the sea bed.It can launch and recover autonomous underwater vehicles but has the potential to operate in different roles with different cargo.”(It is) almost like a utility pick-up vehicle of the sea, it’s robust, it’s adaptable, it’s got a huge range,” said SEA-KIT International Managing Director Ben Simpson.

The vessel is operated by a hand-held remote control when in harbour and when at sea it can stream live data to the controller via multiple satellite links.

“What is now available through technology is very, very similar to what you have on the bridge of a ship and in many ways, I would argue, even more comprehensive,” said James Fanshawe, a director of SEA-KIT.”The controller here in this station can actually see all the way round on the horizon near real-time and in many ships it’s quite difficult to actually even see what’s behind you from the bridge of that ship,” said Fanshawe.

COMMENT

The company said it sees a future for unmanned vessels as they can remove humans from harm’s way.The team said ships that do not need to accommodate people also have significant economic and environmental benefits.”You don’t need a bridge, you don’t need a galley, you don’t need water supplies, you don’t need air conditioning and suddenly the size of that vessel becomes a fraction of the size of vessels currently being used offshore,” Simpson said.The combination of size and hybrid diesel-electric propulsion cuts fuel use by around 95 percent, the company said.

 

SOURCE READ FULL ARTICLE


Wilhelmsen Ships Services and Airbus have begun shore-to-ship trials of a new parcel delivery drone in Singapore.

The two companies pointed out that this marks the first time drone technology has been deployed in real port conditions, to deliver a variety of small, time-critical maritime essentials to working vessels at anchorage.

The maiden shore-to-ship delivery flight was made to the Swire Pacific Offshore’s anchor handling tug supply vessel M/V Pacific Centurion, 1.5km from the shoreline of Singapore’s Marina South Pier, carrying 1.5kg of 3D printed consumables.

After depositing its cargo to the shipmaster, the Skyways unmanned air vehicle returned to its base, with the entire flight taking within ten minutes.

Though small drone delivery trials from tugboat to ship have been conducted before by a number of shipping companies and service providers, shore-to-ship delivery of this range and scope has never been explored, prior to this trial, Wilhelmsen Ships Services (WSS) noted.

During the trials, Airbus’ Skyways drone will lift off from the pier with a payload capability of up to 4kg, and navigate autonomously along pre-determined ‘aerial corridors’ to vessels as far as 3km from the coast.

“Less labor dependent than delivery via launch, autonomous unmanned aerial vehicles (UAVs) can potentially reduce delivery costs by up to 90% in some ports and have a smaller carbon footprint than launch boats,” WSS said.

“The now proven, seamless operation of drone deliveries from shore-to-ship, in one of the world’s busiest ports, proves the hard work, investment and faith we, and indeed our partners, placed in the Agency by Air drone delivery project over the past two years was not misplaced,” Marius Johansen, VP Commercial, Wilhelmsen Ships Agency, commented on the successful first delivery flight.

“We are thrilled to launch the first trial of its kind in the maritime world,” Airbus’ Skyways lead, Leo Jeoh, said.

“Today’s accomplishment is a culmination of months of intense preparation by our dedicated team, and the strong collaboration with our partner, as we pursue a new terrain in the maritime industry.”

The Maritime and Port Authority of Singapore (MPA) is facilitating the trial, which started in late November 2018, through the interim use of Marina South Pier as the launching and landing point for Airbus’ delivery drone. At the same time, MPA has designated anchorages for vessels to anchor off Marina South for the trial. The Civil Aviation Authority of Singapore is also working with Wilhelmsen and Airbus to ensure safety of the trials.

 

SOURCE READ FULL ARTICLE


Singapore, Airbus Helicopters’ Skyways unmanned air vehicle has successfully completed its first flight demonstration at the National University of Singapore (NUS). The drone took off from its dedicated maintenance centre and landed on the roof of a specially designed parcel station where a parcel was automatically loaded via a robotic arm. Once successfully loaded with the parcel, the Skyways drone took off again and returned to land, demonstrating its automatic unloading capability.

This inaugural flight demonstration follows the launch of the experimental project with the Civil Aviation Authority of Singapore (CAAS) in February 2016 to develop an urban unmanned air system to address the safety, efficiency, and sustainability of the air delivery business in cities such as Singapore. The collaboration was subsequently extended in April 2017 with Singapore Post (SingPost) becoming the local logistics partner to the project.

Airbus Helicopters is the overall Skyways system architect and provider, contributing its capabilities in drone platforms as well as its concept of future parcel delivery. This concept involves systems and structures that allow drones to land, dock with secure structures, discharge or take on payloads, and then fly off to other destinations.

“Today’s flight demonstration paves the way positively to our local trial service launch in the coming months. It is the result of a very strong partnership among the stakeholders involved, especially the close guidance and confidence from the CAAS,” said Alain Flourens, Airbus Helicopters’ Executive Vice President of Engineering and Chief Technical Officer. “Safe and reliable urban air delivery is a reality not too distant into the future, and Airbus is certainly excited to be a forerunner in this endeavour.”

Airbus Helicopters is at an advanced stage of the Skyways project. The research and development phase is progressing well, with equipment and facilities installed at the NUS campus. Various tests are already underway, and the unmanned air system will be demonstrated in the university when the trial service commences this year. Campus students and staff will be able to make use of Skyways to have small parcels between 2kg and 4kg delivered to designated parcel stations within the campus, which is the size of 150 football fields.

“The Skyways project is an important innovation for the aviation industry. CAAS has been working closely with Airbus on the project, with an emphasis on co-developing systems and rules to ensure that such aircraft can operate in an urban environment safely and optimally. For Singapore, this project will help to develop innovative rules to support the development of the unmanned aircraft industry in Singapore. We are pleased with the good progress that Skyways is making and look forward to deepening our partnership with Airbus,” said Mr Kevin Shum, Director-General, CAAS.

“The urban logistics challenge is complex and an ecosystem of parcel lockers and autonomous vehicles will be a key piece to solving this puzzle,” said SingPost Group Chief Information Officer, Alex Tan. “The trial service that is taking off later this year will be an important step forward for SingPost in our efforts to develop solutions for the future logistics needs of Singapore and other cities of the world.”

“Project Skyways aligns with NUS’ vision of serving as a living lab to pilot innovative technologies and solutions. The NUS community is very excited to be the first in Singapore to experience this novel concept of parcel delivery by drones – an endeavour that could redefine urban logistics,” said NU Senior Deputy President and Provost, Professor Ho Teck Hua. “Students from the NUS Faculty of Engineering also have the opportunity to gain valuable experience as interns with Airbus for this project. We look forward to working closely with Airbus, CAAS and SingPost to carry out the campus-wide trial.”

An experimental project aimed at developing a safe and economically viable aerial unmanned parcel delivery system for use in dense urban environments, Skyways is one of a number of innovative Urban Air Mobility projects currently being researched at Airbus. These also include the Racer high-speed helicopter demonstrator, as well as the Vahana and CityAirbus autonomous flying vehicle concepts.

About Airbus
Airbus is a global leader in aeronautics, space and related services. In 2016 it generated revenues of €67 billion and employed a workforce of around 134,000. Airbus offers the most comprehensive range of passenger airliners from 100 to more than 600 seats and business aviation products. Airbus is also a European leader providing tanker, combat, transport and mission aircraft, as well as one of the world’s leading space companies. In helicopters, Airbus provides the most efficient civil and military rotorcraft solutions worldwide.

SOURCE READ FULL ARTICLE


Specialist insurer Beazley has created an innovative marine cyber insurance product to meet the rapidly developing needs of vessel owners and operators.

Should a cyber incident impact a vessel’s operational capabilities, Beazley Cyber Defence for Marine provides insurance for physical damage and loss of hire.

At the heart of the product are risk management services designed to reduce the likelihood of a cyber incident occurring and demonstrate compliance with forthcoming International Maritime Organization (IMO) guidelines. By 1st January 2021, vessel owners and operators must have incorporated measures to manage cyber risk into their existing risk management processes, which have traditionally focused on the physical risks to safe shipping operations.

There are three elements to the risk management services included within Beazley’s product: a self-assessment questionnaire; a cyber security workshop; and an on-board cyber survey.

The product has been launched at a time when operational technology has become more digitalised. New challenges have also arisen out of greater interconnectivity between shore-based and on-board systems, including those responsible for navigation, propulsion and power control. A breach of an operating system on board a vessel could, for example, lead to a grounding or collision.

The cover, which focuses on the operational technology of vessels, complements Beazley’s other marine products and existing cyber cover for information technology systems. It can be bought on a standalone basis or as part of a package.

Richard Young, Beazley’s head of hull and war, said: “Ship owners and operators are dealing with the increased threat of cyber-attack as well as the impact of human error and increasingly interlinked vessel operating technology and IT systems. Our preparation services reduce the risk of an incident occurring and the indemnity provides owners with clear cover and limits. Should the worst happen and a cyber incident impacts the smooth running of vessels, clients can be confident they are protected with affirmative cyber cover.”


BIMCO and INTERTANKO have jointly published Q&As addressing the contractual implications owners and charterers should keep in mind when chartering ships fitted with scrubbers. The Q&As highlight the key charter party clauses and concepts which should be reviewed for both time and voyage charter parties.

“We are pleased to have worked with BIMCO to provide advice and assistance for owners who have chosen this route to 2020 compliance. We will continue to develop the Q&As as experience of scrubber use develops,” said Michele White, General Counsel at INTERTANKO.

BIMCO’s Head of Contracts and Clauses, Grant Hunter, adds:

“We regularly receive questions about chartering issues relating to scrubber-fitted ships. These Q&As jointly produced with INTERTANKO will offer many useful answers as well as guidance.”

The Q&As consist of three parts. The first part deals with the implications of using scrubber-fitted ships under time charter parties, the second part deals with voyage charter parties and the third part addresses general considerations such as enforcement, fines and prohibition of open-loop scrubbers.

The main focus is on time charter parties as it is expected that this is where the use of a scrubber will have the greatest impact.

BIMCO and INTERTANKO have individually published clauses addressing the coming into force of MARPOL Annex VI Regulation 14 and 18 dealing with the reduction of sulphur oxide emissions from the current 3.50% m/m to 0.5% m/m. However, these clauses do not deal with the special operational, technical and commercial requirements of scrubbers installed on ships.

In early 2019, a BIMCO and INTERTANKO working group discussed whether there was a need for a dedicated “scrubber clause”. The working group concluded that, for the time being, no “scrubber clause” should be published. This is because the scrubber is, once installed, a “normal” piece of equipment and does not require any special status or special legal regime. The existing standard clauses (such as off-hire, drydocking and maintenance) will work in a time charter context in cases when the scrubber is not working.

 

The Q&A document is available to download from the BIMCO and INTERTANKO websites:

BIMCO: https://www.bimco.org/BIMCO-INTERTANKO-Scrubber-QA

INTERTANKO: https://www.intertanko.com/info-centre/intertanko-guidance


Overview

BIMCO’s Documentary Committee has agreed a new standard Cyber Security Clause that requires the parties to implement cyber security procedures and systems, to help reduce the risk of an incident and mitigate the consequences should a security breach occur.

In the wake of recent costly cyber security incidents involving large shipping companies, cyber security has become a major focus in the maritime industry.

BIMCO has taken a lead position on cyber security issues through its active role at the International Maritime Organization and by co-authoring the “Industry Guidelines on cyber security onboard ships”. The development of the BIMCO Cyber Security Clause has been an important part of this initiative.

The clause has been written by a small drafting team, led by Inga Frøysa of Klaveness, with representatives from shipowners, P&I clubs and a law firm, and will be published towards the end of May.

“I am very pleased to see BIMCO as the first mover on this important topic. Recent years have shown that there is a clear need for a clause addressing the contractual issues that can arise from a cyber security incident,” says Inga Frøysa.

Sharing relevant information

The clause is drafted in broad and generic language which allows for it to be used in a wide range of contracts and in a string of contracts for easy back-to-back application. It is hoped that the clause will assist parties in obtaining affordable insurance for their cyber security exposure, as the clause introduces a cap on the liability for breaches.

“It was very important to the subcommittee to impose an obligation on the parties to keep each other informed if a cyber security incident should occur, and to share any relevant information, which could assist the other party in mitigating and resolving an incident as quickly as possible,” Frøysa says.

This is done through a two-fold notification process. Firstly, through an immediate notification from the party who becomes aware of an incident to the other party. Secondly, through a more detailed notification once the affected party has had the chance to investigate the incident.

The clause also requires the parties to always share subsequent information, which could assist the other party in mitigating or preventing any effects from the incident.

The level of required cyber security will depend on many elements such as the size of the company, its geographical location and nature of business.

The clause takes this into account by stipulating that the parties must implement “appropriate” cyber security. The clause also requires each party to use reasonable endeavors to ensure that any third-party providing services on its behalf in connection with the contract, has appropriate cyber security.

SOURCE BIMCO


Maritime cyber risk management: boiling the ocean or storm in a tea cup?

 

Is the shipping industry’s most valuable commodity also its biggest risk?

As one of the world’s oldest industries, the shipping industry has capitalised on its capability to move assets around the world for thousands of years. Whether for trade, military or tourism, there are more than 50,000 ships world-wide that currently navigate our waters and facilitate both thriving economies and promote nation state security.

Know your risks and implement security measures

Our recent maritime report has explored the cyber security challenges that the maritime industry is facing now and will likely face in the future. With the increasing trend of attackers turning their attention to ships and shipping operations, more needs to be done to identify cyber risks at sea and mitigate them – a method to begin this process is to perform a risk assessment. Traditionally, a business might perform a risk-assessment periodically, say on a yearly basis, to identify what security risks need addressing, and follow this with implementing the right measures to protect against these risks occurring.

But what happens when your risk profile is constantly changing? All variables such as a ship’s cargo, employees and geography can change drastically within 24 hours as a ship makes its journey across the world and participates in trading. The main inputs to assessing risk are therefore constantly changing, significantly more than your standard business who needs to implement cyber security measures – so how is it feasible to have confidence that ships are implementing the right security in such a unique situation?

What are the key changing risk factors?

We have identified the main factors impacting cyber security that are associated with the constant movement of trade ships as follows:

  • Route: A ship relies on multiple navigation technologies to get it safely from point A to point B without damaging it, its cargo or risking life onboard. But what if malware could ever so slightly change measurements over time, à la Stuxnet. This would have little impact in the Pacific; but in the Panama Strait it would be catastrophic and the perfect attack for criminals to launch in order to then loot a ship.
  • Cargo: A ship will be carrying multiple cargos of different market value during its route and over time. These cargos may also have different value to different territories and groups.  Cargo systems can be compromised providing intelligence to criminals who can subsequently target specific cargo ships and resell on the black market. For example, pharmaceuticals would be an attractive target due their high value on the black market.
  • Piracy: There are certain areas of the world which may be at higher risk of attack from piracy, such as the seas that border Eastern Africa. Not only could the cargo training systems be tracked to identify when ships are carrying precious cargo like gold; we understand that pirates could also manipulate systems and spoof the position of ships in distress. This would result in a longer period of time for them to carry out their physical attacks.
  • Ports and business operations: Shipping staff may engage with multiple ports and succumb to various operational processes each time, notably payment and administration regarding docking. Threat groups have been known to track ships and spoof emails to shipping companies to request payment for their upcoming or previous docking. This has resulted in ships losing money as they have been unable to distinguish what is the legitimate process for these payments – made harder when a ship uses many ports over a short period of time.

READ FULL ARTICLE


Maritime Cybersecurity Operations Center opens in Singapore

The Maritime and Port Authority of Singapore (MPA) has opened a new Maritime Cybersecurity Operations Centre (MSOC), to provide early detection, monitoring, analysis and response to potential cyber-attacks on the port state’s critical maritime information infrastructure.

The MSOC will be operated by ST Engineering at its Singapore Hub, and will conduct 24/7 monitoring and correlate data activities across all maritime Critical Information Infrastructure (CII) systems.

MPA says that the facility will have the capability to detect and monitor cyber-attacks by analysing activities in the IT environment, recognise anomalies and threats, and then initiate a response using a range of technology systems.

Key data linkages will also be established between MSOC and Singapore’s Port Operations Control Centre, in order to respond to cyber incidents in a more collaborative manner.

“Cyber threats come in many forms and have been rising steadily across the globe. As the world’s busiest transhipment hub, it is important that we safeguard our maritime and port critical infrastructure to prevent a major disruption to port operations and delivery of services,” said Niam Chiang Meng, Chairman of the Maritime and Port Authority of Singapore (MPA).

In addition to setting up MSOC, MPA has also introduced other initiatives to strengthen the cybersecurity readiness of the maritime sector, having collaborated with the Singapore Shipping Association and Singapore Polytechnic to develop a new Maritime Cybersecurity (Intermediate) Training Course for maritime personnel.

The one-day course, to be rolled out in first half of next year, will be built upon an existing basic course to allow participants to further expand their knowledge of cyber risk management and counter-measures from a practitioner’s perspective.

Other new cyber initiatives include a Maritime Cybersecurity Research programme that has been created as a collaborative effort between MPA, the Singapore Maritime Institute and other local institutes of higher learning, which will focus on the protection of shipboard systems from cyber threats, and an expansion of the existing Port Authorities Roundtable initiative to encourage greater sharing of intelligence relating to maritime cybersecurity.

SOURCE FULL ARTICLE


Company DETAILS

SHIP IP LTD
VAT:BG 202572176
Rakovski STR.145
Sofia,
Bulgaria
Phone ( +359) 24929284
E-mail: sales(at)shipip.com

ISO 9001:2015 CERTIFIED