MARITIME CYBER SECURITY Archives - SHIP IP LTD

940420p516EDNmainimg-Inmarsat-report_credit-Inmarsat1.jpg
Passenger ship safety management systems must include cyber risk management under new regulations

Mobile satellite communications provider Inmarsat has released the Cyber Security requirements for IMO 2021 report, covering new cyber security regulations from the International Maritime Organization entering into force next year and their implications for cruise and ferry companies.

Under the new resolution, passenger ship safety management systems must be documented as including cyber risk management under the International Safety Management Code no later than the first annual audit after 1 January 2021.

“As the passenger ship fleet heads towards a new regime on cyber security, this is a significant publication for anyone investigating the fast-evolving threats facing cruise vessels and ferries at sea,” said Peter Broadhurst, senior vice president of safety, security, yachting and passenger at Inmarsat Maritime. “Anyone wanting to know what the new IMO rules mean and, in Fleet Secure Endpoint, the viable solutions already available to support towards compliance can’t afford to miss Cyber Security requirements for IMO 2021.

The document highlights the changing threats to the maritime industry, with four times as many cyberattacks on maritime targets occurring since the move to home-based working due to the Covid-19 pandemic. The report also identifies the vessel-specific vulnerabilities that prompted the regulation and covers precedents for the rule development, as well as clarifying the differences between antivirus software and network endpoint security.

Inmarsat also provides guidance on Fleet Secure Endpoint, its cyber security protection, monitoring and reporting tool. The tool provides protection against phishing, spyware, botnets and other threats, and updates system status using software on the end-user’s machine.

Source: cruiseandferry


e4189522331994703fd621e2341ca023_S.jpg

Inmarsat, the world leader in global, mobile satellite communications, has released a new, free of charge report covering new International Maritime Organization obligations and their implications for cruise ship and ferry professionals. The obligations enter into force next year and the report aims to support owners, managers and captains on compliance as they work to protect passenger ship cyber security.

Published by the Inmarsat Research Programme, Cyber Security requirements for IMO 2021 offers unique insights into Inmarsat’s cyber security experience and examples of real cyberattacks on vessels, providing cruise ship and ferry owners, managers, captains, engineers and technical officers with a guide to the criteria for compliance. By IMO resolution, passenger ship Safety Management Systems must be documented as including cyber risk management under the International Safety Management Code no later than the first annual audit after 1 January 2021.

The 40-page document highlights the way threats continue to adapt and evolve, reporting a fourfold increase in cyberattacks on maritime targets that coincides with the industry’s move to home-based working through the Covid-19 pandemic. It also provides a comprehensive explanation of the often misunderstood distinctions between anti-virus software and network endpoint security.

 

Source: hellenicshippingnews


shutterstock_457561210-900x444.jpg

CIMSEC discussed the development of the 1980s Maritime Strategy and the role played by the CNO Strategic Studies Group with Admiral William Owens (ret.). Admiral Owens was part of the first SSG during 1982. In this discussion, he discusses changes brought about by the Maritime Strategy, the implementation of the Maritime Strategy concepts by the fleet, and what lessons the Maritime Strategy and SSG have for the modern era.

What was new about the Maritime Strategy and how was it a shift from 1970s concepts and plans?

For the Navy and the Marine Corps, for the entire Defense Department, and for our country the Maritime Strategy was a turning point in the Cold War! For most of the years since World War II the United States Navy and Marine Corps had been focused on how to most efficiently get land and air forces into Central Europe to protect against a Soviet attack. This was the focus of all our force planning. All our analytic efforts in the Pentagon and the grand majority of money in the defense budget was organized around that particular task. The Maritime Strategy changed all of that in profound ways.

Can you briefly describe your personal involvement in the strategy development process?

My personal role was as a member of the first Strategic Studies Group, the SSG. This SSG and the concept was set up by Admiral Tom Hayward, the Chief of Naval Operations (CNO). And it is thanks to Tom Hayward, his vision, and his leadership style, that we wound up with a Maritime Strategy that materially changed everything.

Tom Hayward established the group under Bob Murray, a wonderful gentleman who had been the Under Secretary of the Navy. My personal involvement then was as one of the eight members of that first SSG. Admiral Hayward had personally chosen the eight of us, one from each branch of the Navy and two from the Marine Corps, to spend a year together. That was a transformative year for me and for all of us. As a submariner, I had spent all of my years, about 18 of them, in the submarine force, and had very little experience in the grand strategy of the Navy or the Defense Department. Indeed, I had very little knowledge of the other branches of the Navy, such as the fighter community, the surface navy, the amphibious forces, or the Marine Corps. This year changed all of that for me personally and immersed me in what was, we thought, the principal effort to bring together a very different position for our Navy.

While Secretary Lehman had talked about a different strategic force and several had talked about the need for a more offensive Navy, never before to my knowledge had we put together such a broad view of what the Navy and Marine Corps could possibly execute as principal members of U.S. forces. It is important to note Admiral Hayward’s role in the formation and tasking of the SSG, and in his leadership in imagining the entire year for the eight of us. I will always remember that as a precious lesson of how to lead! The CNO told us personally when we asked “what was the deliverable,” that he did not know. He said, “I formed this group because I have tremendous confidence in each of you, and I expect you to spend a year with no restrictions to do something good for the United States Navy and to make the year worthwhile in every respect, including for yourself.”

Follow-up sessions with Admiral Hayward occurred only two or three times during the year, and under Bob Murray’s leadership we had no restrictions, all doors were open, and all lines of thought were encouraged. This was the only time in my entire time in the Navy that I saw this degree of complete confidence and “gutsy” leadership to do something very special for our Navy and our country.

The SSG is often cited as a key (if not the key) driver behind the emergence of the Maritime Strategy. But at the same time, other initiatives and groups, including exercises such as Ocean Venture ’81, the OP-603 strategist community, the Advanced Technology Panel, and Secretary Lehman’s personal involvement were combined with pre-SSG elements such as Sea Plan 2000 and the Global War Games. In your opinion, which of these elements were the most significant and how did they interact with each other to create what we know as the Maritime Strategy?

While many of these products were well-known to us, there were none in my opinion which laid out the specifics of a new Maritime Strategy, one that would indeed change all of the force analysis, and that would change the thinking in the Congress and in the inner halls of the Kremlin. Regarding which organization came first with the Maritime Strategy, I leave it to the readers. But from our standpoint in the SSG, we had been sent by Admiral Hayward to “do good for the U.S. Navy,” and after many, many discussions among ourselves and many other potential activities that we could have undertaken, we chose to look at how the United States Navy and Marine Corps could play a much more offensive role in what was then the great challenge, the Soviet Union. I know that others were interested in this work, the CNO’s staff was doing work on strategy, and Secretary Lehman had done some work thinking about the Navy of the future.

But for us, we were not aware of any macro-level strategy for our country that dealt with the use of offensive maritime forces. Additionally, when we were looking to brief various commands, through Bob Murray and Admiral Hayward, there was a decision that we should go and visit all of the four-star U.S. Navy commanders to represent a new way of thinking about our Navy, which we called the Maritime Strategy. So, regarding who the originator was, from our standpoint we believed that we were taking the lead and had founded something that could be very special for our country, and I believe it was the SSG who dubbed it the Maritime Strategy.

How did the SSG, and through it the Maritime Strategy, influence and spur innovation in real-world fleet operations and exercises, both at the theater and at the tactical levels? What role did the SSG’s extensive travel to operational fleet commands, or the feedback received from the theater commands and flag ranks, help influence the strategy?

Commander Art Cebrowski and I were the two most junior officers on the first SSG. The natural flow had us both involved in developing presentations, doing some writing, and then eventually being the two briefers that took the Maritime Strategy to each of the four-star commanders-in- chief of the theaters. As such we were able to internalize and absorb the many comments that we received, which were at first quite doubtful, and then in a growing way, believing that there was indeed a new way possible to use naval force. Eventually Art and I started to feel more and more confident. With Bob Murray as an enormous mentor, a shield, we had a great interface with CNO Admiral Tom Hayward to continue our work and then to broaden it.

We noticed that within a few months exercises were being conducted in the various fleets, especially Seventh Fleet, to test out some of the concepts in the field. But more importantly, each of us was blessed to move on to become more senior and start exercising these concepts ourselves. As a young one-star admiral, I was able to mass four dozen attack submarines far forward and “demonstrate to the Soviets directly that we were there in numbers.”

When we looked at the ability of the United States Navy to take the battle forward to the Soviet bastions, to the northern flank of Norway and even the Arctic, when we were able to use carriers, surface forces, and the submarine force together far forward both in the Atlantic and the Pacific, we started to realize that we were having an impact on the Soviets themselves. No longer were the bastions and the northern and western flanks totally the property of the Soviet Union. After the Cold War was over, there were intelligence reports reflecting the critical difference the Navy and Marine Corps’ positioning had had on strategic thinking in the Soviet Union and indeed in their reflection that they could not win, no matter how much they poured into their defense systems.

Why did the Maritime Strategy “work,” if it did, and what about the process has been so hard to replicate?

The Maritime Strategy worked because there was an open mind in the leadership ranks of the Navy, there were very active supporters in OP 603, and in the intelligence community. And I would note that Rich Haver was particularly valuable to us in gaming and supporting our efforts. Rich was a senior civilian, an intelligence professional working in the Chief of Naval Operations office directly in what was called Code 009. He was extremely interested in the SSG’s deliberations and participated in many of our wargames and discussions. He was also a source of information from the intelligence community, and we spent considerable time with Rich regarding the intelligence implications of our thoughts on the Maritime Strategy. We saw a lot of Rich in Newport with the SSG.

Underlying it all, of course, was Tom Hayward and Bob Murray’s terrific leadership. They were the single most important factors in driving the success of those first SSGs! I think it was hard to duplicate the work of the first three or four SSGs, as follow-on CNOs did not lead the effort in the same sense that Tom Hayward did, and there was never another Bob Murray. I think the concept is strong and could remain strong under the right leadership. In other words, “take the very best from the warfare communities, give them a free rein for a year, and ask them to deliver a product that is worth the time and effort for their Navy and Marine Corps.” I don’t think that ever happened again after the first two or three SSGs.

How did the strategy interface with the POM process? What was its budgetary and programmatic influence, what mechanisms channeled this influence, and how did these processes change over this time period?

Because of senior leadership and our exposure to all of the Navy’s four-star officers, there eventually was considerable support and understanding of what the United States Navy and Marine Corps capability was, and I believe that flowed through every branch of both services. Especially for those of us who became three- and four-star officers, we drove the Maritime Strategy as part of all of our budgeting and programmatic directions. It was a critical part of my own efforts both as the first N-8 in the Navy staff and as the Sixth Fleet commander, and then the Vice Chairman of the Joint Chiefs of Staff.

Putting pressure on the Soviet Union, and indeed realizing that the Navy and Marine Corps were operating forward, aggressively, and offensively, I believe this carried over after the Cold War ended in the way we thought about our service. It changed the paradigms of World War II. Of course, the submarine force had always been operating forward. But now we were able to operate with other branches of the Navy and Marine corps in a very offensive forward position, and we coordinated those actions with other naval forces to make a much larger difference. In many ways the Maritime Strategy was a coming-of-age for maritime forces.

What lessons can be taken from the 1980s for engaging in modern great power competition, both specifically about the role of the SSG and its functionality, and more generally about the centrality of the Maritime Strategy in 1980s great power competition?

Many of the lessons of the 1980s pertain to naval and Marine forces today, and will in the future. And when we are thinking of great power competition it allowed us to think of truly offensive and game-changing actions in the forward theaters, which pertains as much in today’s world as it did then. I predict that this will continue as we look to the future.

The lessons of the SSG were profound for me. The degree of thinking and engagement that a dedicated, supported from-the-top-group of quality officers can provide, was stunning. Art Cebrowski and I, I’m sure, had our lives changed in many ways from this experience. The leadership lessons learned from Tom Hayward, Bob Murray, and others who supported us also had a profound effect on Art and myself. And I have to add, the loss of Art Cebrowski to our entire Defense Department was a loss that is more than one could ever have imagined.

How did the strategy enhance the Navy’s ability to tell its story to outside audiences, such as Congress, the other services, and allies? How was it received and challenged by outside audiences?

The Maritime Strategy dramatically enhanced the Navy’s confidence in what it already knew in part that it could do. Whether it was with Congress, where the demonstration of the Navy and Marine Corps offensive forces working jointly with the other services became known, or with our allies, where this broad naval offensive power was broadly accepted, the maritime strategy was clearly now a part of everything we did. And in many cases, such as the United Kingdom, our allies joined as part of our forward-thinking Maritime Strategy.

Many audiences of traditionalists, including several of our four-star commanders at the time, were strongly unconvinced, even disapprovingly so. But it did not take long with continued exercises, demonstrated capability, and a realization on the Hill that this was something that could truly change America’s position in the world of military power, that there was widespread acceptance.

For many of us throughout our careers, we took pride in showing our friends and allies around the world and in the United States the true power and ability of our maritime forces to operate freely, jointly, and with substantial capability even in the most challenging areas. It is hard to say this needs to be proven now, since this is the way our country’s military services take military force forward, with naval forces on the leading edge!

Admiral William Owens (ret.) is a retired four-star U.S. Navy admiral. He was Vice Chairman of the Joint Chiefs of Staff, and was Commander of the U.S. Sixth Fleet from 1990 to 1992, which included Operation Desert Storm. Owens also served as the Deputy Chief of Naval Operations for Resources. Owens was the Senior Military Assistant to two Secretaries of Defense (Secretaries Cheney and Carlucci) and served in the Office of Program Appraisal for the Secretary of the Navy. He began his military career as a nuclear submariner. He served on four strategic nuclear-powered submarines and three nuclear attack submarines, including tours as Commanding Officer of the USS Sam Houston, USS Michigan, and USS City of Corpus Christi. He currently serves as an executive in the private sector, as well as a member of the Council on Foreign Relations.

Joe Petrucelli is an assistant editor at CIMSEC, a reserve naval officer, and an analyst at Systems, Planning and Analysis, Inc.

The opinions expressed here are the author’s own, and do not necessarily represent the positions of employers, the Navy, or the DoD.

 

Source: cimsec


freight-863449_1280-1-768x576.jpg

Subex, a provider of Internet of Things (IoT) and Operational Technology (OT) cybersecurity solutions, and SkyLab, a specialist in 5G Multi-Access Edge Computing (MEC) and Industrial IoT have announced a partnership to offer IoT and OT cybersecurity solutions and services to the maritime sector.

According to Subex’s research, shipping companies around the globe were attacked almost 1.5 million times in the last 30 days. Of these, over 64,000 attacks were highly sophisticated and carried out using complex malware and breach tactics. Social engineering, deception, and traffic manipulation were all used to create breaches and enable intrusion into core and peripheral infrastructure.

Targets for these attacks include datacenters, command and control infrastructure, navigation systems, power, and life support systems among others. The increase in volume also increases the chances of a successful breach. Thus, the industry continues to be at risk.

In addition to the rising threat to maritime infrastructure, there is also the secondary threat of potentially significant losses caused by the loss of shipping days, delays in transit of goods, damage to critical infrastructure, loss of either customer or commercially sensitive data and ransom demands. In one incident off the coast of the United States, hackers tried to take over the navigation systems of a ship and ram the vessel into a port. It was with much difficulty that the crew was able to gain control and prevent a catastrophe.

The International Maritime Organization (IMO), the United Nations specialized agency with responsibility for the safety and security of shipping and the prevention of pollution by ships, has also recognized the importance and urgency required to tackle the challenges posed by cybersecurity risks. IMO has issued MSC-FAL.1/Circ.3 Guidelines on maritime cyber risk management and adopted resolution MSC.428(98) encouraging administrations to ensure that cyber risks are appropriately addressed in existing safety management systems before the first annual verification of the company’s Document of Compliance after January 1 2021.

Through their partnership, Subex and SkyLab will be jointly offering cybersecurity solutions and services including Security Operations Center services to improve overall maritime cybersecurity posture and cyber–resilience.

 

Source: hstoday


Safeguard-Maritime-Sector.jpg

Digital threats are becoming more complex. The access, connectivity, and networking of IT (Information Technology) and OT (Operational Technology has led to increased cyber security threats and risks for many maritime operations. It’s more important than ever to stay ahead of these threats before they cause damage to your organization.

Vulnerability Management should be an inherent part of your company’s safety and security culture – ensuring the safety, security, and protection of the ship, the crew, the cargo, and the marine environment. An investment in our platform will help your operation runs smoothly and on time.


impact-covid-ports-02.jpg

Noting this threat, shipping companies are reminded of the importance of applying BMP 5 to ensure that the voyage is fully risk assessed and that ships are hardened against the security threats in the region. Similarly, it is recommended that ships rerouting southwards should route north-east of Socotra before turning South and that where possible, should maintain a safe distance from the Somali coastline in accordance with the risk assessment.

Furthermore, it is stressed that all ships in the region should register with MSCHOA and report to UKMTO as outlined in BMP 5, to ensure they are visible to the military assets deployed in the region which can assist in cases of piracy, and to ensure that they will be alerted to any threats or incidents.

 

Source: bimco


Massterly-film-still-1200x519.jpg

This partnership aims to help boost the overall cybersecurity posture of the maritime industry as ships, offshore and onshore maritime assets, communication channels and shipping infrastructure will now receive the highest levels of cybersecurity protection, threat risk management support, solutions, and services.

According to Subex’s research conducted using data from its global honeypot, shipping companies around the globe were attacked almost 1.5 million times in the last 30 days. Of these, over 64,000 attacks were highly sophisticated and carried out using complex malware and breach tactics. Social engineering, deception, and traffic manipulation were all used to create breaches and enable intrusion into core and peripheral infrastructure.

Targets for these attacks include data centers, command and control infrastructure, navigation systems, power, and life support systems among others. The increase in volume also increases the chances of a successful breach.

In addition to the rising threat to maritime infrastructure, there is also the secondary threat of potentially significant losses caused by the loss of shipping days, delays in transit of goods, damage to critical infrastructure, loss of either customer or commercially sensitive data and ransom demands. In one incident off the coast of the United States, hackers tried to take over the navigation systems of a ship and ram the vessel into a port. It was with much difficulty that the crew was able to gain control and prevent a catastrophe.

Through this partnership, Subex and SkyLab will be jointly offering cybersecurity solutions and services including Security Operations Centre services to improve overall maritime cybersecurity posture and cyber–resilience.

Vinod Kumar, managing director & CEO, Subex, said: “This alliance combines Subex’s deep expertise in cybersecurity and SkyLab’s strengths in 4G/5G mobile edge computing and core networking technologies to reliably accelerate, monitor and inspect traffic whilst adapting to dynamic connectivity conditions at sea.  This association will help secure the industry and ensure compliance to standards whilst offering reliable protection to both critical and non-critical systems.

“We are delighted to partner Subex in addressing one of the core concerns of the shipping industry – cybersecurity. Together, we endeavour to empower reliable, secured, and cyber-resilient shipping lanes globally by partnering maritime stakeholders, and enable them to secure of their operations, assets, people as well as data,” said Stephen Ho, group chief operating officer, SkyLab.

Caption: The partnership between Subex and SkyLab aims to boost cybersecurity in the maritime industry

 

Source: thedigitalship


cyber_security_whitepaper.jpg

The enduring feature of cyber threats is their ability to adapt and evolve, with new lines of attack developed as barriers are put in place, and strategies to expose vulnerabilities constantly emerging. A June 2020 White Paper** from the British Ports Association and cyber risk management specialists Astaara suggests that reliance on remote working during the COVID-19 crisis coincided with a fourfold increase in maritime cyber attacks from February onwards, for example.

In fact, cyber security was ranked as the second highest risk for shipping in 2019, behind natural disasters, according to a survey of over 2,500 risk managers conducted by Allianz. Given that, according to IBM, companies take on average about 197 days to identify and 69 days to contain a cyber breach, it is clear that an attack on a vessel’s critical systems could threaten the safety of a ship as well as the business of shipping. The fact that a 2019 Data Breach Investigations Report from Verizon indicates that nearly one-third of all data breaches involve phishing provides one indicator that, where cyber vulnerabilities exist, the ‘human element’ can badly expose them.

 

Source: rivieramm


maritime-cybersecurity-plan-unveiled-showcase_image-8-a-15713.jpg

ntelligence company applying AI to transform global maritime trade, announced today that it has partnered with The Caribbean Community Implementation Agency for Crime and Security (CARICOM IMPACS), an organization of fifteen Member States and five Associate Members in the Caribbean as well as CARICOM’s Regional Security System (RSS), a treaty organization comprising of Barbados and other countries in the Eastern Caribbean. Windward’s AI-powered maritime intelligence platform will empower CARICOM IMPACS and RSS to support CARICOM Member States in their fight against drug trafficking and illegal activities in the Caribbean’s exclusive economic zones.

As the entryway to the Gulf of Mexico, the Caribbean Sea is a main stop-over in the trade route from South to North America and illicit activities such as drug trafficking and other types of smuggling are becoming increasingly commonplace, especially in light of recent sanctions placed on Venezuela. Despite a decrease in general maritime activity in the region during the COVID-19 pandemic, there has been an increase in illicit maritime activities in the Caribbean in recent months. Windward’s platform will support CARICOM Countries, through CARICOM IMPACS and RSS, in their fight against illicit activities by providing a real-time view of the maritime ecosystem and offering AI-powered risk assessments of vessels, companies, shipowners, and all other stakeholders in the maritime domain.

“Windward’s solution is key in our fight against illegal activities,” said Lieutenant Colonel Michael Jones, Executive Director (Ag) of CARICOM. “As illegal shipping methods are becoming more advanced, we turned to Windward’s industry-leading Maritime AI solution to assist in detecting these activities and flagging vessels that are suspicious, enabling us to assist CARICOM Member States to crack down on illicit trade, minimize and/or prevent illegal fishing, and surveil the maritime domain, beyond AIS monitoring.”

Windward’s Maritime AI is powered by hundreds of behavioral analytics models and over 10 billion data points, giving authorities the power to make smarter decisions, faster. Relying on thousands of case studies and a vast array of parameters including vessel routes, Dark Activities, and unusual changes in course, Windward’s platform analyzes existing behaviors to predict in real-time which entities are likely to be involved in illicit activities. Windward’s solution is the new global standard in maritime control, enabling government bodies to protect their borders, national interests, and citizens. The partnership with CARICOM IMPACS and RSS comes on the heels of Windward’s announcements of a partnership with the EU’s Maritime Analysis and Operations Centre-Narcotics (MAOC-(N)) in October 2020 and the European Border and Coast Guard Agency, Frontex in January 2021.

“We are thrilled that CARICOM has chosen Windward to help protect its territorial waters throughout the Caribbean,” said Ami Daniel, CEO and Co-Founder of Windward. “The Caribbean Sea is a major point in the trade route of illegal substances leaving South America and of sanctioned oil leaving Venezuela. Using Windward’s Maritime AI technology and real-time insights, CARICOM is strengthening its defenses against these activities and enhancing the transparency needed into the global maritime domain to protect its borders.”

 

Source: prnewswire


computer.jpg

Maritime digital transformation is in its most rapid and turbulent era. Such a transformation offers substantial advantages and benefits, but with commensurate risks in the cyber domain.

On June 16, 2017, the International Maritime Organization (IMO) adopted Resolution MSC.428(98) that “encourages administrations to ensure that cyber risks are appropriately addressed in existing safety management systems (as defined in the ISM Code) no later than the first annual verification of the company’s Document of Compliance (DOC) after 1 January 2021.” The same year the IMO developed related guidelines (MSC-FAL.1/Circ.3). While the resolution is a formal acknowledgement of the importance of cybersecurity by the UN agency, the guidelines highlighted that effective cyber risk management should start at the senior management level.

But even smart and elaborate risk management will not be effective until appropriate cyber awareness arises among all those engaged in the maritime world. The human element is the most valuable but also the most vulnerable in maritime cybersecurity. While modern technology affords a measure of protection against direct hacking, social engineering has become the most prevalent vector for cybercrime.

There is a popular opinion that the direct targeting of senior leaders (known as whaling attacks, or CEO fraud), is the most probable scenario for a lucrative cyberattack. In cases of success, offenders can get access to sensitive data or even entire networks and affect many processes within the system. In some cases, attackers could even get options to direct groups of ships. On the other hand, such a “whaling attack” is a complicated process with disputable chances of success. The obligation senior executives have toward cyber risk management is fast becoming a standard assumption. These leaders are becoming more and more aware of these hazards and are better maintaining prudent behavior to reduce cyber risks to themselves personally. Much simpler is the method of attempting to socially engineer other types of maritime workers, who at first sight appear less significant than executives, but who also enjoy broad access to maritime systems and networks.

There are two main groups that can be distinguished as desirable targets. The first group includes crewmembers onboard commercial vessels and naval ships, especially those who have direct access to the ship’s control systems or important elements of shipboard systems, like communications, engines, or cargo handling equipment and storage areas. The second group includes shore-based personnel, including technicians and advisors, third party contractors, especially those who have remote access to seaborne networks and contacts.

There are three critical areas attractive to attackers, including navigational systems and sensors, cargo handling and storage, and propulsion and power. In most cases the latter two elements require direct physical access to effectively access critical systems. In contrast, navigational systems are perhaps among the most advanced networked and digitally accessible systems onboard.

If cyber intruders got access to ECDIS (the Electronic Chart Display and Information System), they would be able to attempt offensive options such as jamming  or corrupting signals received from external sensors (GPS, AIS, Radar/ARPA, Navtex), gathering critical hydrographic information, and tampering directly with the Electronic Navigational Chart (ENC). While official ENCs often feature highly protected data, unauthorized access to the ENC’s manual correction option can be disruptive. Hackers could also go for the simpler option of disabling the operating systems of the ECDIS workstations, where in the majority cases this is a commonplace Windows operating system, and not necessarily the latest version. With the highly integrated bridge navigational systems of modern chemical tankers and passenger ships, attackers could even target the ship’s auto-steering algorithm.

Unauthorized access to such an important navigational system can be obtained with malware accepted by equipment operators via their email client and personal social media profiles. Today, with the internet widely available onboard modern commercial vessels, shipboard personnel can freely use their personal mobile devices or laptops for web access and private communications. At the same time, cybersecurity hygiene and best practices are often neglected, and the same personal devices can be used for operational data storage and transfer, including transferring data to and from ECDIS workstations.

Imagine a scenario where a chemical tanker was chosen as a target by a hacking group. Information regarding the vessel’s static and dynamic (course/speed/position) data, crew composition, type and quantity of cargo, destination, captain’s name, and other items of interest could be collected from the web. Attackers could search and exploit the social media networks of crewmembers, preferably the targeted vessel’s bridge team member. The task is made easier by social media networks and websites focused on professional groups and employment.

During the second stage, the stage of evaluation, the opted profile is carefully examined by the offenders for weakpoints. Nowadays, the majority of social media users are registered across several platforms, such as those focused on personal and professional connections, as well as entertainment preferences. Therefore adversaries can gain information not only about the mariner’s place of service but also about their family, hobbies, places visited, and other information that could be relevant to designing a socially engineered attack.

Their objective will be to obtain unsanctioned admittance into the vessel’s systems. The targeted person can either be blackmailed or contacted by a fake profile of a trusted contact with the aim of dispatching malware via the victim’s access. An untrained and unaware navigational officer could install the malicious software to the navigational computer, under the guise of ‘colleague’s friendly tip.’

A socially engineered attack can be made to seem more credible when shore personnel, such as technicians or support desk members, are targeted. With almost the same measures in searching, evaluating, targeting, and hacking, perpetrators can infiltrate and attack even larger groups of ships due to how shore professionals often have access and jurisdiction over many vessels.

More nefarious intentions could include causing a chemical spill, setting a ship on a collision course with a naval ship or a passenger vessel, or damaging critical shore-based infrastructure. In respect of these scenarios, maritime cyber threats should be considered as a matter for the International Ship and Port Facility Security Code (ISPS), and not only the International Safety Management Code (ISM). The ISPS code consolidates various constructive requirements so that it can achieve certain objectives to ensure the security of ships and ports.

There are some important requirements under the ISPS. The security-related information exchanges among the appropriate contracting agencies, both government and private, include collecting and assessing the obtained information and further distributing it. Correspondingly, definitions are included for the relevant communication protocols for vessels and port facilities for uncomplicated exchanges of information. Another important element is attempting to prevent any unauthorized access on a vessel, port facility, or other important restricted areas. Even if unsanctioned entry is not a threat, it is always regarded as a potential danger.

The ISPS also regulates provisions of different options for alarm-raising in case a security-related incident is encountered or potential danger is evaluated. It seems logical enough to apply similar requirements for maritime cybersecurity. There are several main tasks to consider: cybersecurity information collecting, evaluation and exchange between concerned parties; prevention of unauthorized access; malware and spyware installation or transfer; and appropriate training of personnel.

Eventually, regulation should be introduced regarding the human element. Specifically, trainings and exercises should be introduced for vessels’ crew and port facilities’ staff to ensure their awareness with the security plan and that there will be no delay in procedure execution in case of a real threat. Advanced cybersecurity training and education should be encouraged, especially for critical staff like watchkeeping officers or engineers. The purpose of such an education would be to gain knowledge and develop skills in cybersecurity in order to anticipate threats at early stages. Trained personnel should also be ready to prevent unauthorized access to critical equipment and systems and be vigilant for particular malfunctions that could be caused by illicit infiltration. In cases of potential penetration, staff should be skilled enough to insulate affected areas of the system without losing control of the vessel. Their proficiencies should include the ability to manage a transition to emergency manual control and utilizing classic techniques in seamanship and communication.

Maritime security, through cybersecurity, will become a much more complex endeavor. It will require a considered combination of the human element, technical innovation, management procedures, security protocols, and classical maritime know-how. Considering the lack of cyber-awareness among some mariners, a transfer of malware from a personal device to a ship’s navigational system is just a matter of time. The international maritime community should accelerate and strengthen efforts to develop adequate measures to withstand future challenges in the maritime cyber domain.

Leonid Vashchenko is a professional mariner, currently serving as a chief officer on board ocean-going commercial vessels. He holds a Masters Degree in Marine Navigation from the National University “Odessa Maritime Academy,” Ukraine, and is a active member of the Nautical Institute, London. His views are his own and do not necessarily represent the official views or policies of the organization or companies he is employed with.

 

Source: cimsec