MARITIME CYBER SECURITY Archives - Page 13 of 40 - SHIP IP LTD

With an established presence throughout China’s “near seas” in East Asia and further abroad in the North Pacific on fishery patrols, the possibility of additional long-distance deployments by the CCG should be seen as a matter of when and not if. This is especially true in waters where Chinese interests and citizens are threatened but the cooperative look of the CCG’s white hulls presents a more appealing optic than the more confrontational appearance of China’s People’s Liberation Army Navy’s (PLAN) gray hulls. One such location is off the west coast of Latin America in the Eastern Pacific on counter-narcotic patrols due the increasing problem of illegal drugs from Latin America making their way across the Pacific to Chinese consumers.

The expansion and modernization of China’s maritime forces, in particular the PLAN, has received a great deal of attention. The PLAN is also the largest navy in the world with an overall battle force of over 360 ships, including more than 130 major surface combatants and more than 60 submarines along with its own aviation arm of more than 300 land-and sea-based fixed and rotary wing aircraft of all types. The PLAN is an increasingly modern and flexible force capable of conducting a wide range of peacetime and wartime missions at expanding distances from the Chinese mainland. From counter-piracy patrols in the Gulf of Aden, to hospital ship deployments to Latin America, to submarine patrols in the Indian Ocean, and long-range operations in the Central Pacific, the PLAN is an increasingly global force. It now operates in all of the U.S. Navy’s numbered fleet areas of responsibility in support of China’s expanding interests.

Matching the PLAN’s impressive modernization is the growth of the CCG. The modern CCG is the result of the 2013 consolidation of four legacy maritime law enforcement agencies. With a combination of the agencies’ older ships, repurposed PLAN ships, and increasingly new construction, the CCG has rapidly grown into the largest maritime law enforcement agency in the world. The white-hulled ships of the CCG are now a common sight throughout China’s “near seas” within the first island chain, particularly in contested waters near features such as Scarborough Reef, the Senkaku Islands, and Second Thomas Shoal as well as near foreign drilling rigs and survey operations. Backed up by the PLAN and the ships of China’s Maritime Militia, the CCG is Beijing’s tool of choice for intimidating rival maritime claimants throughout the region. However, with 140 ocean-going ships of 1000 tons or greater—including 60 ships of 2500 tons or greater—the CCG has more than enough capacity to expand its operations beyond regional waters.

Source: maritimecyprus

Intelligence company applying AI to transform global maritime trade, is proud to announce that the US Patent and Trademark Office (USPTO) issued U.S. patent No 10,922,981 for its Risk Event Identification in Maritime Data and Usage Thereof. 

The patent relates to technology for identifying risk events for vessels by analyzing raw maritime data and constructing a vessel activity overview for each vessel. Patterns in vessel behavior are identified to indicate the occurrence of risk events, which can be validated by comparing them to other vessel’s behavior or using raw maritime data. This technique can identify risk events, including compliance risk, security risk, safety risk, and others, using reduced resources without increasing false positive metrics.

“We are pleased to have reached the remarkable milestone of having been granted this patent by the USPTO,” said Ami Daniel, CEO and Co-Founder of Windward. “Across the maritime trade industry insurers, banks, shipowners, and energy companies alike have been using manual methods to assess risk. At Windward we are revolutionizing maritime risk identification by developing proven, and now patented, methods of analysis to provide accurate and timely risk assessments which are then used by maritime professionals for decision support.”

Windward’s Maritime AI is powered by hundreds of behavioral analytics models and over 10 billion data points, giving its customers the power to make smarter decisions, faster. Windward’s AI analyzes existing behaviors to predict in real-time which companies and vessels are likely to be high risk, and which are safe to conduct business with. Windward’s solution is easily integrated into existing workflows, enabling businesses to look to the future and optimize business practices.

Source: prnewswire

The Belgian Shipping Code, applicable since September 2020, regulates under its chapter 2.5.2 which requirements ports and port facilities (such as commercially operated port terminals) must comply with in terms of maritime security.

Each port facility must, among other things, appoint a security officer and draw up a security plan, which must be submitted for approval to the competent minister charged with the North Sea.

Since the Port of Antwerp is considered an international hub for illegal traffic in drugs e.g. cocaine, the fighting of which is understandably a top priority for both the local and national authorities, the importance of maritime security has only increased in recent years. The Belgian seaports are also a point of attention in the context of the increased pressure from illicit migration.

In this context, the Minister responsible for the North Sea announced at the end of September 2021 stricter rules in the field of port security, which are expected to include increased attention to camera surveillance, increased restrictions on terminal access, and stricter penalties for intruders (who may face up to fifteen years in prison).

Undoubtedly, all stakeholders in carriage of goods from, to or via the Belgian ports will sooner or later be confronted with the above and will have to strike the right balance between the smooth continuing of their trade operations on the one hand, and compliance with the new security measures on the other hand.

Ciska Servais (administrative law department) and Ruud De Houwer (maritime and transport law department) combined the expertise of their teams and assisted the FPS Mobility and Transport in 2020 and 2021 in administrative summary proceedings concerning port security and port security plans. They will continue to closely monitor all new developments in this respect.

Source: astrealaw

When plotting a course on the open ocean, conditions rarely allow a navigator to chart a straight line home. Hazards below the surface of every ocean and the unpredictability of weather systems require a crew to consistently reassess the vessel’s position and adjust maneuvering to reach its destination safely. Both the captain and the crew are expected to navigate using all means available, a lens that should apply to approaching recommendations to reduce cybersecurity risks for the MTS as a whole: actors within the MTS must be capable of tapping into every available resource.

The approach to maritime cybersecurity must ultimately be holistic; even if every component of the MTS was cyber secure, the interconnection of the subsystems might not result in a secure MTS. Taking the steps necessary to build a secure maritime domain will require a better understanding of the cybersecurity-threat landscape, coupled with a segmented view of MTS infrastructure. This will allow developers, policy makers, owners, and regulators to match the best policy levers with particular maritime systems, and achieve better cybersecurity outcomes across the entire MTS.

This report puts forward twelve recommendations—split into three overarching themes—to help better secure all subsystems of the MTS from evolving cyber threats. First, stakeholders operating within the MTS must raise the baseline for cybersecurity across the maritime industry and shipping communities. Knowing is half the battle, and stakeholders must develop a sector-specific cyber risk framework, a global intelligence clearinghouse, and a common cyber-incident threat matrix, while pushing for an active, industry-wide vulnerability disclosure policy.

Second, MTS stakeholders must deepen their understanding of maritime cybersecurity and associated risks by building cross-sector linkages, especially through new professional and international exchanges between academia, industry, and government. Stakeholders must design MTS cyber-specific educational certifications to support these new workforce initiatives, with the goal of upskilling the industry and attracting talent into a cyber-aware MTS. Developers and the maritime industry must collaborate on eradicating systemic software vulnerabilities from MTS software. Lawmakers and regulators must complement these efforts by ensuring that MTS receive adequate resources to improve cybersecurity.

Third, executives and high-level stakeholders in the public and private sectors globally must prioritize cybersecurity as part of their broader risk management efforts, leveraging increased security measures and appropriate risk mitigations to help support long-term improvements in cybersecurity. MTS stakeholders should assess risk by relating their cybersecurity maturity to those of other sectors, like energy, better integrating cybersecurity with traditional maritime insurance coverage, and finally, improving cybersecurity proactively through multistakeholder simulations.

The bulk of these identified actions build on or integrate existing programs, such as the US Department of Energy-backed Cyber Testing for Resilient Industrial Control Systems (CyTRICS) program,¹ run across four national labs and the Department of Transportation (DOT) Maritime Administration (MARAD) 2021 Port Infrastructure Development Program (PIDP).² These programs are embedded in broader lines of policy effort and come with well-established relationships—both virtues over starting from scratch.

The maturity and effectiveness of contemporary approaches to cybersecurity in the MTS fail to reflect the vital role maritime transportation plays in supporting global commerce, diverse energy systems, and national security. Cyber threats will only continue to metastasize, accelerating both in quantity and consequence. Navigating through such turbulent waters requires an all-hands-on-deck approach—both in the United States and beyond—to improve the collective cybersecurity of the MTS.

Source: atlanticcouncil

Source: thedigitalship

The issue cyber security becomes increasingly important for maritime shipping as significant part of the global logistics chain. Just one of the latest attacks was with the malware “NotPetya” in 2017 where the shipping company Maersk alone suffered damages of several hundred million Euros, which made clear how immense the magnitude of cyber-attacks can be in maritime shipping.

Sea-going ships fall victim to cyber-attacks more and more often because they are floating data processing centres. And these data processing centres can get attacked. Which means that for example navigational systems used on board ships do not just make them susceptible to disturbances but also connect them to the internet and thus create doorways for computer hackers.

Cyber hazards also lurk in ports. Admission systems, cargo handling, steering systems for cranes and the SCADA software often used in industrial steering systems turn ports into highly connected IT systems. The more steering and navigational systems at land and sea become interconnected with other networks und entertainment systems, the easier it becomes for third parties to gain access via IT interfaces along this chain of systems.

Since this year, IMO has made it mandatory for shipping companies to protect against cyber risks. Ship operators have to integrate the relevant measures into their existing ISM systems. The BG Verkehr, the BSH and the BSI aid German shipping companies in this task. In the joint ISM Circular on “ISM Cyber Security”, these three authorities offer practical tips on the topic cyber security. Sabine Kudzielka, CEO of the BG Verkehr, emphasizes: “The experts of our Ship Safety Division are happy to support shipping companies to establish an individual cyber risk management in their enterprise. Our experts used to serve at sea themselves and know what is relevant on board.”

The Federal Maritime and Hydrographic Agency (BSH) points out its competences regarding cyber security: “The BSH is responsible for the verification of security systems on board ships flying the German flag. Furthermore, we work together with partners in scientific research on our technology development platform in the BSH system laboratory to find solutions that can prevent unauthorized access to ship systems”, explains the president of the BSH, Dr. Karin Kammann-Klippstein.

The BG Verkehr, the BSH and the BSI have agreed upon an intensification of their cooperation regarding maritime cyber security. Based on an administrative agreement, they want to sensitize shipping companies for the topic “information security”, provide support and carry out joint projects. “We want to share knowledge of and experiences with information security with shipping companies and German maritime enterprises and be a part in shaping the digital change in the shipping industry successfully,” Dr. Gerhard Schabhüser, vice president of the BSI, gladly announces. “This administrative agreement in an important step towards this goal.”

In addition, the BG Verkehr and the BSH will become a member of the alliance for cyber security and keep the BSI informed about IT security incidents in maritime shipping to create a more accurate overview of the situation. Moreover, joint publications such as guidance and checklists will get developed.

Source: deutsche-flagge

South Korea’s Daewoo Shipbuilding & Marine Engineering Co. (DSME) plans to help shipowners tighten their cybersecurity preparedness after securing certification for a new smart ship solution.

As cases of cyberattacks in the maritime industry increase, the South Korean shipbuilder said it intends to start installing its DSME Smartship Solutions (DS4) in ships after winning an approval from the American Bureau of Shipping (ABS).

DS4 is designed to protect the data and software of ships from hacking and will be installed in more than 30 vessels. With the approval, DSME can install the solutions into ships without an additional cyber security assessment.

“We believe this certification will serve as a cornerstone to advance the era of autonomous ships,” said Choi Dong-kyu, DSME’s R&D institute head.

DSME will become the first shipbuilding company to obtain ABS’ product design assessment (PDA) certification in the field of cyber safety.

South Korea is determined to be a global frontrunner in developing autonomous ships. The technology had been touted as the next generation of high-value-added ships, designed to replace the crew’s decision-making with intelligent and autonomous systems through the convergence of artificial intelligence, the Internet of Things, big data, and sensors.

However, the push towards smart ships faces risks from cyberattacks. Globally, cases of cyberattacks targeting shipping companies, ports authorities, and ports infrastructure have been on the rise. DSME was itself targeted in June, when hackers attempted to breach the company’s computer systems.

Ransomware attacks on shipping firms tripled between 2019 and 2020, with the world’s four largest shipping companies – Maersk, Mediterranean Shipping Company, CMA CGM, and COSCO – all falling victims over the last four years.

MSC suffered a network outage in April 2020 from a malware attack, while CMA CGM was hit with a ransomware attack in September 2020. Even the International Maritime Organization was recently targeted by a cyberattack, forcing some of its services offline.

“To date, most cyber incidents involving shipping have been shore-based incidents, such as attacks against ports and shipping companies themselves. But cyber threats to vessels will increase as more ships are linked to onshore navigation and performance management systems,” said the Safety and Shipping Review 2021 report by Allianz.

Source: maritime-executive

The presence of Chinese trawlers in the Indian Ocean, Arabian Sea and Bay of Bengal jeopardises India’s maritime security by fishing in India’s EEZ.

China happens to be the largest fishing nation producing approximately one-fifth of the global catch. Apart from freshwater fish, a vital part of the Chinese exports also come from the oceanic fish found in the deep sea. Interestingly, as per available reports, no fish are left in the South China Sea due to overconsumption. On the other hand, India occupies the second largest position (6.3 per cent) in producing fish that sustain 14,500,000 fishers. China does eye these fish not only for its domestic consumption but also for exporting them to support its fisheries sector. Beijing’s illegal, unreported and unregulated (IUU) fishing in other countries’ Exclusive Economic Zone (EEZ) has so far been overlooked.

According to the 2020 FAO report, “The State of World Fisheries and Aquaculture”, in 2018, China reported about 2.26 million tonnes from its “distant-water fishery” but provided details on species and fishing area only for 40 % of its”distant water catch”. Thus, it has not divulged 60 per cent of its catch from the “distant waters” data. A significant part of this 60 per cent probably comes from its illegal fishing in the Indo-Pacific region, Eastern Indian Ocean and the Arabian Sea in particular and is at the economic cost of other nations.’The IUU Fishing Index’, a civil society organisation headquartered in Geneva, ranked China first in its 2019 index.

China heavily subsidises to the extent of 94 per cent of its fishing trawlers to encourage shipping in the international waters. Further subsidies and tax benefits on selling the “distant water” catch to the foreign markets apart from various medical benefits in case of injuries while fishing provides enough incentives to its people to carry out fishing activities. It comes as no surprise that China has the world’s largest fishing fleet.

Beijing’s illegal “fishing vessels”are equipped with state of the art ‘catch and pack facilities’and are commonly sighted in the Eastern and Western Indian Ocean near the Andaman and Nicobar Islands, apart from the Arabian Sea. The 572 islands of Andaman and Nicobar witness the Chinese fishing trawlers carrying out illegal fishing as most of the islands are uninhabited. The Chinese trawlers make their way through the Coco and Greater Coco Islands and fish in the dark pitch hours, assuming that the Indian Coast Guard and Navy would not be alert.

The presence of the Chinese trawlers in the Indian Ocean, Arabian Sea and Bay of Bengal is a violation of India’s sovereignty, as the fishing zones of these seas and ocean comes under India’s EEZ, a rule well outlined by the UNCLOS in Article 56. The issue holds relevance to the national security narratives because of the following factors. First, it jeopardises India’s maritime security by fishing in India’s EEZ. Secondly, overfishing, especially in the regulated months when breeding happens, affects the marine environment. Moreover, India’s economic and cyber security can be exposed to sabotage.

From a geopolitical perspective, these “civilian” trawlers violate India’s EEZ as People’s Armed Forces Maritime Militia(paramilitary forces)accompanies them in the guise of civilian fishermen. These fishing vessels do not keep their automatic identification systems transmitter/responder activated, which is a mandatory requirement by the international agencies for fishing. Reports of 2020 suggest that around 450 such research vessels and fishing trawlers had entered various sectors of the Indian Ocean Region.

The role of Chinese maritime militia in fishing camouflage is well established. It was recognised by the PLA Daily in 2014 when it quoted that, “Putting on camouflage, they qualify as soldiers; taking off the camouflage, they become law-abiding fishermen”. The PLA controls these “fishermen”, and their objectives overlap with the Chinese Communist Party (CCP) agenda of “ocean grabbing”, a method of fishing in which the small fishers of the victim countries are denied the marine resources of their own EEZ.

As these trawlers have space for storing live ammunition, a condition made mandatory for being called “Chinese fishing trawlers” and are equipped with sophisticated intelligence and surveillance systems, they amount to incremental strategies of asymmetrical advantage in order to have a gradual maritime foothold in the water bodies surrounding India. It blurs the distinction between combatants and non-combatants, a necessary condition for hot pursuits in UNCLOS and the International Humanitarian Law (IHL). As a thumb rule, civilian trawlers cannot be carrying either the elite irregular forces, live ammunition or surveillance mechanisms. Chinese trawlers have provisions for all three. Besides that, fishing trawlers can potentially be used for trafficking drugs and arms from the Arabian Sea. The nexus of China, Pakistan and the Taliban poses serious drug trafficking issues for India. Maritime security is hence at threat because of IUU.

Militarisation of the Chinese artificial islands either in the SCS or in Feydhoo Finolhu Island can provide its militia with the possible support to accomplish the agenda of the CCP. In such a case, can the Chinese trawlers or research vessels then speak for its “right of innocent passage”?An objective of the Chinese trawlers and militia is to regularise the Chinese presence in the “distant seas”to project power that helps Beijing in both peacetime and wartime. Maritime security and the freedom of high seas thus are hence strongly co-related with Chinese illegal and unregulated fishing.

China’s illegal and unregulated fishing amounts to economic plunder of a nation’s resources as they deplete the fishery resources can result in food and employment deprivation of the people of the coastal areas of India. The fishing industry provides employment to three critical sectors- catching, processing and marketing and contributes 1.07 per cent to the country’s GDP. Fishes and Prawns are an essential source of protein in India’s coastal areas. The demand for ‘blue food’ has increased due to an increasing population worldwide and in India. Any food resource depletion would increase prices and affect the fiscal budget. Adverse effects on any of these sectors can hinder rural development and food security, thereby having the potential to cause social unrest.

From an environmental security perspective, the coral reefs near the Andaman and Nicobar Islands constitute a part of the world heritage and should be protected from the perils of IUU. Further, the use of LED lights and squid jigging equipment can eventually result in overexploitation leading to a scarcity of fish. There have been reports that illegal fishing is also done by dynamite blasts as well as bottom trawling. The Indian government also bans such materials and hence it requires more stringent measures by the necessary agencies. With an active policy of fusion of military and civilian facilities, Beijing’s shipping trawlers can also damage India’s undersea cables and cyber security.

Adoptingthe Marine Fisheries (Regulation and Management) Bill of 2019 and the National Fisheries Policy of 2020 have introduced novel measures such as the mandatory requirement for trawlers to have suitable transponders and communication systems. Nevertheless, Chinese IUU has not stopped and still poses a danger to the maritime security of India and other coastal states. In the above context, both Quad and European Union’s future Indo-Pacific policy have included IUU as an agenda for cooperation. Its strategic frustration related to Quad and AUKUS, apart from the EU’s Indo-Pacific policy, is also related to its future control of its IUU, apart from its expansionist policies.

Source: channel16.dryadglobal