MARITIME CYBER SECURITY Archives - Page 14 of 40 - SHIP IP LTD

The MTS is, at its core, a sprawling and diverse system of transportation. Each segment has its own specific purpose, set of tools, and risks. However, the MTS is a system of systems driven by the responsibilities, actions, and objectives of its players. Any ground-level understanding of the MTS must begin with a bird’s-eye view of the various players in regulating, advising, informing, and driving the maritime industry, including those specifically related to maritime cybersecurity.

Baltic and International Maritime Council (BIMCO)

BIMCO is the largest international organization representing the interests of ship owners, charterers, brokers, and agents. The group’s primary role is the preparation of global regulations and policy recommendations in many areas related to the MTS, from the environment, crew support, and insurance to maritime safety and security, ice information, and digitalization, including guidelines related to maritime cybersecurity. BIMCO membership comes from more than 120 countries and represents approximately 60 percent of the global merchant fleet (measured by gross tonnage of the vessels). With headquarters in Copenhagen, BIMCO has been designated a nongovernmental organization (NGO) by the United Nations.

Chambers of Shipping

National chambers of shipping (COS), such as the Chamber of Shipping of America (CSA) and the United Kingdom’s Chamber of Shipping, are nongovernmental trade organizations representing the interests of a nation’s shipping companies. Approximately forty national COS organizations are members of the International Chamber of Shipping, representing the interests of the maritime industry to international regulatory and standards bodies.¹ The organization strives to ensure the development, promotion, and application of best practices throughout the shipping industry, and works with key actors across the ecosystem and in the private and public sectors to do so.² The International Chamber of Shipping holds consultative status with the IMO.

Class Societies

Classification (or class) societies are nongovernmental organizations that set and maintain technical standards related to the design, construction, and operation of ships and offshore structures.³ The primary focus of these standards is on a ship’s hull, propulsion and steering systems, power generation, and other systems related to a vessel’s operation. Class societies employ a program of inspection and certification to deliver a baseline reference point on ship safety and reliability for shipbuilders, brokers, operators, flag administrations, insurers, and the financial community. The International Association of Class Societies (IACS) has ten member organizations—including the American Bureau of Shipping (ABS), Bureau Veritas (BV, France), China Classification Society, Lloyd’s Register (United Kingdom), Nippon Kaiji Kyokai (ClassNK, Japan), and the Russian Maritime Register of Shipping—and some insurers require that a vessel have a class society certification before providing coverage.⁴ IACS issues advisory recommendations related to adopted resolutions: recommendation no. 166 addresses cyber resilience.⁵

Cybersecurity and Infrastructure Security Agency (CISA)

CISA is an agency within the DHS. Tasked with guiding public-sector cybersecurity strategies in the United States, CISA enhances cyber defense across all levels of government by coordinating state cybersecurity programs and improving the government’s ability to repel cyberattacks (ranging from ransomware to attacks on the supply chain).⁶ CISA is not an enforcement agency and has no enforcement branch; instead, it focuses on risk management and, working with public- and private-sector partners, shares threat intelligence and builds a more cyber-resilient infrastructure. CISA’s Cybersecurity Division addresses many physical and cyber threats, including ICS/OT and cyber-physical system (CPS) security.

Cybersecurity, Energy Security, and Emergency Response (CESER)

CESER is an office within the DOE tasked with enhancing and improving the US energy infrastructure and supporting DOE’s national security mission. By encouraging cooperation between industry, academia, DOE national laboratories, state and tribal governments, and other federal governmental agencies, CESER aims to build an energy infrastructure and supply chain that is resilient to natural and human-made threats and makes the US energy sector stronger and more secure. CESER’s projects include coordinating international cooperation, providing grant funding, offering training and operational support, and designing training exercises. Cybersecurity preparedness, information sharing, and incident response within the sector is emerging as a major task of the CESER office.

European Union Agency for Cybersecurity (ENISA)

Originally chartered in 2004 as the European Network and Information Security Agency, ENISA is the EU’s lead agency for common standards of cyber defense throughout Europe. With headquarters in Athens, ENISA activities include the development of cybersecurity policies, cybersecurity certification programs for IT products and services, information sharing, capacity building, and cyber-awareness training programs. Recognizing the importance of the maritime sector to the EU economy and society, along with the increased digitalization of maritime facilities, ENISA has taken an active role in the preparation of maritime cybersecurity guidelines for ports.

Information Sharing and Analysis Groups

Information sharing and analysis centers (ISACs) and information sharing and analysis organizations (ISAOs) collect, process, analyze, interpret, and share actionable intelligence related to cyber and physical threats that are relevant to their particular mission. Their overarching goal is to assist their members to maintain relevant domain situational awareness.

ISACs were defined by presidential order in the United States in 1998, during the earliest efforts to define critical infrastructures and infrastructure protection. ISACs were designed to enhance private sector/public sector information sharing to aid critical infrastructure owners and operators—the vast majority of whom are in the private sector—to protect their facilities, employees, and customers against cyber and physical security threats.

The National Council of ISACs (NCI) is composed of twenty-five member ISACs, including the Maritime ISAC, the Oil and Natural Gas ISAC (ONG-ISAC), the Electricity ISAC (E-ISAC), and Maritime Transportation Sector ISAC (MTS-ISAC).

ISAOs were formed by a 2015 US presidential order to promote voluntary information sharing within industry sectors. The goal in establishing a group of ISAOs was to enhance threat-related information sharing among organizations that did not belong to an ISAC because they were not in a clearly defined infrastructure sector. The International Association of Certified ISAOs (IACI) comprises fifteen information-sharing organizations, including the Maritime and Port ISAO (MPS-ISAO).

International Maritime Organization (IMO)

The IMO is an agency of the United Nations, headquartered in London, with a mission to develop a regulatory framework for international shipping. Its primary roles address safety, environmental concerns, legal issues, security, and international technical cooperation. It is, perhaps, best known for the Safety of Life at Sea (SOLAS) Convention, a treaty first adopted in 1914 after the sinking of the Titanic, and the International Convention for the Prevention of Pollution from Ships (MARPOL), first adopted in 1983. In 2017, the IMO Maritime Safety Committee released a set of Maritime Cyber Risk Management recommendations for safety-management systems that IMO encouraged shippers to implement no later than the first annual verification of a vessel’s Document of Compliance and Safety Management in 2021; this resolution is known as IMO 2021.

Maritime Insurers

Maritime insurance dates back to Edward Lloyd’s Coffee House in London, which opened in 1686. The coverage framework for ships and cargo is among the most mature in the insurance industry and covers damage or loss to vessels, terminals, cargo, and passengers. An increasing number of marine insurers require compliance with cyber-safety guidelines issued by class societies, the International Maritime Organization, and regulatory agencies.

National Institute of Standards and Technology (NIST)

NIST, a part of the Department of Commerce, is tasked with providing standards and guidelines for making the US technology base more secure. NIST’s Cybersecurity Framework, created in tandem with stakeholders across the public and private sectors, focuses on putting forward a voluntary framework for reducing cyber risks to critical infrastructure based on existing standards, guidelines, and practices. The framework is considered one of the best current standards programs out there and is utilized often throughout the MTS. The framework consists of three main components: the core, implementation tiers, and profiles.

The core focuses on providing an overarching set of desired cybersecurity activities and outcomes in common terms that are easy to understand, with the goal of helping organizations reduce their cyber risk. The implementation tiers assist these organizations in implementing these activities and outcomes by providing context for what this looks like operationally. The framework profiles aim to take this a step further by identifying key requirements and objectives for specific types of organizations.

North Atlantic Treaty Organization (NATO)

NATO was born with the signing of the North Atlantic Treaty in 1949, in the aftermath of the dark days of World War II. With headquarters in Brussels, Belgium, NATO has thirty member nations in Europe and North America. As a primarily military alliance, one of the most significant parts of the treaty is Article 5, the mutual defense clause, stating that an attack on one member country is an attack on all. This is a very controversial concept in these days of information warfare, where the very definition of cyberwar is not codified and an appropriate response in real space to an attack in cyberspace is not defined at all. To that end, NATO has established the Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia, where research, training, and exercises are conducted in the areas of technology, strategy, operations, and law. One outcome from the CCDCOE is the Tallinn Manual, a comprehensive guide on how existing law applies to information operations in cyberspace. This manual itself is not law, but it is the nearest guidance that is available on what constitutes a war in cyberspace.

US Department of Homeland Security (DHS)

The DHS, formed after the 9/11 attacks, is a cabinet-level agency tasked with border security, immigration and customs, disaster management and response, cybersecurity, anti-terrorism, and other efforts to protect the public within US borders. DHS also oversees the CISA and the Coast Guard. DHS has funded a dozen Science and Technology (S&T) Centers of Excellence (COE) addressing a range of multidisciplinary technology solutions for homeland security. Of particular interest to maritime cybersecurity is the Maritime Security Center (MSC) at Stevens Institute of Technology.

Source: atlanticcouncil

CYBER CONFERENCE

Every year, usually within September NMIOTC holds its Annual Cyber Security Conference in Maritime Domain. The aim of the conference is to encourage participation and promotion of collaborative scientific, industrial, naval, maritime and academic inter-workings among individual researchers, practitioners, navy staffs, members of existing associations, academia, shipping companies, standardization bodies, including government departments, international organizations and agencies, public and private sector in general, regarding cyber security in maritime domain and cyber defense operations. We envisage tackling Cyber Security issues in maritime domain in a holistic, comprehensive and effective way.

Source: nmiotc

Security News Desk – UK looks at the biggest threats facing port security in today’s society and addresses why there is a vulnerability 

The maritime industry is the unquestionable driver of the global economy. Through a vast network of vessels, ports, logistical and administrative infrastructure – some 90% of the world’s goods are moved each year. Like most industries, maritime has become increasingly automated, connected and remotely monitored. 

Not surprisingly, maritime trade has also become a prime target for cyber-attackers. The sector is especially vulnerable owing to its dependence on technology for navigation, communication, and logistics. At the same time, both onboard and land-based systems are aging rapidly – a fact exacerbated by the average 25-30 year lifespan of many cargo vessels. 

This combination of vulnerability and economic centrality has led to an ever-increasing pace of cyberattacks on maritime vessels and infrastructure. The World Economic Forum cited cyberattacks on transportation infrastructure as the world’s fifth highest risk in 2020, and cyberattacks on the maritime sector increased by a staggering 900% over the last three years. Among the targets hit in 2020, the UN Maritime Agency, shipping giant MSC, and French container transport company CMA CGM. 

A high profile attack in May last year on Iran’s Shahid Rajaee port facility at Bandar Abbas illustrated the domino effect of disruption cyberattacks on port computer systems can have. This attack, considered relatively minor, nonetheless created long lines of vehicles outside the port, and led to numerous vessels being stuck in the harbour for hours. 

Source: securitynewsdesk

Fuel management technology company FUELTRAX has announced a new partnership with blockchain firm Topl to use its Blockchain-as-a-Service (BaaS) platform to support greater transparency in maritime energy trading operations. With blockchain integrated into EFMS products, each step in the energy trading process will have an equivalent digital step, including contract formation, asset tracking, and delivery of the product. As supply chain events occur in real time, each is added to the Topl Blockchain, where a tamperproof record will be maintained to provide documentation and traceability. The blockchain will link all steps for vessel fuel transfers, creating a complete verifiable digital record. Any changes made along the supply chain will be recorded immutably, and clients will be able to report on the progress of successful bunker and transfer operations. “The maritime industry knows how crucial it is to constantly improve security efforts in offshore operations. The Topl Blockchain will help us to add a layer of verification to assure vessels’ operations are performing to achieve company goals and help prove ethical practices while using FUELTRAX technology,” said Anthony George, Founder and CEO of FUELTRAX.

Source: smartmaritimenetwork

Maritime networks have become an attractive playground for hackers, with cyber-attacks on vessel OT networks and systems increasing by 900% over the past three years.  A ship’s onboard information technology and operational technology systems can be hacked just as easily as systems ashore. Such security breaches have the potential to do considerable harm to the safety and security of ships, ports, marine facilities and other elements of the maritime transportation system. Attacks on vessel OT networks can be catastrophic, leading to injury, loss of life, asset damage or environmental impact.

There has been some ongoing tension between Israel and Iran in the form of an alleged back and forth of attempted and successful cyberattacks against physical infrastructures. Geopolitical tensions are one of many maritime security challenges.

On May 9, 2020, all shipping traffic at the Shahid Rajaee port terminal in Iran came to an abrupt halt. According to The Washington Post, an unknown foreign hacker briefly knocked the port’s computers offline, which led to massive backups on waterways and roads leading to the terminal. The Shahid Rajaee port facility is the newest of two major shipping terminals in the Iranian coastal city of Bandar Abbas, on the Strait of Hormuz. Computers that regulate the flow of vessels, trucks and goods at the port were knocked offline simultaneously on May 9, 2020, disrupting operations and causing road and waterway congestion that lasted several days. The attack on the port’s computers was confirmed a day later by Mohammad Rastad, managing director of the Ports and Maritime Organization (PMO), who stated, “A recent cyberattack failed to penetrate the PMO’s systems and was only able to infiltrate and damage a number of private operating systems at the ports.”

A panel of technical experts debated the advantages of cyber security centres securing vulnerable maritime assets during Riviera’s Maritime’s zero-day exploit: port cyber security webinar. They explained how port facilities remain vulnerable to, and are unprepared for, cyber threats. They agreed port cyber security is maritime’s zero-day exploit, which is a secret vulnerability no one has generated protection for. Panellists on Riviera’s Maritime’s zero-day exploit: port cyber security webinar were : University of Plymouth research fellow for cyber security Dr Kemedi Moara-Nkwe, NORMA Cyber managing director Lars Benjamin Vold and McDermott Will & Emery partner Paul Ferrillo.

Cyber attacks on logistics hubs would devastate the supply chain network with tremendous financial damage, said Mr Moara-Nkwe. He said cyber threats could affect operational technology (OT) such as supervisory control and data acquisition (SCADA) systems and IT networks in ports. “Ports are unique in their interfaces between IT and OT, such as for cargo loading and unloading,” he said, adding a cyber attack initiated in IT could impact substations, electrical systems and automated cranes.

There are also consequences to cyber issues jumping between IT and OT on ships as more owners, operators and managers adopt digitalisation and internet of things (IoT). “This could potentially cause a vessel to lose access to onshore services, with no communications,” said Mr Moara-Nkwe. “There could be a loss of access to electronic devices used for navigation or for safety purposes on ships.”

“Ports depend on the technology and need to consider the risks as a cyber attack can affect availability of technology and assets,” said Mr Moara-Nkwe. “Potential consequences are disruptions to port operations and to supply chains.”

Source: idstch

Cyber defence expert Naval Dome and the offshore division of a supermajor have completed a joint project to identify and mitigate cyber risks common to offshore deepwater drilling rigs.

Findings from the two-year project, culminating in the installation and pilot testing of Naval Dome’s Endpoint cyber defence system aboard drilling rigs in the Gulf of Mexico, indicate that the minimum industry guidelines, regulations and security techniques are out of step with current platform technology, connectivity requirements and cyber-attack methodology.

In a joint research paper presented at an Offshore Technology conference in Houston last week, the authors state: “Activities over two years have demonstrated shortfalls and real challenges that need to be addressed if we are to create a more cyber-secure deepwater drilling rig environment.”

In presenting the Cyberdefence of Offshore Deepwater Drilling Rigs paper to conference delegates, Adam Rizika, Head of Strategy, Naval Dome, said: “Where systems installed on offshore platforms had traditionally been isolated and unconnected, limiting cyber hack success, the increase in remote monitoring and autonomous control, IOT and digitalisation has made rigs much more susceptible to attack.”

Going on to reveal how the test rigs’ OT (operation technology) networks were penetrated using a software installation file for dynamic positioning (DP) and workstation charts, Rizika, explained that Naval Dome simulated an OEM service technician unwittingly using a USB stick with malicious software containing three zero-day exploits.

“The modified file was packaged in a way that looked and acted like the original one and passed anti-virus scanning without being identified as a cyberattack or picked up by the installed cyber network traffic monitoring system,” he said.

Although the attack was carried out internally, Rizika noted remote execution was feasible using the rig’s externally facing network connections.

“Penetration testing confirmed how a targeted cyber attack on a deepwater drilling rig could result in a serious process safety incident, with associated financial and reputational impact,” he said.

In the paper, the authors state that pilot tests confirm traditional, “perimeter type” IT transplanted OT cyber security solutions, such as anti-virus, network monitoring and firewalls, are not enough to protect critical safety and processing equipment from attack, leaving rigs vulnerable.

“It is abundantly clear that more advanced purpose-built solutions are needed to better protect an offshore platform from exposure to external and internal cyber attacks, whether targeted or otherwise,” reported Rizika.

The paper goes on to highlight a shortage of OT cyber domain skilled staff, regulation and controls that are slow to evolve and be implemented, an IT-centric approached being applied to an OT environment, and a mismatch between drilling rig systems and equipment and their supporting software.

Rizika said: “Although industry guidelines and regulations offer minimum standard requirements, we found the advancement in rig technology, connectivity and cyber-attack methodology has outpaced the regulations, driving the need for a more comprehensive approach.”

Commenting on the project’s findings, Naval Dome Chief Executive Officer Itai Sela, said: “The project and successful pilot testing of a multi-layer cyber defence solution aboard these rigs has demonstrated that both new and legacy OEM systems can be better protected from internal and external cyberattack vectors, without the need for expensive equipment upgrades, or higher overheads that lead to an increase in total cost of ownership.

“Results to date demonstrate that the endpoint system is robust and can operate without interfering with ongoing rig operations. The cost of upgrading the obsolete systems is high, and even if upgrades are undertaken vulnerabilities can still remain.”

By approaching the problem differently, Naval Dome and the oil major  believe that the attainment of a cyber resilient environment can be accelerated onboard offshore installations at a critical time for the industry.

Source: maritime-executive

Us-class and services organisation ABS Group of Companies, (ABS Group) has launched a new set of safety and risk-based services to support compliance to the 2021 Cyber Risk Management (CRM) guidelines recommended by the IMO. The IMO CRM guidelines encourage maritime organisations to address cyber risk management in a safety management system (SMS) no later than the first annual verification of the company’s Document of Compliance after 1 January 2021.

ABS Group’s says its new cyber security services will help clients understand how to align to the IMO guidelines and other accepted standards and build comprehensive cyber security capabilities that address enterprise and ship level cyber controls as identified in the IMO guidance. CRM capabilities will span both information technology (IT) and operational technology (OT) systems in accordance with IMO, BIMCO, National Institute of Standards and Technology Cyber Security Framework (NIST), ISO/IEC 27001 and other accepted standards.

“Using a ‘defence in depth and breadth’ approach, owners and operators must protect their critical assets with a comprehensive set of risk controls,” said Ian Bramson, Global Head of Cyber Security at ABS Group. “We are working closely with industry stakeholders and regulators to reduce cyber risk and lessen the impact of cyber incidents that can have serious financial, operational and environmental consequences. Looking beyond 2021 compliance, our Cyber Security consultants understand this is a long-term challenge that will continue to affect OT assets in an increasingly connected world. Building robust OT cyber security capabilities will provide better control, visibility and management of risk across maritime operations.”

ABS Group’s cyber security portfolio offers risk-based capabilities at every stage of cyber defence and includes the proprietary Cyber Risk Reduction and Cyber Risk Rating (CybeR2) program. CybeR2 builds on the award-winning ABS FCI Cyber Risk Model developed with the Maritime Security Center, a U.S. Department of Homeland Security Center of Excellence.

Source: shipinsight

Piracy is no longer just a matter of gangs entering your yacht in the middle of the night. The threat of cyber space is building up rapidly, with the potential of posing even bigger risks, to the owners, their family and the crew. Good training can help.

This Cyber Security for Superyacht online course provides you with knowledge about common cyber attacks that the ship’s crew can face. Additionally, the course suggests best practices for the protection against cyber threats. As a result, all aboard are better protected.

This course aligns with:

The ISM Code (MSC.428 (98) Maritime Cyber Risk Management in Safety Management Systems)
MSC-FAL.1/Circ.3 Guidelines on maritime cyber risk management
ISO/IEC 27001 – Information Security Management, 2013
BIMCO Guidelines on Cybersecurity Onboard Ships(v4)

Source: stcw.online

In the last two decades, the cases of cyberattacks against Institutions have increased exponentially, so much so that they pose a real threat to the defense of the state and organizations.

As the global shipping and commerce industry becomes increasingly dependent on highly sophisticated technical equipment and software to keep it running efficiently, it also becomes more vulnerable to the risks that cyberattacks pose – herein lie the importance of maritime cyber security

SEAFUTURE is the convention on maritime and dual-use technologies, designed to provide civil or military Institutions and Organizations with the progress of science in the maritime industry and defense, also and above all about the theme of maritime cyber security.

From 29 September to 1 October 2021 Telsy will participate in the SEAFUTURE 2021 convention, at the naval arsenal of La Spezia, during which the major national and international defense and security players engaged in the maritime field will be present.

THE CYBER THREAT

Some of the major factors that make maritime cybersecurity such a topical topic are the proliferation of automated systems onboard ships, the integration of multiple systems, the growing ability to monitor systems remotely, and the fact that all of these systems rely on the Internet for their connectivity.

Ships and ports can be damaged by malware, system failures, and other harmful computer activities. That’s why maritime cybersecurity must be able to better protect and inform sea workers who rely on technology to assist them in everything from vessel navigation and control to cargo and shore management issues.

The Internet of Things (IoT) can make a home smart and more efficient, but at the same time make it vulnerable to hackers looking to disable its security system and steal the personal data of its occupants.

Ships that rely on advanced technologies can be equally vulnerable. For this reason, maritime cyber security is as much about the adoption of new technologies as it’s about the awareness of the susceptibilities that derive from that technology.

For further information, an article on the risks deriving from cyber threats is available on our blog.

MARITIME CYBER RISK

Maritime cyber risk aims to quantify how much a technological asset may be threatened by a potential circumstance or event, which could lead to operational, security, or compromise-related failures of information or systems. From these assumptions arises the need for effective maritime cyber risk management.

Cyber risk management refers to the process of identifying, analyzing, evaluating, and communicating an IT risk and accepting, preventing, transferring, or mitigating it at an acceptable level, considering the costs and benefits of the actions taken by the stakeholders.

In this sense, cybersecurity represents a conditio sine equa non to affirm substantial success for the marine industry.

THE MARITIME EMPOWERMENT

Italy – and the enlarged Mediterranean in general – is an essential crossroad for world trade and shipping. Located in the center of the Mediterranean basin and “closed” by the two most strategic “choke points” of the old continent (the Strait of Gibraltar and the Suez Canal), it has the potential to be the protagonist of the international maritime transformation.

With the growing need for greater quantities of traded goods and the newly formed Italian EEZ (Exclusive Economic Zone), the entire private and institutional maritime organization is in an epochal modernization and development process about its capabilities.

Among these, cyber security is an indispensable element for virtuous and far-sighted development.

TELSY AT SEAFUTURE 2021

During the SEAFUTURE 2021 convention, the hot topics in the fight against cybercrime and, in particular, maritime cyber security will be exposed. The event will be attended by the major exponents in the field of industry and maritime defense, both in the civil and military sides.

Competence Center of the TIM Group in the cyber and crypto sector, Telsy provides innovative security technologies to support strategic assets and critical infrastructures in the fight against maritime cybercrime.

On September 30 Telsy, in addition to exhibiting its technologies, will be the official sponsor of the main event dedicated to cybersecurity, during which Eugenio Santagata, CEO of the company, will speak.

Source: telsy

SeaCyber is a specialist Marine Cyber Security Consultancy. Our important work, aligned with industry guidelines, helping clients across the marine sector to not only identify and evaluate their most critical vulnerabilities but to establish the essential frameworks and solutions to mitigate or eliminate any potential threat and ensure regulatory compliance.

Source: seacyber