MARITIME CYBER SECURITY Archives - Page 15 of 40 - SHIP IP LTD

The primary mission for cyber security on a superyacht is ensuring that the guest experience is transparently fulfilled. Our experience in providing cyber security to superyachts has demonstarted to us that one size doesn’t fit all and we have had to learn through trial and error which cyber security technologies, which work well on a terrestrial deployment, don’t work for maritime.

CND also supply preformed packages of cyber security services, according to the size of ship, risk, or budget. (Bronze, Silver and Gold) each crafted to meet the IMO 5 elements of Cyber Risk Management for both Information Technology (IT) and Operational Technology (OT). Our Platinum package is designed for fleets of ships, where resources are shared across the fleet to save money and provide correlated cyber security situational awareness.

From the 1st of January 2021, cyber security will come under the remit of the International Safety Management System (ISM) Code, supported by the IMO Resolution MSC.428(98), requiring ship owners and managers to assess cyber risk and implement relevant measures.

Source: cndltd

Source: franman

The Marine Transportation System (MTS) should be on heightened alert as a result of two recent developments. The first is a cyber-attack impacting port operations at container terminals in several South African ports due to “an act of cyber-attack, security intrusion and sabotage.” The impacted terminals use a popular Terminal Operating System (OS) widely used throughout the U.S., and certain processes handled by the Terminal OS were suspended as a result of the cyber-attack. The attack is believed to be related to the “Death Kitty” ransomware, although full details are still not available.

The second development is the recent release of leaked Iranian documents detailing research into how a cyber-attack could be used to target critical infrastructure, including MTS entities. These documents cover research into topics such as how to use ballast water systems to sink a vessel and how to interfere with MTS satellite communications.

Coast Guard Cyber Command is continuing to monitor these situations and is fully engaged with cybersecurity agencies worldwide to identify and take action to mitigate vulnerabilities and threats to the MTS.

The Coast Guard strongly encourages vessels and facilities operating in the MTS to take prompt action in the following areas:

• Review controls protecting Operational Technology,
• Closely monitor network and system logs for any signs of unusual activity,
• Review incident response plans, security plans, business continuity plans, and disaster recovery plans,
• After reviewing these plans, with the context of these recently identified threats, implement increased security measures to mitigate any identified vulnerabilities.

Any Breach of Security or Suspicious Activity resulting from Cybersecurity Incidents shall be reported to the National Response Center at 1-800-424-8802 in accordance with CG-5P Policy Letter No. 08-16, Sections 3.B.ii-iv. You are strongly encouraged to report any abnormal behavior with your operational technology to your local Coast Guard Captain of the Port or the CG Cyber Command 24×7 watch at 202-372-2904 or CyberWatch@uscg.mil, as it may related to the developments described in this article.

As part of the effort to protect the MTS, Coast Guard Cyber Command has created Cyber Protection Teams and the Maritime Cyber Readiness Branch as detailed in the Cyber Strategic Outlook released on August 3, 2021.  Additionally, the Coast Guard is in the process of hiring 40 individuals as Marine Transportation System Specialists (MTSS)-Cybersecurity, to further aide in the coordination of efforts at our Area, District, and Sector/Marine Safety Unit Commands to strengthen the MTS against cybersecurity attacks.

If you are a stakeholder in the MTS and would like to assist in our effort to combat cybersecurity attacks against the MTS, please reach out to your local Captain of the Port to become a part of their Area Maritime Security Committee (AMSC).  Many Committees have established cybersecurity subcommittees for the specific purpose of hardening our nation’s ports against cybersecurity attacks.

Source: hstoday

The crippling ransomware attack against the Colonial oil pipeline in the U.S. in May 2021 should be a wake up call for the maritime industry. As a critical part of the global supply chain, the shipping industry could become an attractive target for cyber criminals and politically motivated attacks. Marine insurer Allianz Global Corporate & Specialty explores these challenges in its latest Safety & Shipping Review 2021.

The 9,000km long Colonial Pipeline, which connects some 30 oil refineries and nearly 300 fuel distribution terminals, was brought down by a cyberattack, which resulted in petrol shortages across the eastern U.S. The company paid a $4.4 million ransomware demand to hacking group DarkSide in return for getting its systems back online.

The attack has far reaching implications for critical industries, including shipping. Not only did it reveal weaknesses in cyber security, but also the attractiveness of critical infrastructure to cyber criminals and nation states. Given its perceived success, the attack could encourage similar attacks, and result in tougher cyber security requirements and higher penalties for critical service providers.

Ransomware has become a global problem. All four of the world’s largest shipping companies have been hit by cyberattacks, including the Mediterranean Shipping Company (MSC), which suffered a network outage in April 2020 from a malware attack, and CMA CGM SA, which was hit with a ransomware attack in September 2020. Even the International Maritime Organization (IMO) was recently targeted by a cyberattack, forcing some of its services offline.

According to security services provider BlueVoyant, shipping and logistics firms in 2020 experienced three times as many ransomware attacks last year as in 2019. A spike in malware, ransomware, and phishing emails during the pandemic helped drive a 400% increase in attempted cyberattacks against shipping companies through the first months of 2020.

“To date, most cyber incidents in the shipping industry have been shore based, including ransomware and malware attacks against shipping companies and ports,” said Captain Nitin Chopra, Senior Marine Risk Consultant at AGCS. “But with growing connectivity of shipping, and with the concept of autonomous shipping, cyber will become a more important exposure that will require more detailed risk assessment going forward.”

The shipping community has grown more alert to cyber risk over the past couple of years, in particular in the wake of the 2017 NotPetya malware attack that crippled ports, terminals and cargo handling operations. However, reporting of incidents is still uncommon as owners fear reputational risk and delays from investigations. Meanwhile, cyber security regulation for ships and ports has been increasing. In January 2021, the IMO’s Resolution MSC.428(98) came into effect, requiring cyber risks to be addressed in safety management systems. The EU’s Network and Information Systems Directive also extends to ports and shipping.

Increased awareness has translated into an increased uptake of cyber insurance by shipping companies, although mostly for shore based operations, according to Justus Heinrich, Global Product Leader Marine Hull at AGCS. “However, the threat to vessels is growing as more and more ships are linked to onshore systems for navigation and performance management. Smart ships are coming, and we would expect demand for insurance to develop accordingly,” Heinrich said.

Geopolitical conflict is increasingly played out in cyber space, as illustrated by spoofing attacks on ships. Recent years have seen a growing number of GPS spoofing incidents, particularly in the Middle East and China, which can cause vessels to believe they are in a different position than they actually are, while concerns have been growing for a potential cyberattack on critical maritime infrastructure, such as a major port or shipping route.

“From a hull perspective, the worst case scenario is a terrorist attack or nation state group targeting shipping in a bid to inflict damage or major disruption to trade, such as blocking a major shipping route or port. While this would seem a remote possibility, it is a scenario we need to understand and monitor,” Chopra said.

“Although an accident, the recent blockage of the Suez Canal by the ultra large vessel Ever Given is an eye opener on many fronts as it shows the disruption a momentary loss of propulsion or steering failure on a vessel navigating a narrow waterway can cause.”

Source: maritimeprofessional

Piracy is no longer just a matter of gangs entering your yacht in the middle of the night. The threat of cyber space is building up rapidly, with the potential of posing even bigger risks, to the owners, their family and the crew. Good training can help.

This Cyber Security for Superyacht online course provides you with knowledge about common cyber attacks that the ship’s crew can face. Additionally, the course suggests best practices for the protection against cyber threats. As a result, all aboard are better protected.

Source: stcw

Leading MPA’s efforts in driving cyber security and resilience in the Maritime Singapore, in which you will play a crucial role in a dynamic cybersecurity team to carry out cybersecurity oversight of the Maritime sector, and develop regulatory initiatives to ensure compliance with sector-wide and enterprise-wide cybersecurity policies, standards and procedures. Your mission will be to strengthen the cybersecurity readiness and resiliency of MPA and the Maritime sector.

You will manage third party consultants, together with relevant MPA departments in conducting periodic compliance audits and risk assessments. You will work with Internal Audit team to conduct, monitor and identify systems due for audit in accordance to IM8 and CCOP requirements.

You will work with critical information infrastructure owners (CIIOs), to safeguard and strengthen cyber resilience of Maritime sector’s CIIs in Singapore. Review risk assessment and audit reports submitted by CIIOs as required by Cybersecurity Code of Practice and review classification of Maritime sector’s CII and CII boundary.

Requirements

To be successful in the role, the candidate should possess the following:

• At least 1 year of experience in IT/ Operational Technology (OT) related role in the areas of governance, audit and compliance work. Fresh graduates are welcome to apply.

• Prior experience with conducting risk assessment and audit for IM8 and CCOP will be preferred.

• Good verbal and written communication skills with stakeholders at all levels.

Candidates who are able to commit for a period of 6 months to 1 year are welcome to apply.

Source: mycareersfuture

Cpt Tama identifies the transition to the Internet of Things (IoT) approach as a major source of that vulnerability. IoT is an information technology term that describes a system of devices or of self-contained systems that are connected and able to communicate over a single network. This connectivity is achieved largely by the introduction of firmware into vessel and onshore hardware systems. According to the Institute of Electrical and Electronics Engineers, firmware refers specifically to the “combination of a hardware device and computer instructions or computer data that reside as read-only software on the hardware device.”

Source: warriormaven

Maritime is one of the oldest industries and lifeblood of the global economy, accounting for the carriage of 90% of world trade. Ships and other vessels may seem like unusual targets for cyber-attacks. But with their growing use of industrial control systems (ICS) and satellite communications, hackers have a new playground that’s ripe for attack.

In a 2020 Safety at Sea and BIMCO Maritime Cyber Security survey, despite the majority of respondents (77%) viewing cyber-attacks as a high or medium risk to their organizations, few appear to be prepared for the aftermath of such an attack. 64% of respondents said their organization has a business continuity plan in place to follow in the event of a cyber incident, but only 24% claimed it was tested every three months, and only 15% said that it was tested every six to 12 months. Only 42% of respondents said that their organization protects vessels from operational technology (OT) cyber threats, and some respondents went so far as to describe their company policy to OT cyber risk as “careless.”

Source: missionsecure

The technique for evaluating the risk of cyber-sabotage of industrial processes are well understood by those skilled in the art. Essentially, such risk assessments evaluate a typically large inventory of possible cyber attacks against the cyber-physical system in question, and render a verdict. Communicating the verdict to business decision-makers who are not familiar with cyber-security minutia is more difficult, especially for the low-frequency, high-impact (LFHI) type of attacks for which there is little statistical data.

The experience of such communications suggests that business decision-makers can much more often understand and make useful decisions about specific examples of cyber attacks, than they can understand abstract risk scores resulting from a process of evaluating millions of attacks.

This paper recommends using a standard set of Top 20 ICS attacks as a methodology for communicating cyber-sabotage risk, with the Top 20 set representing ICS attacks of varying levels of cyber and engineering sophistication, and with varying degrees of undesirable physical consequences. We recommend that a standard Top 20 includes both ICS attacks that are reliably defeated by existing cyber defenses, and attacks that are not so defeated.

Source: waterfall-security

The Maritime environment is not immune to the radical ability of modern digital communications and computing to be disruptive. In order to gain the advantages of modern technology those operating in the maritime must also become aware and develop strategies to handle the inevitable security issues that modern computing systems bring with them. This report presents a first step on the road to this understanding by presenting the findings from a joint workshop run by Security Lancaster and the Developments, Concepts and Doctrine Centre with participants from a range of government and commercial stakeholders. Here we present the salient points that we discussed within a framework that underpins a repeatable approach to scenario planning based on assessing key traits and trends in three key elements of the cyber maritime domain: Information, People and Technology. This report identifies how the use of technology is extending the scope for maritime security far beyond traditional littoral boundaries and the key influences shaping the cyber maritime environment.

Source: eprints.lancs.ac.uk