MARITIME CYBER SECURITY Archives - Page 19 of 41 - SHIP IP LTD

TSUNEISHI SHIPBUILDING of Japan is the latest company to be confirmed as implementing shipbaord data collection operations using the IoS-OP (internet of Ships open Platform) framework, for a newbuild bulk carrier currently under construction.

IoS-OP is an open platform that enables the sharing of vessel operations data among shipbuilders, manufacturers, and related service providers based on a set of data sharing rules agreed by all stakeholders.

TSUNEISHI will operate within this framework to collect actual operational data for the newbuild ship, so that the data collection infrastructure is integrated into the 82,000DWT bulk carrier’s operational systems from the sea trial stage.

The data to be collected includes draft and shaft horsepower, fuel consumption and power consumption from the main engine, generator, and auxiliary machinery, as well as information from the Voyage Data Recorder (VDR). In total, some 800 items will be included in the data collection process.

The collected data will be shared between the shipyard and shipowner through the ‘ShipDC Portal’, provided by ShipDC on behalf of the IoS-OP, and will be utilised for the development of new ship types based on an enhanced understanding of machinery condition and evaluation of the ship’s performance.

Source: smartmaritimenetwork

Netbull participates as Gold Sponsor in the online “Maritime Cyber-Security & Safety Conference” organized by BOUSSIAS Communications and netweek, that will take place on Thursday 20th of May 2021.

At the 1st section of the Conference subjeted: Cyber Safety Awareness – One step beyond (10:05 – 12:30), Mr. Nikitas Kladakis – Information Security Director of Netbull at his presentation titled:

“Zero Trust Architecture: A new era in Maritime Security”

will analyze the way, the tools, the architectures and the technologies that our company uses for data breach detection in shipping companies environments. Our effort is assisted by the adoption of Zero Trust Architecture and the use of Automation and Artificial Intelligence technologies, which are independent of where the IT (Information Technology) and OT (Operational Technology) environments are located.

Source: netbull

The topic of cyber threat intelligence (CTI) occupies roughly a third of the NMCP. It also generates a significant divergence of opinion among maritime cybersecurity experts.

Carter, who also serves on the Board of Directors for the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC), says that relationships he has established with members of the MTS-ISAC community, along with the contacts he was able to establish at DEF CON Hack the Sea, have become invaluable, and that they are finding successes working with each other.

“We are now seeing localized information exchanges launch that feeds into the larger MTS-ISAC, which will only better protect the maritime sector. I have personally shared half-million elements over five years,” he noted.

Dr. Kessler, on the other hand, says that there’s a need for better and more uniform information sharing of cyber intelligence.

“The ISAC/ISAO model is wonderful if you’re a member. In the late 1990s, the ISACs freely shared information. Today, the model is that you have to pay to be a member. I fully understand that the ISCAs need to be funded but the entire maritime transportation system is at risk, and that includes small operators, small manufacturers, and so on,” he added.

In a section on “Information and Intelligence Sharing”, the NMCP recognizes that “organizations such as Information Sharing and Analysis Centers provide a pathway to share information across the private and public sector coordinating Councils.” It also points out, however, that “multiple private sector entities claim to be the information-sharing clearinghouse for MTS stakeholders. Overlapping membership across cybersecurity information sharing organizations creates barriers to efficiently inform MTS stakeholders of maritime cybersecurity best practices or threats.”

An additional consideration is that not all organizations in the sector are at a sufficient state of cybersecurity maturity to leverage access to CTI. Organizations that do not have adequate understanding of their environment or capabilities to monitor their network and respond to events when they are detected are unlikely to benefit from access to third-party intelligence products. Those limited resources may be better dedicated to basic cybersecurity hygiene and workforce development.

Source: helpnetsecurity

Dryad and cyber partners RedSkyAlliance continue to monitor attempted attacks within the maritime sector. Here we continue to examine how email is used to deceive the recipient and potentially expose the target organisations.

“Fraudulent emails designed to make recipients hand over sensitive information, extort money or trigger malware installation on shore-based or vessel IT networks remains one of the biggest day-to-day cyber threats facing the maritime industry.”

Dryad Global’s cyber security partners, Red Sky Alliance, perform weekly queries of  backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.

With our cyber security partner we are providing a weekly list of Motor Vessels where it is observed that the vessel is being impersonated, with associated malicious emails.

The identified emails attempted to deliver malware or phishing links to compromise the vessels and/or parent companies.  Users should be aware of the subject lines used and the email addresses that are attempting to deliver the messages.

Those who work in the security industry can quickly identify the suspicious aspects of these emails, but the targets often cannot. Even if attackers can only get 10% of people to open their malicious email attachments, they can send thousands out in a day using similar templates resulting in hundreds of victims per day. They can also automate parts of this process for efficiency. It is critical to implement training for all employees to help identify malicious emails/attachments. This is still the major attack vector for attackers looking to attack a network. These analytical results illustrate how a recipient could be fooled into opening an infected email. They also demonstrate how common it is for attackers to specifically target pieces of a company’s supply chain to build up to cyber-attacks on the larger companies. Doing so could cause the recipient to become an infected member of the maritime supply chain and thus possibly infect victim vessels, port facilities and/or shore companies in the marine, agricultural, and other industries with additional malware.

Source: channel16.dryadglobal

Aong focused on mitigating physical risks such as piracy, the maritime shipping industry is currently grappling with a new challenge: how to respond to a dramatic spike in cybersecurity threats.

From February to June 2020, cybersecurity consulting firm Naval Dome documented a 400% growth in attempted hacks against maritime targets. Driven by increased numbers of remote access paths onboard vessels and the convergence of new information technology (IT) targets into traditionally operational technology (OT) environments — as well as the perceived value in targeting an industry that carries nearly 90% of the world’s trade — these attacks represent a serious new threat to the backbone of global commerce.

“This convergence is increasingly more pervasive because of the nature of digitalization trends, like using onboard sensors and tracking data off operational systems for predictive maintenance purposes, that open more attack surfaces on the IT side that can enter into the OT environments,” said Don Ward, senior vice president of Global Services at Mission Secure, a global provider of OT cyber-protection solutions. “We frequently see that clients think they have certain portions of their system on islands – inevitably, in every assessment we find a backdoor into these environments.”

It’s a balancing act that all digitally maturing industries face: deriving efficiency gains from integrating today’s latest technology while limiting the potential vulnerabilities from doing so. The maritime sector is still catching up to its aerospace and automotive counterparts in implementing modern cybersecurity best practices, but malicious actors will not be waiting idly for it to arrive there.

Source: tsi-mag

Riviera Media features a discussion on cyber threats and security for the tanker sector of the maritime industry by Julian Clark, Global Senior Partner at Ince. “The lack of adequate protection is particularly prevalent in relation to cyber-attacks on on-shore and on-vessel operations technology (OT) networks and control systems, as just 42% of organisations protect their vessels from OT cyber threats.”

Clark covers the current state of the industry, insurance considerations, potential consequences, including legal, and the ongoing efforts to achieve compliance and security.

“Tanker operators and managers are not sufficiently protected by being compliant with the new regulation – this is a ‘level-one solution to a level-four threat’ – accordingly, a tick box approach to compliance is far from sufficient.”

Julian Clark, Global Senior Partner at Ince

Source: missionsecure

The British Ports Association and the UK-based risk management firm Astaara have released a new study on the wave of cyberattacks seen by maritime stakeholders over the past four months.

In one high profile attack in May, computer systems at Iran’s Shahid Rajaee port facility at Bandar Abbas, creating traffic jams and serious operational disruption. Astaara believes that the attack came in direct response to a failed Iranian cyberattack on an Israeli water facility in April. (Iran has denied any involvement in the earlier incident.) U.S. officials told the Washington Post that Israeli forces orchestrated the retaliatory hack on Shahid Rajaee.

While attacks from criminal groups are far more common than suspected state-sponsored hacking, the overall upward trend is driving increased interest in security, according to Astaara. “Now, more than ever, the advantages of [digitalization] should be capable of being realized, but only if the corresponding management resilience and recovery plans are in place and practiced,” said Robert Dorey, CEO of  Astaara. “Processes need to be continually reviewed and updated as necessary, training provided, and new approaches to monitoring assessed and adopted.”

He noted that the new remote-work alternatives to standard operations like surveys and marine superintendent spot inspections have created new vulnerabilities for shipowners. Remote working has been identified as a major risk for security, as the attack surface is broadened.

Criminals realize this and do not care about the human cost of Covid-19, or their crimes. They are not interested in the morality of their action. Instead they are interested in disruption and making money; they see Covid-19 as an opportunity,” said Dorey.

According to Astaara, the way to fight back is to practice basic cyber hygiene and to invest an appropriate amount in security. Currently, cybercrime nets around $2 trillion per year for criminals worldwide – compared with the $150 billion a year spent by companies and individuals in protecting systems. “When you have ever more stringent regulations, a user population that is innovative in breaking the rules, and an external environment that is hostile to say the least, you cannot afford not to invest in your security, and to protect those aspects of business that depend on others for their delivery,” Astaara and BPA advised in the white paper.

Source: maritime-executive

Source: thedigitalship

When Maersk fell victim to the NotPetya ransomware cyber-attack in 2017 (resulting in a loss of over £300M³ ), it highlighted that no shipping company is immune to cyber-attack – even IMO has been hacked. Cyber risk has been on the IMO agenda for some time and on 1 January 2021, MSC 428(98) was finally adopted. Tanker operators and managers are not sufficiently protected by being compliant with the new regulation – this is a ‘level-one solution to a level-four threat’ – accordingly, a tick box approach to compliance is far from sufficient.

The lack of adequate protection is particularly prevalent in relation to cyber-attacks on on-shore and on-vessel operations technology (OT) networks and control systems, as just 42% of organisations protect their vessels from OT cyber threats⁴. Additionally, an alarming 92% of the estimated costs arising from a cyber-attack are uninsured⁵ and the access and limits of cover are often restricted, which has serious risk-management implications for tanker owners and operators.

The devastating effects of a cyber-attack are not only financial and reputational, but crucially also legal. Tanker owners could face real challenges in order to establish due diligence and protect themselves legally if an incident arose from their vessel being cyber-compromised. They can expect cargo interests and others to raise arguments that there was a failure to make use of available cyber-security protection systems to ensure they were adequately protected.

In relation to the concept of due diligence and the application of the Hague Visby Rule Article IV Rule (ii) defences, shipowners will need to show due diligence in relation to protecting their vessels against a cyber-attack. The duties of due diligence are generally not delegable, so while a contractual provision ensuring that the manufacturer takes responsibility for cyber-integrity creates a potential right of recourse, this does not itself provide a defence to a claim. Additionally, where there are systems available in the market that can provide protection against a cyber-attack, and an owner has failed to implement appropriate measures or is unable to show they have an effective system in place to address cyber-risk, such omissions could amount to recklessness, giving rise to a possibility to break limitation.

We can expect to see claimants raising issues of unseaworthiness where they suffer loss or damage as a result of a vessel being cyber-compromised.

It is critical for tanker owners and operators to take an integrated, comprehensive approach to protecting their organisations against cyber threats. Our recent venture with Mission Secure (leaders in providing military-grade cyber security for OT systems) to launch an industry-first, integrated legal advisory, consultancy and technology cyber-security solution, addresses this market need by providing both advisory and action to fully protect companies beyond the current regulatory guidelines.

Source: rivieramm

Before starting at at Telenor Maritime, Toni was the CEO of KNL Networks, which was acquired by Telenor Maritime in 2020. Before Co-founding KNL Networks in 2011, Toni worked at the University of Oulu as a research scientist and Doctoral student from 2008 to 2011. He is a former electronic warfare officer in the Finnish Defence Forces and has 20 years of hands-on radio experience. Toni is a former member of the Arctic Council Task Force on Telecommunications Infrastructure in the Arctic (TFTIA).

With KNL onboard, Telenor Maritime believes its new platform can help facilitate the digitalization of the shipping industry, with secure, reliable and cost-effective sharing of data right across the globe. The webinar will address opportunities and challenges in maritime digitalization and cyber security. Onboard capabilities in cybersecurity and IT are often somewhat limited. Most of onboard equipment are not designed to be connected, so devices their selves don’t provide sufficient security. Cybersecurity has become one of the biggest threats to the industry.

We look forward to learning more about cyber security!

Source: nme