MARITIME CYBER SECURITY Archives - Page 2 of 40 - SHIP IP LTD

Switzerland-based commodity and energy trader Mercuria has invested US$1.5 million into Australian start-up rise-x, a provider of blockchain-based marine fuel management systems.

Mercuria subsidiary Minerva Bunkering has previously used rise-x’s DIANA platform to digitally track refuelling of ships at global ports, with the two firms announcing a partnership last summer to establish a spin off business that combines Minerva’s Advanced Delivery Platform (ADP) with DIANA to create an end-to-end bunker management service.

“We have been working with rise-x for some time now and have been impressed with the team and the technology,” said Mercuria’s Chief Operations Officer Alistair Cross.

“The software system has proven its potential to improve productivity and to increase transparency and traceability across the global commodities ecosystem.”

rise-x recently exceeded its initial US$2.5 million funding target by securing US$2.77 million in total private investment, including Mercuria’s support. The company was also named as a recipient of AU$895,000 under the Australian government’s Accelerating Commercialization Grant Programme.

“We can use blockchain and the interconnectivity of the world to bring customers, suppliers, financers, accountants and others onto a common platform that can be accessed from anywhere,” said Rise-x co-founder and Chief Executive Officer Rowan Fenn.

“All parties can access a common truth to observe and manage transactions such as commodity exchanges, goods movements and service deliveries with immutable records created in real time. Every step along the way has been recorded securely in a common, transparent place.”

“We can create smart contracts that will record carbon emissions from everyday activities so companies can offset those emissions in an open and transparent way. But more importantly, we can use the same technology for carbon offset companies to prove that they are credible and delivering what they have promised.”

Source: https://smartmaritimenetwork.com/2022/08/17/mercuria-makes-1-5m-investment-in-rise-x/

 

CREWEXPRESS STCW REST HOURS SOFTWARE - Paris and Tokyo MoU have announced that they will jointly launch a new Concentrated Inspection Campaign (CIC) on Standards of Training, Certification and Watchkeeping for Seafarers (STCW) from 1st September 2022 to 30th November 2022


Maritime security is increasingly becoming impossible to achieve without ensuring cyber security, and the ability of states to protect their maritime assets and critical infrastructure against cyber attacks.

This was one of the conclusions from a recent workshop on developing a maritime security strategy for South Africa. The workshop was organised by Stellenbosch University, the Institute for Security Studies Africa, and United Nations Office on Drugs and Crime (UNODC).

Image

Denys Reva, maritime researcher at the Institute for Security Studies Pretoria, highlighted the fact that 80% of South Africa’s trade is seaborne, and for all intents and purposes, South Africa can be seen as an island. “We are dependent on well-functioning maritime infrastructure, which needs to be protected, including from cyber threats,” he said.

The maritime sector is becoming increasingly vulnerable to cyber threats, as it digitalises. For example, ships are using Electronic Chart Display and Information System (ECDIS), GPS and remote engine and cargo control systems, while ports are going paperless, becoming automated and removing humans from the equation.

africa-cyber-crime

The container terminal at China’s Qingdao Port is fully automated, while South Korea’s Busan Port is using blockchain for logistics innovation, for example.

While only 53 of the world’s container terminals are automated (4%), the maritime sector is going digital and is on an upward trend in this regard. “What if someone tries to disrupt the technology, purposefully or accidentally?” Reva asked, as new cyber security risks and vulnerabilities are exposed.

In Africa, a cyber attack was only a matter of time, he said, citing the 2021 attack on Transnet, which disrupted not only local but regional trade. “It’s inevitable another attack will take place,” Reva believes.

Featured Image

“In 2020 alone there was an alleged 400% increase in incidents targeting the maritime sector around the world. We don’t know the real scope of the problem. Some cyber security reports suggest hundreds of thousands or millions of attacks.”

One of the largest cyber attacks to affect the maritime sector was the June 2017 NotPetya cyber attack. NotPetya was developed as a disk-wiping cyber weapon, disguised as ransomware, by the Russian military to destabilise Ukraine, but thousands of companies around the world were also hit.

It took Maersk more than 90 days to recover from the attack, which cost an estimated $350 million in damages. Maersk still being sued by some companies.

“We will all be victims of a cyber attack at some point,” Reva cautioned, and cited other examples, including the port of San Diego going offline for several days in 2018 due to a ransomware attack, and Israel’s disruptive cyber attack on Iran’s Shahid Rajaee port terminal in May 2020.

Cyber offers new opportunities for bad actors, Reva said, but Africa is in a privileged position as it is a lesser target at present and can learn from the experiences of other countries, but time is running out for this.

Source: https://www.eblueeconomy.com/cyber-security-becoming-integral-to-maritime-security/

 

CREWEXPRESS STCW REST HOURS SOFTWARE - Paris and Tokyo MoU have announced that they will jointly launch a new Concentrated Inspection Campaign (CIC) on Standards of Training, Certification and Watchkeeping for Seafarers (STCW) from 1st September 2022 to 30th November 2022


The UK has unveiled a new five-year maritime strategy that sets out the guiding principles for the UK Government’s approach to managing threats and risks at home and around the world.

The new strategy redefines maritime security as; upholding laws, regulations, and norms to deliver a free, fair, and open maritime domain. With this new approach, the Government recognises any Illegal, Unreported and Unregulated (IUU) fishing and environmental damage to the seas as a maritime security concern.

In addition, to enhance the UK’s maritime security knowledge, the Government has established the UK Centre for Seabed Mapping (UK CSM), that seeks to enable the UK’s seabed mapping sector to collaborate to collect more and better data. Seabed mapping underpins many maritime operations including trade and shipping.

Working with industry and academia, Secretaries of State from DEFRA, DfT, FCDO, Home Office and MoD will focus on five strategic objectives:

  • Protecting our homeland: Delivering the world’s most effective maritime security framework for our borders, ports and infrastructure
  • Responding to threats: Taking a whole system approach to bring world leading capabilities and expertise to bear to respond to new emerging threats
  • Ensuring prosperity: Ensuring the security of international shipping, the unimpeded transmission of goods, information and energy to support continued global development and our economic prosperity
  • Championing values: Championing global maritime security underpinned by freedom of navigation and the International Order
  • Supporting a secure, resilient ocean: Tackling security threats and breaches of regulations that impact clean, healthy, safe, productive and biologically diverse maritime environment

The UK Chamber of Shipping CEO, Sarah Treseder said:“A proactive maritime security strategy is essential to keeping trade routes and energy supplies secure, especially for an island nation. Today’s welcome commitments to improve collaboration, both with industry and governments across the world, will help deliver a more secure maritime environment and help provide confidence to the shipping community.”

Source: https://thedigitalship.com/news/maritime-satellite-communications/item/7997-new-maritime-security-strategy-to-target-physical-and-cyber-threats


Maritime transport helps facilitate worldwide trade, where an estimated 90% of traded goods are transported by sea and is depended on by many different industries. Being the backbone of global trade and supply chain, any disruption can lead to grave consequences – daily necessities may not reach store shelves and connected industries could suffer significant losses from an unpredictable supply chain and the inability to produce essential goods.

The maritime industry has been under immense pressure from the Covid-19 pandemic and the Russia-Ukraine conflict. The other element straining the system is the ever-escalating wave of cyber threats globally. They include threat actors collaborating to carry out malicious attacks, structural challenges such as a high volume of vulnerabilities affecting operational technology (OT) and firmware, weakness in patching management, and the lack of OT cybersecurity talent and matured practices for cyber defence.

According to the Ensign Cyber Threat Landscape 2022 report, the maritime sector is one of the top targeted sectors in Singapore when it comes to Ransomware cyber-attacks. Whether it is the critical infrastructure, or the shipbuilding and logistics subsectors, Singapore’s maritime industry is facing increasing interest from cyber adversaries due to its critical role as a maritime hub port.

For example, the Death Kitty ransomware disrupted TransNet’s container and trucking operations in July 2021. Other impacts detected by Ensign throughout 2021 include the theft of data that could be sold by threat actors, as well as serious disruptions to companies involved in logistics and supply chains.

The rising tide of cyber threats against the maritime sector

The maritime industry has gone through accelerated digitalisation, making technology vital to the operation and management of the safety and security of ships, port operations and logistics. Gone are the days when OT and IT systems could function separately in silos. The need for greater connectivity between technologies such as IT, OT and IoT as well as vendors have propelled the maritime industry to new heights of fleet efficiency, route optimisation, and profit margins.

However, the increased interconnectivity has also heightened cyber threat exposures and corresponding risks for organisations. The ramifications of a cyber-attack can be wide-ranging. Ship collisions, for example, could occur because of e-navigation and other systems being hacked, resulting in physical loss or damage to ships, bodily injury to personnel, cargo loss, pollution, and business interruption. It is also possible that the port’s operations may be disrupted, resulting in significant losses due to business disruption for the port and other dependent businesses operations.

In addition to losses sustained because of physical asset damage or destruction, significant expenditures may be incurred when responding to an adverse cyber incident. If the personal data of employees or customers are compromised, for example, large legal expenditures may be required to respond to the breach, pay the penalties, notify the data protection regulator and data subjects, as well as to defend potential legal proceedings.

Shoring up the maritime cyber defences

While it is impossible to keep out all cyber-attacks, maritime organisations should strengthen their defences to manage the growing threats they now face.

Here are six cyber defensive actions maritime organisations can take to strengthen their cyber defences:​​​

  1. Maritime organisations should leverage the cybersecurity community for cyber threat information and foster greater intelligence sharing to build early warning systems and protocols.

 

  1. They should bolster their cybersecurity hygiene. This includes establishing security baselines and implementing system and application architectures for rapid patching and virtual patching to reduce mean time to mitigation.

 

  1. To defend against new or unknown threats, organisations should establish continuous monitoring across the ecosystem through reviews, cyber monitoring, threat hunting, behavioural analytics, and horizon scanning.

 

  1. Maritime companies can mitigate the impact of disruptive cyber-attacks, such as Ransomware, by reviewing and revising incident and crisis management plans and playbooks. They can also run exercises to validate the organisation’s confidence in business recovery.

 

  1. To manage cyber risk exposure from their vendor and partner ecosystem, maritime organisations need to mandate incident reporting from vendors. This includes allowing access to audit cybersecurity controls, and monitoring vendors for dynamic cyber risk context.

 

  1. Lastly, cyber security awareness and training is important. Maritime organisations should invest in upgrading their cybersecurity teams’ skills and prioritise engineers and technicians to learn about cybersecurity and defensive actions.

Cybersecurity is an ongoing operation, and organisations need to maintain cyber hygiene and vigilance regardless of the increasing intensity of conflict, incidents, or crisis. With Singapore being a key international transportation and logistics hub, maritime organisations’ efforts in protecting their operations from cyber threats will go a long way to reducing the risk of disruption to a global supply chain that is already under considerable stress.

Source: https://www.seatrade-maritime.com/opinions-analysis/bracing-rising-tide-cyber-threats-against-maritime-industry

 

 



BMT has signed a memorandum of understanding (MoU) with the University of Plymouth to jointly research ship design and cybersecurity in the maritime sector.

The new agreement will look at harnessing the capabilities of the University’s recently opened £3.2 million Cyber-SHIP Lab. This facility is dedicated to simulating and understanding maritime cyber threats and facilitating future secure maritime operations through cyber resilience research, tools, and training. The facility forms part of the University’s Marine Navigation Centre, which includes a physical ship’s bridge used to simulate attacks and test equipment.

BMT was a founding industry supporter of the Cyber-SHIP Lab when it was launched in 2019, based on the firm belief that through the development of these new tools and lab, the UK can become a leading power in maritime cybersecurity.

Jake Rigby, research and development lead, BMT, said: “BMT is delighted to be working with the University of Plymouth in helping the UK drive the highest possible standards in maritime security. With this knowledge and experience in place, the UK can then offer the benefits of the insights, operational practices and training to the global shipping and marine community. Through combining our expertise and our knowledge, we are confident great strides will be made in enhancing security and cyber protection across maritime.”

Professor Kevin Jones, executive dean of science and engineering at the University and principal investigator on the Cyber-SHIP Lab project, added: “With our ever-increasing dependence on the global maritime sector, ensuring ships and port operations are cyber secure has never been more critical. Advances in cyber technology, and the emergence of new threats, mean this is a constantly evolving area that needs an innovative and joined-up approach. The partnership between the University and BMT is a perfect example of that, uniting our collective expertise in both identifying potential issues and solutions and finding the means for them to be applied in maritime engineering and design.”

The MoU was signed by professor Judith Petts CBE, vice-chancellor of the University of Plymouth, and Sarah Kenny, CEO of BMT, and will kick-start a range of collaboration opportunities from student engagement and employee development to collaborative research and joint consultancy.

Source: https://thedigitalship.com/news/maritime-satellite-communications/item/7977-university-of-plymouth-and-bmt-team-up-on-maritime-cyber-security


Five years ago, the largest maritime container shipping company in the world was hit with a cyberattack that crippled its booking system, stalled tracking of its containers and disrupted operations at container terminals all over the world operated by its APM Terminals subsidiary.

The financial cost to A.P. Møller-Mærsk was later estimated at US$300 million.

The cost to its reputation is harder to distill into dollars and cents. Suffice it to say that it was significant.

It was also a four-alarm cybersecurity wakeup call for Maersk.

But, five years later, that alarm has yet to prompt widespread co-ordinated cybersecurity initiatives in the global shipping sector.

As Lloyd’s List editor Richard Meade noted in introductory remarks for the U.K.-based shipping journal’s 2022 webinar on shipping sector cyber threats, industry surveys show now that cyberattacks and data theft “are routinely in the top three risks perceived by maritime businesses, but those same surveys routinely report that the industry is not fully prepared to tackle that risk.”

It’s a risk that is escalating up and down the global supply chain.

BlueVoyant’s second annual survey of cyber risk management in sectors ranging from financial services and health care to utilities and energy found “a fractured landscape, with different industries and regions responding differently to the challenges posed by another year of damaging, costly cyber events.”

Those 2021 events included the SolarWinds cyberattack, which cost an estimated US$100 billion, according to the global cybersecurity company.

BlueVoyant’s survey of 1,200 senior executives in Canada, the U.S., Germany, the Netherlands, the U.K. and Singapore found that 93% had suffered a cybersecurity breach and that the number of those breaches had increased 37% in the past 12 months.

Meanwhile, PwC’s Canada Cyber Threat Intelligence report estimates that the average cost of a data breach in Canada is now $6.35 million, and that supply-chain-related cyberattacks are becoming more frequent and more complex.

Globally, the annual cost of cyber crime to the world economy ranges anywhere from US$1 trillion to US$3 trillion.

“The prospect of a major cyberattack has loomed large over the [shipping] industry for many years,” Meade said, “but right now, the risk rates are flashing red.”

Cyberattacks on major shipping lines and within the maritime goods movement supply chain have cost the sector hundreds of millions of dollars thus far. But that bill pales in comparison to the costs of a catastrophic physical loss of ships or environmental disasters from oil or chemical spills or supply chain chokepoints snarled as the result of a cybersecurity breach on a major shipping line.

Shipping lines are especially vulnerable to cyberattacks because of the wide range of entry points to their navigation technologies and cargo handling, communications and management systems.

This is in part because of the complexity of global goods movement and the number of different connections needed to co-ordinate that movement, and the regular crew changes and human resources ebb and flow it requires.

But also, because, as Meade pointed out, the industry continues to be unwilling to “go public and share data, and partly because this remains steadfastly a reactive industry where safety improvements are only ever borne out of casualties.”

Russia’s invasion of Ukraine accelerated the danger of cyberattacks for major shipping companies and infrastructure.

And not necessarily as prime targets, but as collateral damage, says Bill Egerton, chief cyber officer with cyber insurance and risk management company Astaara.

Egerton says the war in Ukraine is providing cover for other groups to ramp up spam and hacking attacks “to make hay while the sun shines under cover of something else.” He estimates that those attacks have increased by 25% since the Russian invasion began.

Egerton adds that the danger to shipping is more on the office side of the equation than on the vessel side, and points out that the attack on Maersk five years ago resulted from a 2017 Russian cyberattack on Ukraine.

So, the problem for shipping is growing, Egerton says, “because [the] sheer volume of attacks is growing as well.”

“We’re not just talking about the occasional ransomware attack.… What I’m saying is that the attacks that have happened and have come into the public domain have either been through nation states or their proxies or groups that have worked for these people in the past.”

He adds that sharing data and experiences about cyberattacks and ransomware threats is a vital first line of defence for the shipping industry.

Without that mutual cooperation in an industry that is extremely competitive and therefore notoriously averse to sharing data, it will lose “the ability to be able to learn from those areas and strengthen collectively.”

Developing a mutual understanding of terms and language when it comes to managing cybersecurity risks and threats is fundamental to reducing those risks for major ports and shipping lines. As the International Association of Ports and Harbors (IAPH) notes in its Port Community Cyber Security report, “we take what is by nature a hard problem – that of understanding and managing organizational cyber risk – and make it more difficult and problematic when people neither perceive of, nor speak about, cyber risk management in the same way.”

But sharing data and a common communication language is only one initiative needed to fill the many holes in shipping lines’ cybersecurity.

Julian Clark, global senior partner at Ince, an international law and professional services company, told the Lloyd’s List webinar that educating and training ship crews, shipping company staff and management is critical.

And that means providing much more than instruction in basic cybersecurity hygiene.

He says there needs to be a game plan and training for what happens when a ship or a shipping line is hit with a cybersecurity breach or ransomware demand.

Ships’ crews and shipping lines know immediately what to do if there is a collision or other shipping disaster. But when it comes to a cyberattack, Clark said, all bets are off.

“Another thing that came out of the Lloyd’s List survey [of its shipping industry readers] was you’ve still got this issue of … what would happen if the company got hit by a major cyberattack this afternoon?”

The answer, Clark added, would be confusion and uncertainty.

Investing in cybersecurity safety training in the shipping sector is a fundamental first line of defence, and, to be effective, that investment cannot be a piecemeal nickel-and-dime approach.

“The important thing is you need to recognize that this is an ongoing cost of doing business,” Egerton says. “It’s not about a one-off hit and everything will be fine.”

He adds that much of the training material being used by shipping lines today is ineffective because it is dated and generic.

“It talks about stuff in the abstract rather than relevant to the vessel somebody is on or a company somebody’s working for. I think that sheep-dipping people for half an hour doing ‘mandatory training’ doesn’t help them do their jobs better. And you need much more role-specific training to make sure people understand how an attack can hurt their bit of the business.”

Shipping also shares a fundamental human resources challenge faced by other industries: recruiting and retaining cybersecurity talent. The World Economic Forum’s 2021 Cyber Outlook Survey of 120 top executives from private and public companies in 20 countries found that 59% of respondents “would find it challenging to respond to a cybersecurity incident due to the shortage of skills within their team.”

Again, data for different ships and different shipping operations is vital for any cybersecurity defence investment to be effective.

“Understand what you need,” Egerton says, “and do this proportionately. Because … if you go and spend a lot of money, you may end up with a product that you can’t use, because it’s producing too much data in the form you can’t cognitively understand. So, I think it’s proportionality. It has got to be people and leadership focused. If the board don’t take this seriously it is not going to work.”

He adds that there needs to be a clear line of sight and communication “from the board to the shop floor, so that everybody understands their role and their place in this, should [a cybersecurity breach] happen.

“Cybersecurity is a risk that won’t go away. You cannot just do it once and then forget it.”

Many major Vancouver-based shipping companies agree that there is a rising concern about the seriousness of cybersecurity threats in their industry, but declined comment for this article, citing an “abundance of caution” over concerns about raising their profiles and the potential for their businesses to become targets for international cybercriminals.

Source: https://biv.com/article/2022/08/cybersecurity-threat-looms-large-over-global-supply-chain?amp


The new Memorandum of Understanding will specifically look at harnessing the capabilities of the University’s recently opened £3.2 million Cyber-SHIP Lab. This world-leading facility is dedicated to simulating and understanding maritime cyber threats and facilitating future secure maritime operations through cyber resilience research, tools and training. The facility forms part of the University’s Marine Navigation Centre, which includes a physical ship’s bridge used to simulate attacks and test equipment.

BMT was a founding industry supporter of the Cyber-SHIP Lab when it was launched in 2019, based on the firm belief that through the development of these new tools and lab the UK can become a leading power in maritime cyber security.

Professor Kevin Jones, Executive Dean of Science and Engineering at the University and Principal Investigator on the Cyber-SHIP Lab project, added:

“With our ever-increasing dependence on the global maritime sector, ensuring ships and port operations are cyber secure has never been more critical. Advances in cyber technology, and the emergence of new threats, mean this is a constantly evolving area that needs an innovative and joined-up approach. The partnership between the University and BMT is a perfect example of that, uniting our collective expertise in both identifying potential issues and solutions and finding the means for them to be applied in maritime engineering and design.”

Jake Rigby, Research and Development Lead at BMT, added:

“BMT is delighted to be working with the University of Plymouth in this important work in helping the UK drive the highest possible standards in maritime security. With this knowledge and experience in place, the UK can then offer the benefits of the insights, operational practices and training to the global shipping and marine community. Through combining our expertise and our knowledge, we are confident great strides will be made in enhancing security and cyber protection across maritime.”

Source: https://seawanderer.org/university-of-plymouth-and-bmt-join-forces-to-improve-cyber-security-in-the-maritime-sector


The new agreement will look at harnessing the capabilities of the University’s recently opened £3.2 million Cyber-SHIP Lab. This facility is dedicated to simulating and understanding maritime cyber threats and facilitating future secure maritime operations through cyber resilience research, tools, and training. The facility forms part of the University’s Marine Navigation Centre, which includes a physical ship’s bridge used to simulate attacks and test equipment.

BMT was a founding industry supporter of the Cyber-SHIP Lab when it was launched in 2019, based on the firm belief that through the development of these new tools and lab, the UK can become a leading power in maritime cyber security.

Jake Rigby, research and development lead, BMT, said: “BMT is delighted to be working with the University of Plymouth in helping the UK drive the highest possible standards in maritime security. With this knowledge and experience in place, the UK can then offer the benefits of the insights, operational practices and training to the global shipping and marine community. Through combining our expertise and our knowledge, we are confident great strides will be made in enhancing security and cyber protection across maritime.”

Professor Kevin Jones, executive dean of science and engineering at the University and principal investigator on the Cyber-SHIP Lab project, added: “With our ever-increasing dependence on the global maritime sector, ensuring ships and port operations are cyber secure has never been more critical. Advances in cyber technology, and the emergence of new threats, mean this is a constantly evolving area that needs an innovative and joined-up approach. The partnership between the University and BMT is a perfect example of that, uniting our collective expertise in both identifying potential issues and solutions and finding the means for them to be applied in maritime engineering and design.”

The MoU was signed by professor Judith Petts CBE, vice-chancellor of the University of Plymouth, and Sarah Kenny, CEO of BMT, and will kick-start a range of collaboration opportunities from student engagement and employee development to collaborative research and joint consultancy.

Source: https://thedigitalship.com/news/maritime-satellite-communications/item/7977-university-of-plymouth-and-bmt-team-up-on-maritime-cyber-security


When it comes to cyber-attacks, shipowners should assume the worst and expect to be hit at some point.

These concerns are backed by a report from March 2022 showing that shipping companies pay an average US$3.1 million in cybersecurity ransom payments per incident due to gaps in their risk management. Attacks on the maritime industry range from phishing and ransomware to targeting infrastructure or ship systems for financial or political reasons.

More than half of shipowners spend less than $100,000 a year on cybersecurity management, which the organisations behind the report – maritime consultancy firm Thetius, law firm HFW and shipping cybersecurity company CyberOwl – believe isn’t enough.

Additionally, around two-thirds of respondents aren’t sure whether their insurance covers cyber-attacks. Other eye- raising results show that only 55% of industry suppliers are asked by shipowners to prove they have cyber-risk management procedures in place, while 25% of seafarers don’t know what’s expected of them if involved in a cyber incident.

The big worry is that shipping companies haven’t invested enough time or money to shore up their defences, leaving them exposed to attack and short of meeting IMO 2021, the International Maritime Organization’s requirements for cyber-risk management.

Cyber-attacks and vessel safety

Failing to establish safeguards against any cyber risks to vessels, personnel and the marine environment can prove damaging to shipping companies from an operational perspective.

The rapid pace of maritime digitalisation provides shipowners huge benefits in terms of improved efficiency, safety and asset tracking. Such technology has been around for some time and is now an established part of vessel operation.

One example can be found in navigation. Paper charts have long been replaced with digital alternatives on most vessels, to the point where traditional navigation techniques are rarely, if ever, practised by seafarers. Today, some shipowners have gone further and implemented shore-based dynamic route management, to fully optimise vessel efficiency and safety.

A cyber-attack on one of these onboard systems could have dramatic implications on vessel safety. If navigation controls are altered, or charts deleted, it can become very difficult for a crew to safely operate a vessel. The impact could be even more dramatic for digital systems connected to engines or ballast pumps.

Since January 2021, cyber threats have been included in the ISM Code’s risk management protocols. Under the updated protocol, cyber risks must now feature in a vessel’s Safety Management Systems.

This reform means that shipowners must identify and create an inventory for their critical technology and data assets (both hardware and software, IT and operational technology) on board their vessels and linked to their onshore systems. They should also assess the cyber risks to those assets and establish specific risk-mitigation measures to manage and guard against any threats. Additionally, any cyber-security policies must ensure that crewmembers receive the appropriate training to understand the threats, and that the roles and responsibilities for addressing those risks are clearly defined.

A properly formulated Safety Management System should cover worst-case measures to ensure that a vessel and its crew remain safe should a system fail, which may include hard-copy back-ups or manual overrides. It should also include regular audits to ensure new risks are identified, and a commitment to continuous improvement.

It is important that shipowners work proactively to ensure that their Safety Management Systems are fully up to date and fit for purpose, yet it can be a complex task. Such systems are inherently technical, and an owner may need outside support to properly evaluate and understand vulnerabilities.

West’s Loss Prevention department can provide vessel and issue specific guidance and support in improving Safety Management Systems – both to meet regulations and to improve the safety of a vessel. Our expert team is ready to give practical advice to any Member, and can help ensure a vessel stays safe and P&I cover remains valid.

Major commercial risks

Vessel safety is not the only cyber risk shipowners face. Phishing attacks, where cyber-criminals posing as legitimate institutions send individuals or companies emails to obtain sensitive information, are perhaps the biggest concern for most owners.

Cyber whaling, a particularly dangerous variation of phishing, is becoming more common. In these attacks, emails target a group of senior executives or digital gatekeepers using personal vocabulary and information to trick them into cooperating. Messages are usually from fake email accounts that look almost identical to a genuine sender’s address.

The criminals behind cyber whaling aim to socially engineer their victims, to trick them into making financial transfers or sharing confidential material. Anyone duped into doing either usually has no idea until it’s too late – which would be incredibly disruptive to shipowners’ shore- side and sea-based operations.

An attacker could gain access to the organisation’s computer system, forcing the shipowner to take the entire office function offline. In this instance, the company would have to painstakingly organise hundreds of paper, rather than electronic, records and forms.

The ramifications can extend to ships, with vessels stuck at ports or unable to secure bunkers. Payment, logistics and planning systems could be completely decimated, while compliance paperwork may force some owners to temporarily cease some trades.

How to plan for cyber-attacks

Some of the principles inherent in the ISM Code can guide a shipowner across other parts of their business. IT and digital teams should regularly identify and conduct an audit of all potential cyber threats, while staff need training to spot the warning signs and understand the systems in place for blocking hackers.

Staff within the organisation should never share any personal information in an open, online public forum. For example, an attacker could verify an employee’s identity by using their birthday, after sourcing that information from the victim’s LinkedIn profile.

Given that even the best defences can be breached, owners should also plan to mitigate the impact of any successful attack. This may include maintaining back-up systems and servers where appropriate to keep office functions online if under attack.

It is also important to protect against worst-case scenarios through proper, specialist insurance. Where cyber risks onboard a vessel are covered by P&I, other commercial risks are not – and must be insured separately.

West is proud to have partnered with Astaara, the only specialist marine cyber insurer in the market. Astaara can cover a client’s entire business, including shoreside operations, and provides unique business interruption cover on a tailored basis.

Astaara also offers marine cyber-risk management consultancy services, working with clients to measure and improve their cyber-risk profile through a five-stage process. By building a comprehensive picture of an organisation’s cyber enterprise risk management and increasing resilience, they can dramatically improve security. The process also covers business continuity planning to ensure rapid recovery should an event occur.

Ultimately, shipowners are responsible for building and maintaining strong defences to deter or prevent cyber incidents. Building resilience is critical, both for vessels and backroom functions. Yet, even the most secure systems are vulnerable – and shipowners must work closely with insurers, including their P&I insurer, to ensure business continuity if the worst were to happen.

Source: West of England, by Bill Egerton, Chief Cyber Officer (Astaara)


Zero Trust has become a well-recognized framework in the cybersecurity world. SecOps teams are championing this ‘trust no-one’ strategy to support the fight against the escalating risk of cybercrime, and in helping to monitor threat actors across their network. In fact, research from Gigamon found that 70% of IT leaders agree that Zero Trust would enhance their IT strategy.

In short, this approach to cybersecurity eradicates the implicit trust often given to internal traffic within a network. This security-first mindset also benefits business efficiency; 87% of IT teams believe productivity has increased since the start of their Zero Trust journey, as systems run faster and downtime is reduced due to fewer breaches.

However, the threatscape is evolving. Ransomware now represents one of the biggest threats to businesses across the world and many are falling victim to catastrophic attacks. This type of malware surged by 82% in 2021 and it shows no signs of stopping, especially as 82% of British firms which have been victims of ransomware attacks reportedly paid the hackers to get back their data.

So, can Zero Trust Architecture (ZTA) help organizations protect themselves from one of the biggest threats in today’s cyber landscape?

Ian Farquhar, Field CTO, Gigamon.

What does Zero Trust mean today?

When putting trust into something, we should always have a rational reason for doing so. However, this has not always been the case in IT. Instead, for years, IT teams have used approximations for trustability, often because mechanisms to support trust-measurement were not practical in the past. This could be because an organization owns a system, if a user is an employee or if the network has previously been secure.

Yet these are not actual trustability measurements, they are instead gross approximations often based on assumptions. When that trust assumption fails, risk is introduced. And when a threat actor recognizes those assumptions are part of an organization’s security strategy, they can use them to evade network controls and cause problems for cybersecurity.

Zero trust changes this. It dynamically measures whether something is trustworthy by analyzing how it works and assessing whether an organization has a rational basis for trusting it and allowing the connection. This is not only the case for entire systems, but also, for individual devices, security mechanisms and users.

Given the prominence of BYOD policies and remote working, it is essential that trust is earned rather than given freely, and all users should be considered threats until proven otherwise.

In a world where the workforce has shifted significantly to a “work anywhere, work anytime” model, embracing a ZTA simply makes sense.

By introducing micro-segmentation – which separates data, assets and applications and represents a key pillar to ZTA – organizations can stop one compromised device becoming an entirely disrupted network.

One famous instance is the Las Vegas casino that was hacked through its IoT thermometer in an aquarium in the foyer. From here, the attacker was able to access the casino’s entire network.

How can businesses protect themselves from this level of threat? With IoT expanding, and adversaries clearly using more innovative tactics and techniques to breach a system, Zero Trust has to be part of the security strategy.

Ransomware and deep observability

The cornerstone of ZTA is visibility. A clear view across all data in motion – from the cloud to the core – means IT teams can best understand any threat to their network. From here they can authorize safe activity, as well as detect undesirable application behavior and analyze the metadata that will detail the origin and movement of an attack.

In other words, you cannot protect against what you cannot see. The deeper the level of observability into a network, the more insight an IT team can gather and then action to improve their entire security posture. This is actually explicitly required by NIST SP 800-207, the gold standard of zero trust.

The very nature of ZTA is deep and thorough inspection of all users and all data, including encrypted traffic. With this architecture and micro-segmentation in place, it will also stop cybercriminals moving laterally within a network – meaning adversaries looking to traverse an IT infrastructure and deploy ransomware across more critical data will be unable to do so.

Over recent years, cybercriminals have become far more savvy and sophisticated, in how they deploy this kind of malware. An attack in today’s climate will typically be carefully considered and strategically targeted against known vulnerable organizations that store critical data. It is also common for bad actors to penetrate a network and lay dormant for months at a time.

Visibility is central in the fight against ransomware; by eradicating blind-spots across the network, adversaries will no longer be able to exist on a network undetected. With Zero Trust and deeper observability into all data, criminal dwell time can be cut dramatically from the current average of 285 days.

It is important to remember that Zero Trust is not the singular silver bullet to ransomware protection. However, paired with visibility, it will be essential for bolstering a company’s cyber posture. By prioritizing deep observability, ZTA becomes far easier to introduce and ransomware threats will become far easier to detect.

Source:https://maritimefairtrade.org/trust-no-one-in-fight-against-ransomware/