The new Memorandum of Understanding will specifically look at harnessing the capabilities of the University’s recently opened £3.2 million Cyber-SHIP Lab. This world-leading facility is dedicated to simulating and understanding maritime cyber threats and facilitating future secure maritime operations through cyber resilience research, tools and training. The facility forms part of the University’s Marine Navigation Centre, which includes a physical ship’s bridge used to simulate attacks and test equipment.
BMT was a founding industry supporter of the Cyber-SHIP Lab when it was launched in 2019, based on the firm belief that through the development of these new tools and lab the UK can become a leading power in maritime cyber security.
Professor Kevin Jones, Executive Dean of Science and Engineering at the University and Principal Investigator on the Cyber-SHIP Lab project, added:
“With our ever-increasing dependence on the global maritime sector, ensuring ships and port operations are cyber secure has never been more critical. Advances in cyber technology, and the emergence of new threats, mean this is a constantly evolving area that needs an innovative and joined-up approach. The partnership between the University and BMT is a perfect example of that, uniting our collective expertise in both identifying potential issues and solutions and finding the means for them to be applied in maritime engineering and design.”
Jake Rigby, Research and Development Lead at BMT, added:
“BMT is delighted to be working with the University of Plymouth in this important work in helping the UK drive the highest possible standards in maritime security. With this knowledge and experience in place, the UK can then offer the benefits of the insights, operational practices and training to the global shipping and marine community. Through combining our expertise and our knowledge, we are confident great strides will be made in enhancing security and cyber protection across maritime.”
The new agreement will look at harnessing the capabilities of the University’s recently opened £3.2 million Cyber-SHIP Lab. This facility is dedicated to simulating and understanding maritime cyber threats and facilitating future secure maritime operations through cyber resilience research, tools, and training. The facility forms part of the University’s Marine Navigation Centre, which includes a physical ship’s bridge used to simulate attacks and test equipment.
BMT was a founding industry supporter of the Cyber-SHIP Lab when it was launched in 2019, based on the firm belief that through the development of these new tools and lab, the UK can become a leading power in maritime cyber security.
Jake Rigby, research and development lead, BMT, said: “BMT is delighted to be working with the University of Plymouth in helping the UK drive the highest possible standards in maritime security. With this knowledge and experience in place, the UK can then offer the benefits of the insights, operational practices and training to the global shipping and marine community. Through combining our expertise and our knowledge, we are confident great strides will be made in enhancing security and cyber protection across maritime.”
Professor Kevin Jones, executive dean of science and engineering at the University and principal investigator on the Cyber-SHIP Lab project, added: “With our ever-increasing dependence on the global maritime sector, ensuring ships and port operations are cyber secure has never been more critical. Advances in cyber technology, and the emergence of new threats, mean this is a constantly evolving area that needs an innovative and joined-up approach. The partnership between the University and BMT is a perfect example of that, uniting our collective expertise in both identifying potential issues and solutions and finding the means for them to be applied in maritime engineering and design.”
The MoU was signed by professor Judith Petts CBE, vice-chancellor of the University of Plymouth, and Sarah Kenny, CEO of BMT, and will kick-start a range of collaboration opportunities from student engagement and employee development to collaborative research and joint consultancy.
When it comes to cyber-attacks, shipowners should assume the worst and expect to be hit at some point.
These concerns are backed by a report from March 2022 showing that shipping companies pay an average US$3.1 million in cybersecurity ransom payments per incident due to gaps in their risk management. Attacks on the maritime industry range from phishing and ransomware to targeting infrastructure or ship systems for financial or political reasons.
More than half of shipowners spend less than $100,000 a year on cybersecurity management, which the organisations behind the report – maritime consultancy firm Thetius, law firm HFW and shipping cybersecurity company CyberOwl – believe isn’t enough.
Additionally, around two-thirds of respondents aren’t sure whether their insurance covers cyber-attacks. Other eye- raising results show that only 55% of industry suppliers are asked by shipowners to prove they have cyber-risk management procedures in place, while 25% of seafarers don’t know what’s expected of them if involved in a cyber incident.
The big worry is that shipping companies haven’t invested enough time or money to shore up their defences, leaving them exposed to attack and short of meeting IMO 2021, the International Maritime Organization’s requirements for cyber-risk management.
Cyber-attacks and vessel safety
Failing to establish safeguards against any cyber risks to vessels, personnel and the marine environment can prove damaging to shipping companies from an operational perspective.
The rapid pace of maritime digitalisation provides shipowners huge benefits in terms of improved efficiency, safety and asset tracking. Such technology has been around for some time and is now an established part of vessel operation.
One example can be found in navigation. Paper charts have long been replaced with digital alternatives on most vessels, to the point where traditional navigation techniques are rarely, if ever, practised by seafarers. Today, some shipowners have gone further and implemented shore-based dynamic route management, to fully optimise vessel efficiency and safety.
A cyber-attack on one of these onboard systems could have dramatic implications on vessel safety. If navigation controls are altered, or charts deleted, it can become very difficult for a crew to safely operate a vessel. The impact could be even more dramatic for digital systems connected to engines or ballast pumps.
Since January 2021, cyber threats have been included in the ISM Code’s risk management protocols. Under the updated protocol, cyber risks must now feature in a vessel’s Safety Management Systems.
This reform means that shipowners must identify and create an inventory for their critical technology and data assets (both hardware and software, IT and operational technology) on board their vessels and linked to their onshore systems. They should also assess the cyber risks to those assets and establish specific risk-mitigation measures to manage and guard against any threats. Additionally, any cyber-security policies must ensure that crewmembers receive the appropriate training to understand the threats, and that the roles and responsibilities for addressing those risks are clearly defined.
A properly formulated Safety Management System should cover worst-case measures to ensure that a vessel and its crew remain safe should a system fail, which may include hard-copy back-ups or manual overrides. It should also include regular audits to ensure new risks are identified, and a commitment to continuous improvement.
It is important that shipowners work proactively to ensure that their Safety Management Systems are fully up to date and fit for purpose, yet it can be a complex task. Such systems are inherently technical, and an owner may need outside support to properly evaluate and understand vulnerabilities.
West’s Loss Prevention department can provide vessel and issue specific guidance and support in improving Safety Management Systems – both to meet regulations and to improve the safety of a vessel. Our expert team is ready to give practical advice to any Member, and can help ensure a vessel stays safe and P&I cover remains valid.
Major commercial risks
Vessel safety is not the only cyber risk shipowners face. Phishing attacks, where cyber-criminals posing as legitimate institutions send individuals or companies emails to obtain sensitive information, are perhaps the biggest concern for most owners.
Cyber whaling, a particularly dangerous variation of phishing, is becoming more common. In these attacks, emails target a group of senior executives or digital gatekeepers using personal vocabulary and information to trick them into cooperating. Messages are usually from fake email accounts that look almost identical to a genuine sender’s address.
The criminals behind cyber whaling aim to socially engineer their victims, to trick them into making financial transfers or sharing confidential material. Anyone duped into doing either usually has no idea until it’s too late – which would be incredibly disruptive to shipowners’ shore- side and sea-based operations.
An attacker could gain access to the organisation’s computer system, forcing the shipowner to take the entire office function offline. In this instance, the company would have to painstakingly organise hundreds of paper, rather than electronic, records and forms.
The ramifications can extend to ships, with vessels stuck at ports or unable to secure bunkers. Payment, logistics and planning systems could be completely decimated, while compliance paperwork may force some owners to temporarily cease some trades.
How to plan for cyber-attacks
Some of the principles inherent in the ISM Code can guide a shipowner across other parts of their business. IT and digital teams should regularly identify and conduct an audit of all potential cyber threats, while staff need training to spot the warning signs and understand the systems in place for blocking hackers.
Staff within the organisation should never share any personal information in an open, online public forum. For example, an attacker could verify an employee’s identity by using their birthday, after sourcing that information from the victim’s LinkedIn profile.
Given that even the best defences can be breached, owners should also plan to mitigate the impact of any successful attack. This may include maintaining back-up systems and servers where appropriate to keep office functions online if under attack.
It is also important to protect against worst-case scenarios through proper, specialist insurance. Where cyber risks onboard a vessel are covered by P&I, other commercial risks are not – and must be insured separately.
West is proud to have partnered with Astaara, the only specialist marine cyber insurer in the market. Astaara can cover a client’s entire business, including shoreside operations, and provides unique business interruption cover on a tailored basis.
Astaara also offers marine cyber-risk management consultancy services, working with clients to measure and improve their cyber-risk profile through a five-stage process. By building a comprehensive picture of an organisation’s cyber enterprise risk management and increasing resilience, they can dramatically improve security. The process also covers business continuity planning to ensure rapid recovery should an event occur.
Ultimately, shipowners are responsible for building and maintaining strong defences to deter or prevent cyber incidents. Building resilience is critical, both for vessels and backroom functions. Yet, even the most secure systems are vulnerable – and shipowners must work closely with insurers, including their P&I insurer, to ensure business continuity if the worst were to happen.
Source: West of England, by Bill Egerton, Chief Cyber Officer (Astaara)
Zero Trust has become a well-recognized framework in the cybersecurity world. SecOps teams are championing this ‘trust no-one’ strategy to support the fight against the escalating risk of cybercrime, and in helping to monitor threat actors across their network. In fact, research from Gigamon found that 70% of IT leaders agree that Zero Trust would enhance their IT strategy.
In short, this approach to cybersecurity eradicates the implicit trust often given to internal traffic within a network. This security-first mindset also benefits business efficiency; 87% of IT teams believe productivity has increased since the start of their Zero Trust journey, as systems run faster and downtime is reduced due to fewer breaches.
However, the threatscape is evolving. Ransomware now represents one of the biggest threats to businesses across the world and many are falling victim to catastrophic attacks. This type of malware surged by 82% in 2021 and it shows no signs of stopping, especially as 82% of British firms which have been victims of ransomware attacks reportedly paid the hackers to get back their data.
So, can Zero Trust Architecture (ZTA) help organizations protect themselves from one of the biggest threats in today’s cyber landscape?
Ian Farquhar, Field CTO, Gigamon.
What does Zero Trust mean today?
When putting trust into something, we should always have a rational reason for doing so. However, this has not always been the case in IT. Instead, for years, IT teams have used approximations for trustability, often because mechanisms to support trust-measurement were not practical in the past. This could be because an organization owns a system, if a user is an employee or if the network has previously been secure.
Yet these are not actual trustability measurements, they are instead gross approximations often based on assumptions. When that trust assumption fails, risk is introduced. And when a threat actor recognizes those assumptions are part of an organization’s security strategy, they can use them to evade network controls and cause problems for cybersecurity.
Zero trust changes this. It dynamically measures whether something is trustworthy by analyzing how it works and assessing whether an organization has a rational basis for trusting it and allowing the connection. This is not only the case for entire systems, but also, for individual devices, security mechanisms and users.
Given the prominence of BYOD policies and remote working, it is essential that trust is earned rather than given freely, and all users should be considered threats until proven otherwise.
In a world where the workforce has shifted significantly to a “work anywhere, work anytime” model, embracing a ZTA simply makes sense.
By introducing micro-segmentation – which separates data, assets and applications and represents a key pillar to ZTA – organizations can stop one compromised device becoming an entirely disrupted network.
One famous instance is the Las Vegas casino that was hacked through its IoT thermometer in an aquarium in the foyer. From here, the attacker was able to access the casino’s entire network.
How can businesses protect themselves from this level of threat? With IoT expanding, and adversaries clearly using more innovative tactics and techniques to breach a system, Zero Trust has to be part of the security strategy.
Ransomware and deep observability
The cornerstone of ZTA is visibility. A clear view across all data in motion – from the cloud to the core – means IT teams can best understand any threat to their network. From here they can authorize safe activity, as well as detect undesirable application behavior and analyze the metadata that will detail the origin and movement of an attack.
In other words, you cannot protect against what you cannot see. The deeper the level of observability into a network, the more insight an IT team can gather and then action to improve their entire security posture. This is actually explicitly required by NIST SP 800-207, the gold standard of zero trust.
The very nature of ZTA is deep and thorough inspection of all users and all data, including encrypted traffic. With this architecture and micro-segmentation in place, it will also stop cybercriminals moving laterally within a network – meaning adversaries looking to traverse an IT infrastructure and deploy ransomware across more critical data will be unable to do so.
Over recent years, cybercriminals have become far more savvy and sophisticated, in how they deploy this kind of malware. An attack in today’s climate will typically be carefully considered and strategically targeted against known vulnerable organizations that store critical data. It is also common for bad actors to penetrate a network and lay dormant for months at a time.
Visibility is central in the fight against ransomware; by eradicating blind-spots across the network, adversaries will no longer be able to exist on a network undetected. With Zero Trust and deeper observability into all data, criminal dwell time can be cut dramatically from the current average of 285 days.
It is important to remember that Zero Trust is not the singular silver bullet to ransomware protection. However, paired with visibility, it will be essential for bolstering a company’s cyber posture. By prioritizing deep observability, ZTA becomes far easier to introduce and ransomware threats will become far easier to detect.
Shipping is the lifeblood of the global economy, yet the industry’s profit margins are tight, which makes operational continuity crucial. Over the years, the maritime industry facing a rising threat rate of cyber-attacks that results in downtime, causing damages to the port’s profits, competitiveness, and reputation. OT systems currently rely on backward backup solutions such as external disks and tapes, which can cause a considerable loss of time- hours in the case of a malfunction and even weeks in the case of a cyber-attack. According to a study conducted by Accenture & Ponemon, you usually have to wait 23 days to recover from a ransomware attack.
New patented technology now ensures operational continuity, enabling a return to operation in 30 seconds: ”At the touch of a button – a single click on our CRU device, possibly done by a crane operator – with no IT knowledge required” – explained Oleg Vusiker, CTO of Salvador Technologies.
The solution presented by Salvador Technologies offers complete and instant recovery from ransomware attacks and hardware/software malfunctions. It comprises a revolutionized air-gapped technology that dramatically reduces data loss and operational downtime risks.
Installation of the POC is carried out on critical OT (operational technology) stations in the port, such as cranes, control terminals, and logistics centers. This innovative technology allows cold, up-to-date backups to be performed autonomously and efficiently monitored 24/7, complying with NIST, CISA, and FBI guidelines. Quality control mechanisms ensure the integrity of the backups.
WHAT’S NEXT?
Following the successful POC at the Ashdod Port, Salvador Technologies is now collaborating with the New York and New Jersey Port – the busiest port on the East Coast in the US and one of the largest in the nation.
US Senator and Chairman of the Senate Foreign Relations Committee, Bob Menendez: “I’m incredibly pleased that the University of New Jersey and the Port of Ashdod have agreed to work together. Communities in NJ, Israel, and around the world rely on the free flow of goods to our ports. Our ports face immerging challenges, ranging from physical and cyber security threats to logistics issues. The exchange of ideas and the building of relationships are crucial. I hope that we too can offer insights, experience, and support that will help build a more powerful, prosperous future back in Israel.”
Cyber security is not just about preventing hackers from gaining access to systems and information. It also addresses the maintenance, integrity, confidentiality, and availability of data and systems, ensuring business continuity and the continuing utility of cyber assets. As these issues are becoming more and more critical, a Business Continuity Plan (BCP) is now an essential proactive measure that needs to be taken by ports around the globe.
More info about operational continuity and BCP in maritime >>> http://www.salvador-tech.com
Cyber-attacks on one of the world’s busiest ports have nearly doubled since the start of the Covid pandemic.
The number of monthly attacks targeting the Port of Los Angeles is now around 40 million, the port’s executive director Gene Seroka told the BBC.
Los Angeles is the busiest port in the western hemisphere, handling more than $250bn (£210bn) of cargo every year.
The threats are believed to come mainly from Europe and Russia, and aim to disrupt the US economy, Mr Seroka said.
“Our intelligence shows the threats are coming from Russia and parts of Europe. We have to stay steps ahead of those who want to hurt international commerce,” he told the BBC’s World Service.
Seaports move billions of dollars in goods every year, making them a unique target for cyber-criminals.
They face daily ransomware, malware, spear phishing and credential harvesting attacks, with the aim of causing as much disruption as possible and slowing down economies.
Teaming up with the FBI
The Port of Los Angeles is now working with the Federal Bureau of Investigation’s cyber-crime team to prevent attacks and improve cyber-security.
The port has invested millions of dollars in cyber-protection, developing one of the world’s first Cyber Resilience Centres, which is part of the FBI.
“We must take every precaution against potential cyber-incidents, particularly those that could threaten or disrupt the flow of cargo,” said Mr Seroka.
The Cyber Resilience Centre provides enhanced intelligence gathering and heightened protection against cyber-threats within the maritime supply chain.
It is a hub for the port to receive, analyse and share information with those who operate on the dock, such as cargo handlers and shipping lines.
Supply chain blockages
During the pandemic global supply chains slowed down as lockdowns closed factories and workers were forced to stay at home.
The strain on supply chains has since eased, Mr Seroka said. In January 2022 there were 109 container ships queuing for more than two days to get into the Port of Los Angeles. Today there are around 20 waiting to dock.
But Mr Seroka believes the blockages won’t clear completely until 2023. “There’s so much cargo coming in and not enough space,” he said.
“The past two years have proven the vital role that ports hold to our nation’s critical infrastructure, supply chains and economy. It’s paramount we keep the systems as secure as possible,” he added.
Source: BBC
by John Konrad (gCaptain) The Port of Los Angeles is the victim of approximately 40 million cyber attacks per month, mostly from Europe and Russia including former Eastern Bloc nations. This is double the number of attacks since the start of the COVID19 pandemic. The Port has contacted the FBI for assistance.
“Our intelligence shows the threats are coming from Russia and parts of Europe. We have to stay steps ahead of those who want to hurt international commerce,” said Gene Seroka, director of the Port of Los Angeles, in a BBC interview. “We must take every precaution against potential cyber-incidents, particularly those that could threaten or disrupt the flow of cargo.”
The Port of Los Angeles is now working with the Federal Bureau of Investigation’s cyber-crime team to prevent attacks and improve security. It has also invested millions of dollars in a Cyber Resilience Center (CRC) it built with IBM to study cyber crimes, prevent attacks, and share information with the FBI.
The new Cyber Resilience Centre acts as a hub for the port, receiving, analyzing, and sharing information with those who operate on the dock, such as cargo handlers and shipping lines. In this way, it enhances intelligence gathering and provides heightened protection against cyber-threats within the maritime supply chain.
This is not the port’s first attempt to fight cybercrime. In 2014, the Port of Los Angeles established a Cyber Security Operations Center designed to help protect the Port’s internal networks. The newly-designed CRC builds upon that technology infrastructure by improving the quality, quantity and speed of cyber information sharing among Port stakeholders.
This new standard has been developed by the IASME Consortium together with the Royal Institution of Naval Architects (RINA), to raise cyber security standards within the maritime sector.
The baseline offers shipping companies the certification required to assert their vessels uphold the maritime cyber security regulation standards. The baseline includes the audit of different types of vessels, such as commercial vessels, especially cargo, passenger ferries, and yachts. It also covers crewed and autonomous vessels.
Nir Ayalon, Cydome’s CEO, said: “We’re very proud to become the first international Certification Body for Maritime Cyber Baseline – and to join the IASME consortium. This step is aligned with Cydome’s vision of providing maritime organisations with the ability to show their cyber resilience through a quick automated process – reducing the friction, hassle, cost and time of manual audits. Getting a Maritime Cyber Baseline certification will give a strong message to the shipping companies, insurance companies and the management of the commitment to having a secure fleet – and to mitigate cyber risks.”
Cydome, a cyber security company for the maritime industry, offers advanced cyber security capabilities designed to fend off maritime cybercrime on and offshore.
Cydome has been confirmed as the first international certification body for Maritime Cyber Baseline, a new programme developed by the IASME consortium, together with the Royal Institution of Naval Architects, to raise cybersecurity standards within the maritime sector.
Based in the UK, IASME works alongside a network of certification bodies to help certify organisations of all sizes in both cyber security and counter fraud, with Cydome the latest to be added to that list.
The newly developed baseline offers shipping companies certification to assert that their vessels uphold maritime cybersecurity regulation standards and includes audits of different types of vessels, such as commercial vessels, passenger ferries, and yachts. It also covers both crewed and autonomous ships.
Cydome has been approved to provide certification services for the baseline, with its automated compliance system able to be applied to assess an entire fleet’s cyber risk status.
“We’re very proud to become the first international certification body for Maritime Cyber Baseline and to join the IASME consortium,” said Nir Ayalon, Cydome’s CEO.
“This step is aligned with Cydome’s vision of providing maritime organisations with the ability to show their cyber resilience through a quick automated process – reducing the friction, hassle, cost and time of manual audits.”
“Getting a Maritime Cyber Baseline certification will give a strong message to the shipping companies, insurance companies and the management of the commitment to having a secure fleet – and to mitigate cyber risks.”
Green Award welcomes IQ Solutions SA as an incentive provider. With reference by the Chairman of the Green Award Foundation, Captain Dimitrios to the ceremony (presentation of Green Award Flag and a Plaque) on 7 June 2022 at Posidonia Exhibition, Athens. The Greek company provides certified cyber secure ICT Solutions and Services for the Maritime Industry. They give a complete managed information technology and communications for vessels with a Green Award certificate a discount of:
• 10% for certified companies (seagoing shipping)
• 15% for certified seagoing ships
• 15% for certified inland ships
• 10% for other participating Incentive Providers
The team of IQ Solutions SA is highly skilled engineers and consultants, experienced in large and complex IT projects, tackle the cyber security in the most credible, effective, and highly professional manner. IQ Solutions SA is a Maritime ICT Integrator with unique Intellectual Property, offering ICT solutions Type Approved for Cyber Security by IACS members & Flag States.
From left to right: Jan Fransen, Executive Director of the Green Award foundation, Capt. Dimitrios Mattheou, Chairman of the Green Award foundation, Panagiotis Gavalas, IQ Solutions Director of Operations and Paris Papanastasiou CEO and Managing Director of IQ Solutions.
Specialized products & services are presented below: • VCell Cyber
Type Approved/certified for Cyber Security (by BV and ABS) end-to-end vessel ICT solution, providing a managed, enhanced, fully controllable and monitored ICT environment, consisted of highly available, redundant, and secure infrastructure covering servers, clients, managed networking, and printing. • VTalos
Universal Vessel USB Protection Unit, certified by ABS, designed to control, and protect from a sensitive onboard Cyber Security issue, the use of USB devices on vessel networks & devices. • Ermis
Augmented Reality solution for vessels making onboard remote view, inspection, assistance and knowledge transfer direct and immediate, without the need of shore experts to be physically present onboard.
Captain Dimitris Mattheou, Chairman of the Green Award Foundation comments, “We are happy to welcome IQ Solutions to the Green Award scheme and see many synergies. Digital integrations become a greater reality for the maritime industry.Quality standards is not only what they promise but also what they provide. Green Award, along with IQ Solutions and the rest of our distinguished incentive providers, fairly represent the determined, passionate, faithful, devoted and pioneering sailors of Green Shipping.”
Source: IQ Solutions SA
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
