MARITIME CYBER SECURITY Archives - Page 30 of 40 - SHIP IP LTD

MPA has released maritime cyber risk management for shipowners,  ship  managers,  operators,  and  masters  of  Singapore-registered ships subjected to the ISM Code, and MPA’s ROs.

This circular provides information on the requirement to incorporate maritime cyber risk management in the safety management systems (SMS) of companies operating Singapore-registered ships.

Cyber risk management refers to the process of identifying, analysing, assessing, and communicating a cyber-related risk and accepting, avoiding, transferring, or mitigating it to an acceptable level, considering costs and benefits of actions taken to stakeholders.

Maritime cyber risk refers to a measure of the extent to which a technology asset is threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised. The goal of maritime cyber risk management is to support safe and secure shipping, which is operationally resilient to cyber risks.

As affirmed in Resolution MSC. 428(98)1 (Annex A), an approved SMS should take into account cyber risk management in accordance with the objectives and functional requirements of the ISM Code2, MPA will require cyber risks to be appropriately addressed in the company’s SMS no later than the first annual verification of the ISM company’s Document of Compliance after 1 January 2021.

In line with the guidance presented in MSC-FAL.1/Circ.3 (Annex B), to consider cyber risks as being appropriately addressed in SMS, the ISM company is required to demonstrate that they have appropriately incorporated the five functional elements to address maritime cyber risks, namely:

Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations;
Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations;
Detect: Develop and implement activities necessary to detect a cyber-event in a timely manner.
Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber-event;
Recover: Identify measures to back-up and restore cyber systems necessaryfor shipping operations impacted by a cyber-event.

ISM companies of Singapore-registered ships are reminded to review the identified risks to its ships, personnel and the environment and to establish appropriate safeguards to ensure that maritime cyber risks are appropriately addressed in the SMS, and that the five functional elements stated in para 5have been incorporated into their risk management framework.7.

MPA has co-funded several maritime cyber security courses under Maritime Cluster Fund and Training@MaritimeSingapore. MPA is also aware that Recognised Organisations (ROs)have developed maritime cyber security training courses and relevant consultancy services to assist ISM Companies in developing and preparing their cyber risk management strategyand procedures.

Source: portnews

The COVID-19 pandemic has seen classification societies around the world adapting their services to cope with global travel restrictions, allowing inspections to be conducted remotely and for more services to be available online. For the Korean Register, increasing digitalisation and embracing new technologies has been a long-held strategy and the society quickly adapted its services to support customer’s business operations in these challenging times.

KR’s remote survey service was launched over a year ago and is well established, conducted via bi-directional communication with a vessel, by sharing photographs, video contents and digital images from the ship. It can be completed effectively and confidently anywhere in the world without requiring a surveyor’s attendance on board.

Travel restrictions as a result of COVID-19 have prevented KR from conducting some physical surveys and the need for social distancing has made it impossible to send surveyors on board ships. In these cases, KR has been granting extensions for one month or the period of a voyage to the next port, whichever is longer, in close consultation with the relevant flag administrations. In addition, KR has been using a range of remote survey techniques which have been undertaken with the authorization of the respective flag administrations.

Since the global pandemic was declared on 11 March 2020, KR has conducted a range of surveys remotely including; continuous machinery survey (CMS), 3-month extension of shaft survey, 3-month extension of boiler survey, minor damage survey, Outstanding Condition of Class (COC) or confirmation of repairs done for deficiencies or corrective actions. Overall, the number of remote surveys conducted by KR since the beginning of the pandemic has increased tenfold. KR is now working to include the inventory of hazardous materials (IHM) surveys for ships in service as well as all occasional surveys in its remote survey range.

KR has – where needed – granted force majeure extensions for vessels scheduled to dry-dock for repairs or renewal surveys in the areas acutely affected by COVID-19. In these instances, KR has liaised with the relevant flag administration to seek their agreement on the extension of the relevant statutory certificates.
The global pandemic is accelerating the pace of change in classification, with digitalization offering new opportunities and the means to adapt in this changing environment. As a result, KR is investing in technology to support the further digitalization of its classification services and has diversified its business portfolio to include third-party certification in the ASME and MED sectors and has increased its naval services to cover a wide range of technical applications ranging from patrol vessels to submarines.

Since 2014, KR has been developing its range of VR (virtual reality) based application systems. These now include a ship inspection training simulator and a ship crew safety training simulator both of which use digital 3D replicas of the relevant ships, and KR has further applications in development.

KR has been prioritizing the development and application of innovative information and ICT systems for the maritime industry for some time, such as the use of drones to conduct ship surveys, ship cyber security certification, KR’s 3D based drawing approval, e-certificates and condition-based maintenance (CBM).

Traditionally, design approval of a ship by a classification society has been a paper-based process, involving the exchange of numerous large-format drawings between the shipyard and the classification society. However, KR has developed and launched a 3D model-based (paperless) design approval system which provides a more accurate and intuitive review of ship structure.

E-certificates are already widely used as they offer a more secure way of reducing the risk of falsification. KR is authorized by many flag state administrations to issue e-certificates on their behalf, but KR expects this to increase even more moving forward.

As the shipping industry becomes more and more digitalized, so the number of cyberattacks on shipping companies and ships have increased too. An effective response and comprehensive cyber security protection measures are now essential for any maritime organization.

The classification society has provided cyber security certification services for companies and ships since 2018, and cyber security type approval services for ship networks and automated systems in compliance with IEC 62443 4-2 and IEC 61162-460 standards since 2019.

In 2021, the International Maritime Organization’s (IMO) Resolution MSC.428 (98) enters into force, which will further increase demand for company and ship cyber risk management services. As a result,

KR has established a cyber security certification process which is in line with the international security standards – ISO 27001, IEC 62443, the NIST Framework, the IMO and BIMCO cyber security guidelines.

KR’s expert cyber security team is now expanding its technology services to cover the cyber certification of newbuilds and the assessment of software conformity for ships, so its customers can respond quickly and effectively to any cyber security challenge as it arises.

Looking ahead, KR expects that, as a result of the global pandemic, there will be a significant drop in global trade which will affect cargo carried. This will lead to over-capacity in the market which will lead to an increasing number of lay-ups and scrapings – all of which will affect the work handled by KR.

But with the global population continuing to grow, it’s expected that long term growth will return. During this time, KR will continue to increase the level of digitalisation across its organisation and services and will apply new technologies to support customers businesses no matter what the challenges.

Source: By Mr Hyung-chul Lee, Chairman and CEO of Korean Register, arranged on behalf of Hellenic Shipping News Worldwide (www.hellenicshippingnews.com)

The Navy is exploring how to better protect its unmanned vessels with anti-tamper measures to prevent hacking from adversaries.

“We are looking at specifics of anti-tamper [technology] as we do for any platform, but obviously for unmanned, it’s a little bit of a different problem” because sailors won’t be on board to deal with issues that arise, said Rear Adm. Casey J. Moton, program executive officer for unmanned and small combatants.

The sea service is investing big in robotic platforms. Over the future years defense program, the Navy has allocated about $12 billion for unmanned aircraft, surface vessels and underwater systems in fiscal years 2021 through 2025, according to Bloomberg Government.

The ships could be deployed in high-risk environments without putting sailors in harm’s way.

“Although they will be under the protection of their carrier strike group, the vessels are probably at times going to have higher attrition,” Moton said during a webinar hosted by the Center for Strategic and International Studies. “That’s part of our calculus and part of the way that we’re going forward from that standpoint.”

The service is testing anti-tamper capabilities in its unnamed prototypes to address cybersecurity issues, he said.

The Navy envisions its future large unmanned surface vehicle, or LUSV, as part of the Aegis integrated control system network, which means the vehicle will still be overseen by a human who will make decisions remotely such as telling the vessel when to fire munitions, he said.

The service has taken the need to prevent tampering into account during its wargaming and other studies, Moton said. “From our standpoint, we are doing some robust things for the fact that these vessels will operate [network] capable. Certainly the cyber efforts are robust.”

Source: nationaldefensemagazine

New digitization solutions, such as big data, blockchain, automation, drones, and robotics, are enabling the maritime freight industry to introduce game-changing approaches that will significantly reduce or eliminate non-value-added activities.

Over the next five years, maritime suppliers across the value chain will increasingly adopt solutions to address security, overcapacity and accurate cost models, according to new research from ABI Research.

“Along with consolidation and pressures on profits, long-standing players must adapt and work with partners within and outside the industry, from startups to technology leaders in connectivity, AI, and more, including the competition, to align on much-needed standardization,” says Susan Beardslee, principal analyst at ABI Research. Recent examples include Wärtsilä’ s acquisition of Transas to support an intelligent maritime ecosystem and Artificial Intelligence (AI),  as well as Orange Business Service’s deal with Cargotec for smart cargo handling.

Global maritime freight transportation revenue is expected to grow from $166 billion last year to over $205 billion in 2023.

Enhanced revenues and profits will be driven by technologies best poised to disrupt the maritime shipping industry including big data and analytics, blockchain, electrification, assisted and automated operations, drones and robotics, Augmented Reality (AR), and Virtual Reality (VR).   Maritime cybersecurity, also necessary to address current and emerging threats, will have a global spend expected to rise to US$1.7 billion in 2023.

Beneficial Cargo Owners are gaining greater supply chain visibility and automation from start-ups including predictive logistics provider ClearMetal, Xenata’s crowdsourced, on-demand, real-time benchmark and market intelligence, Flexport’s digital procurement platform and Freightos’ marketplace for rate management.  Sigfox debuted a new service offering real-time geolocation tracking for containers. Industrial IOT provider ORBCOMM offers reefer management solutions as well as two-way vessel monitoring via satellite and cellular.  IBM partnered with Maersk Line on blockchain as well as with Cisco on smart connected ports.  Microsoft is partnering with OOCL on AI for maritime. Electrification is growing including efforts by Guangzhou Shipyard International Company, Port Liner, and Torqueedo.

Source: mhlnews

In response to parliamentary questions regarding the Singapore Navy’s capabilities to survey maritime traffic, in the wake of two recent incidents of ship collision (here and here) in Singapore’s territorial waters, the Minister for Defence, Dr. Ng Eng Hen provided an overview of Singapore’s approach to dealing with threats at and from the sea through an oral reply.

Dr. Ng said that Singapore adopts a Whole-of-Government (WoG) approach to ensure a comprehensive coverage of varied scenarios as well as co-ordinated responses. An overview of approach was also provided in a factsheet from the Ministry of Defence (MINDEF) released in June 2017.

Singapore Maritime Crisis Centre

The Singapore Maritime Crisis Centre (SMCC) was set up in 2011 to bring together the Republic of Singapore Navy (RSN), the Police Coast Guard (PCG), the Singapore Civil Defence Force (SCDF), the Immigration and Checkpoints Authority (ICA), the Maritime and Port Authority (MPA), and the Singapore Customs.

The SMCC maintains a comprehensive maritime situation picture, shares information between agencies and coordinates responses to deal with potential threats.

It achieved full operational capability in 2013, and serves to tighten linkages between the national maritime security agencies in the areas of (i) sense-making and threat assessment, (ii) doctrine and operations planning, (iii) conduct and monitoring of current and future operations, (iv) capability development, and (v) conduct of training and exercises. This strengthens interoperability between agencies during a maritime security contingency, allowing for a more coordinated operational response and minimising the duplication of efforts.

The SMCC comprises the National Maritime Sense-making Group (NMSG) and National Maritime Operations Group (NMOG).

The NMSG uses Artificial Intelligence (AI) and data analytics collected from multiple sources to generate unique signatures and build profiles for the close to a thousand commercial shipping vessels that pass through Singapore’s waters daily. It is able to detect deviations from these signatures, picking out anomalies and suspicious behaviour for further investigation.

The NMSG also continuously monitors indications of threat scenarios. The results of its analyses and pick-ups are shared with the relevant national agencies so that decisive actions can be taken to neutralise the identified threats. Such methods detected a possible ISIS supporter on board a tanker in 2015, and that person was barred from disembarking in Singapore.

The NMOG drives training, builds common protocols and conducts exercises to tighten operational responses between the various agencies. It has also been leading efforts to review the national maritime security response framework to close any operational gaps and build a more coordinated operational response. For example, the NMOG coordinated a layered defence plan involving all national maritime agencies to safeguard the National Day Parade, which was held at the Sports Hub in 2016.

Maritime Security Task Force

Also as part of WOG efforts, the RSN’s Maritime Security Task Force (MSTF) feeds its information to the SMCC. This information is obtained from monitoring close to a thousand ships passing through the Singapore Strait each day, through a network of sensors such as coastal surveillance radars, electro-optic devices and RSN ships on patrol. This surveillance is continuous through day and at night. MSTF comprises two groups: (i) the Comprehensive Maritime Awareness Group (CMAG); and (ii) the Operations Group.

CMAG works closely with the NMSG, national agencies, international partners and the shipping community (such as ship owners, ships charterers, agents and port operators) to share maritime information. The Operations Group comprises operations planners who undertake planning and execution of all maritime security operations. It conducts daily patrols, boarding and escort operations in the Singapore Strait and Sea Lines of Communication, to ensure maritime security and the protection of key installations and potential targets.

On a daily basis, MSTF conducts threat evaluation for every vessel calling into Singapore’s ports or transiting through the Singapore Straits. MSTF does this by deploying analytic tools to build profiles of each vessel based on attributes such as their voyage, owners, crew and cargo, as well as additional data shared by government agencies. MSTF would then decide the appropriate operational responses, which include for example, closer monitoring, escorting or even boarding the ship to mitigate the threat.

In the event of maritime incidents, the MSTF, coordinated by the SMCC, works hand-in-hand with representatives from the other national maritime agencies, to forestall and interdict any potential maritime threats. Linkages are exercised regularly in scenarios ranging from the interdiction of hijacked vessels to responses to maritime emergencies.

The MSTF’s key focus is on potential threats to Singapore, while the MPA watches over the navigation of ships in our waters. For both their purposes, the International Convention for the Safety of Life at Sea (SOLAS) mandates the use of the Automatic Identification System (AIS) to identify ships at sea.

This AIS however, does not apply to warships. For ships that are not required or have not complied with vessel identification, their presence can still be detected via our network of coastal surveillance radars and electro-optic devices.

With regard to the two recent incidents which resulted in collisions, Dr. Ng said that the sensors had detected, and identified, the vessels involved in the both collisions. In both these incidents, none of the ships were designated as potential threats to security, which was correct.

In compliance with standard protocols, they did not require close monitoring by the MSTF and by the rules of navigation under the International Regulations for Preventing Collisions at Sea (COLREGS), the master and crew of the vessels involved were responsible to guide their ships safely through. The various parties involved with the collision will now have to investigate what went wrong and what remedial actions to take if necessary. The Transport Safety Investigation Bureau (TSIB) is also conducting an investigation and have announced that they will make the findings public.

Source: opengovasia

A feature from Volume 1, Issue 1 of Pacific Ports Magazine
By Christy Coffey, Vice President of Operations, Maritime Transportation System ISAC

First, we would like to thank the Association of Pacific Ports for requesting a blog. We are looking forward to speaking at their 107^th annual event in 2021.

The concept of collaborating as a maritime community to identify, detect and protect against threats to the maritime transportation system (MTS) has a long tradition in the Pacific. This has been true whether facing a wide variety of threats and hazards and continues today. Look at the COVID-19 virus and how communities are using crowdsourcing, with public and private sector organizations working together locally and globally, to identify and move much-needed supplies and perform research.

Another example we regularly see relates to weather-related emergency response scenarios. These events are an excellent example of how public and private sector organizations work together to address and recover from the threat. While storms are not entirely predictable, we are aware that they occur, we understand the range of their potential impacts, and understand that there are actions that both sets of stakeholders are responsible for taking. So, the MTS develops and exercises plans to ensure preparedness.

Cyber risk management and the MTS 

When cybersecurity professionals in the Pacific apply the maritime community traditions with their own best practices from the NIST Cybersecurity Framework (www.nist.gov/cyberframework/online-learning/five-functions) — Identify, Protect, Detect, Respond, and Recover — the community can become more resilient to cyber risks in the face of motivated cyber adversaries. While information security professionals, or their organizational team, often focus on internal, individual activities to manage cyber risk, the sharing of threat information can serve as a force multiplier. Sharing information allows multiple organizations to more quickly identify vulnerabilities, threat activity and effective countermeasures. Rather than each individual stakeholder trying to counter cyber-attacks on their own, we can more efficiently tackle challenges at the community level for multiple reasons.

First, given the resources that cyber threat actors are pouring into their capabilities, the resources required to defend against threats is currently insufficient, especially when efficient use of those resources is not maximized. We believe the maritime community well understands the resource challenges that are present.

Second, the MTS continues to rapidly apply new technologies to port environments to increase operational efficiencies. Information technology (IT), operational technology (OT), and Internet of Things (IoT) technologies are being quickly integrated in port operations. These technologies are being integrated less often by single organizations, but frequently across the MTS ecosystem by multiple stakeholders including suppliers, vendors, and operators of other modes of transportation. As a result, IT, OT, and IoT cybersecurity challenges have become community challenges. However, we often try to address them as individual organizational challenges.

Third, we know that there is a shortage of cybersecurity expertise around the globe, and even fewer professionals that are focused on the specific challenges of maritime environments. This shortage places additional pressure on organizations. While the initial reaction to this pressure might be to focus those resources internally, we understand the efficiencies generated by pooling resources into a larger community effort. A team of resources can accomplish more than the sum of its parts.

U.S. Government is adjusting its focus

Well, we’re starting to see government actions to focus resources on these maritime community cybersecurity challenges. In February, the Department of Homeland Security’s (DHS) Federal Emergency Management Agency (FEMA) released the Port Security Grant Program (PSGP) Notice of Funding Opportunity which prioritized cybersecurity as the one area that “attracts the most concern” and subsequently included it as a funding priority for this year’s grants. This is certainly a welcome reprioritization.

A month later, the U.S. Coast Guard published the Navigation and Vessel Inspection Circular (NVIC) No. 01-20: Guidelines for Addressing Cyber Risks at MTSA Regulated Facilities which requires regulated facilities to address cyber risk in their Facility Security Assessments (FSAs) and Facility Secur-ity Plans (FSPs). Industry had been eagerly awaiting this NVIC. While it provides some clarification regarding MTSA requirements, the Coast Guard also released a “Cyber Job Aid” to “provide the service’s marine safety personnel with additional guidance as they address facilities’ documented cyber vulnerabilities.”

Unfortunately (and please keep in mind challenges #2 and #3 above), this guidance is being read by some who may not understand the details of cybersecurity as to what is required to manage cyber risk. The NVIC and the “Cyber Job Aid” fail to mention some of the basics of cybersecurity (e.g., access control lists, alerts, securing APIs, asset inventory, availability — those are just some of the As, let alone B-to-Z).

Helping connect the community

How can we help break this cycle by managing risk through “checklist cyber controls” to address compliance requirements?  First, we have to acknowledge the challenges above as well as the limitations of traditional approaches. The MTS-ISAC community, which engages both public and private sector stakeholders, is leveraging historical, regional relationships in a new way to address local cybersecurity challenges while maintaining global connectedness and situational awareness.

The MTS-ISAC has issued several TLP:GREEN Advisories that highlighted how threat actors have targeted MTS critical infrastructure, and how security controls can prevent unauthorized access to port systems. These advisories are shared quickly throughout the MTS-ISAC community and then more broadly with the maritime community with actionable intelligence and cybersecurity control recommendations to help other MTS stakeholders prevent similar cyber risk from impacting them. Stakeholders have not seen this type of timely advisory used in the maritime sector other than by the MTS-ISAC.

While working at the international as well as the local level to share malicious and suspicious cybersecurity activity is effective, local communities also provide a connectedness for working together on educational initiatives, adoption of best practices, and incident preparedness through exercises and response plans. We will be more successful in mitigating cyber risks through an MTS and critical infrastructure all-hands approach — private and public sector working together, private sector working together at a local level with global connectedness, and cross-sector collaboration. In addition to issuing regular TLP-GREEN advisories to trusted maritime stakeholders, the MTS-ISAC is holding regular webinars to raise awareness on a variety of maritime cybersecurity topics, including a recent informational webinar on protecting GPS, and supporting local maritime cybersecurity exercises.

For more information on the MTS-ISAC, visit https://www.mtsisac.org/. We hope you will join our community and learn more about efforts underway to manage cyber risk at the Maritime Cybersecurity Summit in Orlando, FL November 4-5, 2020 (https://www.maritimecybersecuritysummit.com/).  

Although shipowners have until 1 January 2020 to retrofit cyber risk management into their ship safety management systems to meet IMO’s updated requirements within the International Ship Management (ISM) Code,

But owners should work with shipyards to adopt cyber-secure operational technology (OT) during ship construction, panellists said during Riviera’s ‘Cyber security: readying for the ISM Code’s 1 January 2021 requirements’ webinar.

This was held on 5 August in association with premier partner ClassNK and sponsor F-Secure as part of Riviera’s Maritime Cyber Security Webinar Week.

Panellists included ClassNK cyber security team deputy manager Makiko Tani, TÜV Rheinland director for consulting services in Asia Pacific for cyber security and functional safety Rajeev Sukumaran, Moran Cyber managing director Captain Alex Soukhanov and Beazley senior risk manager Kelly Malynn.

During the webinar, they discussed how shipping companies can incorporate cyber security into their safety management systems no later than the first annual verification of the company’s document of compliance following 1 January 2021.

The panellists clarified IMO’s requirements, confirmed what owners and operators need to do now, and underlined the help and advice available.

Ms Tani said cyber security “should not just be about compliance” but could open “new opportunities for business and new innovations”. She said owners with existing fleets need to understand the OT on ships and required cyber risk controls. “Aim high, but start small,” Ms Tani said. “Start from knowing the vessels and being aware of the onboard OT and IT, and where these meet.”

This is easier if owners engage with shipyards and classification societies during the newbuilding phase.

“Ships can be designed to be cyber-secure,” said Ms Tani. “Ships can be constructed with cyber security capacity” and with class society cyber secure notations.

Mr Sukumaran agreed cyber security should start with ship design. “Builders, designers, owners, etc all need to be taking in cyber security,” he said.

Cyber security was not just about onboard IT and OT, said Mr Sukumaran, as ships were part of a much wider ecosystem involving ports and supply chains. “It is not just about technology, owners need supporting processes and procedures,” he said.

Capt Soukhanov brought a seafarer’s perspective to cyber risk management in his presentation. He agreed cyber security should be incorporated in the build stage. “We are currently retrofitting cyber security” into existing ships, he said.

Which is why all of the supply chain needs to be included in the process. “Our number one priority is the business strategy, as digitalisation needs to be protected,” Capt Soukhanov said, adding that ship operators and vendors “should collaborate and work together to protect onboard systems”.

Ms Malynn said vessel owners should use these requirements to incorporate cyber risk management under the ISM Code “as an opportunity to get to know vessels”. It is also an opportunity to review insurance cover for cyber risk.

She recommended owners conduct risk assessments and gain a better understanding of the cyber threats and vulnerabilities on ships. “Risk assessment quality is important. Owners need to invest in this,” Ms Malynn said.

You can view the webinar, in full, along with the rest of our Cyber Security Week webinars in our webinar library.

And you can sign up to attend our upcoming webinars on our events page.

Source: rivieramm

Cyberattacks on the maritime industry’s operational technology systems have increased by 900% over the last three years with the number of reported incidents set to reach record volumes by year-end, according to Israeli cybersecurity specialist Naval Dome.

Addressing port and terminal operators during an online forum last week, Robert Rizika, Naval Dome’s Boston-based Head of North American Operations, explained that in 2017 there were 50 significant OT hacks reported, increasing to 120 in 2018 and more than 310 last year. He said this year is looking like it will end with more than 500 major cyber security breaches, with substantially more going unreported.

Rizika said that since NotPetya – the virus that resulted in a $300 million loss for Maersk – “attacks are increasing at an alarming rate”.

Recalling recent attacks, he told delegates that in 2018 the first ports were affected, with Barcelona, then San Diego falling under attack. Australian shipbuilder Austal was hit and the attack on COSCO took down half of the shipowner’s US network.

He said this year a US-based gas pipeline operator and shipping company MSC have been hit by malware, of which the latter incident shut down the shipowner’s Geneva HQ for five days. A US-based cargo facility’s operating systems were infected with the Ryuk ransomware, and last month the OT systems at Iran’s Shahid Rajee port were hacked, restricting all infrastructure movements, creating a massive backlog.

Intelligence from Iran, along with digital satellite imagery, showed the Iranian port in a state of flux for several days. Dozens of cargo ships and oil tankers waiting to offload, while long queues of trucks formed at the entrance to the port stretching for miles, according to Naval Dome.

Emphasising the economic impact and ripple effect of a cyber-attack on port infrastructures, Rizika revealed that a report published by Lloyd’s of London indicated that if 15 Asian ports were hacked financial losses would be more than $110 billion, a significant amount of which would not be recovered through insurance policies, as OT system hacks are not covered.

The network connecting RTGs, STS cranes, traffic control and vessel berthing systems, cargo handling and safety and security systems, etc., – are all under threat, Rizika said.

“Unlike the IT infrastructure, there is no “dashboard” for the OT network allowing operators to see the health of all connected systems. Operators rarely know if an attack has taken place, invariably writing up any anomaly as a system error, system failure, or requiring restart.

“They don’t know how to describe something unfamiliar to them. Systems are being attacked but they are not logged as such and, subsequently, the IT network gets infected,” Rizika explained.

“What is interesting is that many operators believe they have this protected with traditional cybersecurity, but the firewalls and software protecting the IT side, do not protect individual systems on the OT network,” he said.

An example would be the installation of an antivirus system on a vessel bridge navigation system (ECDIS) or, alternatively, a positioning system in a floating rig DP (Dynamic Positioning), or on one of the dock cranes on the pier side of the port.

“The antivirus system would very quickly turn out to be non-essential, impairing and inhibiting system performance. Antivirus systems are simply irrelevant in places where the attacker is anonymous and discreet,” he said.

“Operational networks, in contrast to information networks, are measured by their performance level. Their operation cannot be disconnected and stopped. An emergency state in these systems can usually only be identified following a strike and they will be irreparable and irreversible.”

Where OT networks are thought to be protected, Rizika said they are often inadequate and based on industrial computerised system, operating in a permanent state of disconnection from the network or, alternatively, connected to port systems and the equipment manufacturer’s offices overseas via RF radio communication (wi-fi) or a cellular network (via SIM).

“Hackers can access the cranes, they can access the storage systems, they can penetrate the core operational systems either through cellular connections, wi-fi, and USB sticks. They can penetrate these systems directly.”

Rizika said that as the maritime industry moves towards greater digitalisation and increases the use of networked, autonomous systems, moving more equipment and technologies online, more vulnerabilities, more loopholes, will be created.

“There will be a whole series of new cyber security openings through which people can attack if systems are not properly protected.

“If just one piece of this meticulously-managed operation goes down it will create unprecedented backlog and impact global trade, disrupting operations and infrastructure for weeks if not months, costing tens of millions of dollars in lost revenues.”

Naval Dome also predicts that cyber criminals, terrorists and rogue states will at some point begin holding the environment to ransom.

“One area we see becoming a major issue is cyber-induced environmental pollution. Think about it: you have all these ships in ports, hackers can easily over-ride systems and valves to initiate leaks and dump hazardous materials, ballast water, fuel oil, etc.,” Rizika warned.

He said a deep understanding of the differences between the two spaces is vital.

“There is a disconnect between IT and OT security. There is no real segregation between the networks. People can come in on the OT side and penetrate the IT side. We are actually seeing this now. Successful IT network hacks have their origins in initial penetration of the OT system.”

Rizika warned that if many operators are not even aware that they are being attacked, stressing that they need to start to work on prevention before it is too late, especially since the risk of attacks and their frequency rise.

Source: offshore-energy

What is Maritime Security?

Maritime cybersecurity is essentially the collection of policies, tools, habits, security safeguards, and guidelines that maritime groups implement in order to protect their organizations, vessels, and associated networks.

According to the International Maritime Organization (IMO), “​Maritime cyber risk refers to a measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised.”

Over the years, maritime technology has improved rather significantly. Yet over that same time, many organizations have continued to leverage legacy technologies that were never built to be connected to the internet. This has exposed vessels and maritime networks to increased risk.

“There was a time when connectivity on a vessel was minimal, and ship control engineers addressed security issues with air gapping to physically isolate a secure network from unsecured networks. By definition, an air-gapped system is neither connected to the Internet nor any other system,” Mission Secure explains. “But now, using something as simple as a USB flash drive or unsecured Wi-Fi connection, a malicious hacker or even an inexperienced insider could infiltrate and infect critical systems. This development is especially concerning given the connectivity of modern maritime vessels.

4 Tips for Better Maritime Security

In 2020, the need for better maritime security is clear and convincing. Here are some tips organizations within the industry can use to stay safe:

1. Emphasize Physical Security

Believe it or not, physical security comes first. Many cyberattacks are made possible by giving physical access to people who have no business interacting with certain parts of the network or system.

Good physical security calls for vigilance, continuous monitoring, and regular drills. These drills will help you identify weaknesses that may not be obvious otherwise. Try surveying your team, analyzing crew performance, and studying all duties of the ship security officer so that you can identify and phase out any loopholes that represent a vulnerability.

2. Manage User Privileges

All users should be given the least amount of access they need to perform the duties that align with their job role. Be reasonable, but certainly don’t be liberal in how you hand out user privileges.

When granting high level system privileges, users should be carefully monitored and managed. In other words, access doesn’t mean the individual has free reign. Multi-layered safeguards are a must.

3. Invest in Malware Prevention

Malware can be referred to as any type of malicious content that’s intended to access, influence, and/or damage key systems of a computer or network. When deployed successfully, a piece of malware acts as a virus – seriously impacting all of the ship’s systems and services.

Maritime organizations must be serious about investing in and implementing the right anti-malware policies and solutions. And once implemented, they need to be rigorously monitored and updated to stay fully operational.

4. Develop a Robust Strategy

Mission Secure believes in a six-part cybersecurity risk management approach. While it’s a complex process with too many proprietary steps to outline here, it’s basically broken down like this:

• Identify threats. Make a thorough list of all internal and external cybersecurity threats to the ship.
• Identify vulnerabilities. Develop a comprehensive inventory of all onboard systems that have direct and indirect communication.
• Assess risk exposure. Analyze the risk exposure of internal threats, external threats, and all vulnerabilities. Determine the likelihood of being exposed in any of these ways.
• Develop protection and detection measures. The plan should include tactics for reducing the likelihood of being compromised, as well as the impact of certain vulnerabilities being exploited.
• Establish contingency plans. This plan should have a prioritized list of action steps to mitigate cyber risks as they’re detected.
• Respond and recover. Focus on recovering and strengthening cyber defenses so that similar future attacks don’t stand a chance of being successful.

A meticulous approach like this takes time to develop, but creates a strong defense that stands up in even the most hostile environments. A failure to invest in a 360-degree strategy like this could lead to serious compromises.

Safer Times Ahead

While the industry is moving fast to protect against cyber attacks, it’s going to take a while for all of the major maritime companies to coalesce around comprehensive cybersecurity strategies that stand up to the latest and most advanced threats. But once the wrinkles get ironed out, it’ll be smooth sailing into the future.

Source: smartdatacollective

The Maryland Department of Transportation Maryland Port Administration (MDOT MPA) was awarded $1,158,589 in the most recent round of the Federal Emergency Management Agency’s (FEMA) Port Security Grant Program. The funding is designated to strengthen cyber security initiatives and closedcircuit television (CCTV) capabilities at the state-owned, public marine terminals of the Helen Delich Bentley Port of Baltimore.

Governor Larry Hogan said:

“Throughout the COVID-19 pandemic, the dedicated employees at the Port of Baltimore have continued to welcome the ships that maintain our supply chain and keep shelves stocked across our state. Our world-class Port is already among the most secure in the United States, and this funding supports our commitment to protect Port employees and the cargo that travels in and out of Maryland.”

For 11 consecutive years, the Port of Baltimore’s public marine terminals have received a top rating on an annual security assessment conducted by the U.S. Coast Guard. The Port of Baltimore was also recognized earlier this year by Security magazine in its listing of top U.S. sea and airports for ongoing security programs and initiatives.

MDOT Transportation Secretary Greg Slater said:

“Security is an essential part of day-to-day operations at the Port of Baltimore, and is critical for our workers and customers. Maryland’s recovery will depend on a vibrant port, and our focus on security gives clients confidence that Maryland is not only open for business, but is a secure place to conduct business.”

MDOT MPA Executive Director Bill Doyle said:

“The Port of Baltimore already has a stellar reputation in the maritime industry for its security program, and this grant will help us make it even better. This grant reflects FEMA’s confidence in our security initiatives, and we appreciate that support.”

Source: seawanderer