MARITIME CYBER SECURITY Archives - Page 7 of 40 - SHIP IP LTD

Bureau Veritas (BV), Laskaridis Shipping and METIS Cyberspace Technology have agreed to embark on a pilot project to develop and apply a new BV SMART 3 class notation covering the use of augmented data in ship operations.

BV has developed a framework of SMART notations for ships, which provide consistent and uniform standards for the ‘smart’ techniques used to monitor and improve fleet performance. In a new ‘Smartship’ pilot project, BV is working with Laskaridis Shipping and METIS to develop a range of additional class notations adapted to the latest advances in digitalisation technology, with a focus on augmented ship. The SMART 3 notation will also cover ship to shore connectivity, remote decision support and remote operations.

“Collaboration in this part of the SMART certification program confirms BV’s recognition of METIS intelligent analytics as fully ready to secure the rewards of shipping’s digital future. We would also like to acknowledge the vital role forward-thinking shipping companies like Laskaridis Shipping play in delivering the true benefits of maritime digitalisation,” said Mike Konstantinidis, chief executive officer, METIS.

Paillette Palaiologou, vice president for Southeast Europe, Black Sea & Adriatic Zone at Bureau Veritas Marine & Offshore, commented: “Digitalisation is transforming the maritime industry, bringing new challenges and opportunities. The new range of notations will help advance the journey towards more digitalised and autonomous ships. We are delighted to partner with Laskaridis Shipping and METIS Cyberspace Technology on this new project. Collaboration is essential to help progress new technologies and to support the industry’s transition.”

“We are very proud to be a partner in the highly innovative SMART certification project,” said George Christopoulos, chief operating officer, Laskaridis Shipping. “We have committed to being at the forefront of maritime digitalisation based on the gains these technologies deliver in operational excellence and enhanced ship sustainability.”

Drawing on Bureau Veritas expertise in the certification, implementation and survey of data infrastructure, the new SMART 3 class notation is expected to provide added value for owners, shipyards and manufacturers of digital solutions for the maritime industry.


Jun 12, 2022, (Bloomberg) –Chinese military officials in recent months have repeatedly asserted that the Taiwan Strait isn’t international waters during meetings with US counterparts, according to a person familiar with the situation, generating concern within the Biden administration.

The statement disputing the US view of international law has been delivered to the American government by Chinese officials on multiple occasions and at multiple levels, the person said. The US and key allies say much of the strait constitutes international waters, and they routinely send naval vessels through the waterway as part of freedom of navigation exercises.

China has long asserted that the Taiwan Strait is part of its exclusive economic zone, and takes the view there are limits to the activities of foreign military vessels in those waters. While China regularly protests US military moves in the Taiwan Strait, the legal status of the waters previously wasn’t a regular talking point in meetings with American officials.

It’s not clear whether the recent assertions indicate that China will take more steps to confront naval vessels that enter transit the Taiwan Strait. The US also conducts freedom of navigation operations in the South China Sea to challenge Chinese territorial claims around disputed land features.

“The United States will continue to fly, sail and operate wherever international law allows, and that includes transiting through the Taiwan Strait,” Lieutenant Colonel Martin Meiners, a Pentagon spokesperson, said by email. China’s Foreign Ministry didn’t immediately respond to a request for comment outside normal business hours.

During a speech on Saturday at the IISS Shangri-la Dialogue in Singapore, Secretary of Defense Lloyd Austin warned that China was unilaterally attempting to change the status quo when it comes to Taiwan. “Our policy hasn’t changed,” he said. “But unfortunately, that doesn’t seem to be true for the PRC.”

“We’re seeing growing coercion from Beijing,” Austin told delegates at the security forum. “We’ve witnessed a steady increase in provocative and destabilizing military activity near Taiwan. That includes PLA aircraft flying near Taiwan in record numbers in recent months — and on a nearly daily basis.”


GAZA, June 4 (Reuters) – Israel arrested four Palestinian fishermen off the Mediterranean coast of Gaza on Saturday, Palestinian and Israeli sources said.

The Israeli military said it apprehended four suspects after two Palestinian vessels strayed from the designated fishing zone in the northern Gaza Strip, “violating security restrictions.” The navy fired at the boats when they failed to respond to instructions to halt, it added.

The secretary of the Gaza fishermen’s syndicate, Nizar Ayyash, told Reuters there were at least three Israeli attacks on Gaza fishermen on Saturday — all within the permitted fishing area.

In one of the incidents, he said, Israeli forces fired rubber bullets at a boat, wounding two of the four people aboard who were later hospitalized. In another, they seized a small boat after detaining the two fishermen on board, he added.

“We have recorded several violations against fishermen within the permitted fishing zone in the past weeks,” said Ayyash.

Israel maintains a land, air and sea blockade of Gaza, which is governed by the Islamist militant group Hamas, citing security concerns. Boats are not allowed to stray beyond a fixed limit to the north towards Israel and Egypt keeps similar limitations to the south-west.

Reporting by Nidal al-Mughrabi in Gaza; Additional reporting by Henriette Chacar in Haifa; Editing by Kirsten Donovan

(c) Copyright Thomson Reuters 2022.


Iran’s Islamic Revolutionary Guard Corps revealed on Friday that it had seized two oil tankers belonging to Greece, which has accused Tehran of piracy for its taking of Delta Poseidon and Prudent Warrior.

In already-jittery energy markets, the attacks have had a destabilizing effect, at least temporarily, leading to a significant spike in oil prices around the world.

The twin attacks, together with other recent threats to freedom of navigation, have highlighted the need to counter Iran’s disruptive conduct and safeguard trade routes and waterways.

The Gulf Cooperation Council and the US are working together to enhance regional maritime security against such threats. In March, the joint GCC-US maritime security working group met in Riyadh to coordinate the two sides’ response to all types of maritime threats. They are also planning additional policy coordination meetings in the near future, while practical cooperation is ongoing under bilateral and other multilateral frameworks, such as the Combined Maritime Forces, which was set up in 2002.

The CMF is a multinational maritime partnership whose express purpose is to “uphold the international rules-based order by countering illicit nonstate actors on the high seas and promoting security, stability, and prosperity across approximately 3.2 million square miles of international waters, which encompass some of the world’s most important shipping lanes.”

Its main focus is promoting security, stability, and a safe maritime environment. Its mandate also includes combating narcotics, smuggling, and piracy, as well as engaging and cooperating with regional and other partners to strengthen and improve its capabilities to achieve those goals. When requested, the CMF will also respond to environmental and humanitarian incidents.

The CMF has 34 member nations: Australia, Bahrain, Belgium, Brazil, Canada, Denmark, Egypt, France, Germany, Greece, Iraq, Italy, Japan, Jordan, the Republic of Korea, Kuwait, Malaysia, the Netherlands, New Zealand, Norway, Pakistan, the Philippines, Portugal, Qatar, Saudi Arabia, Seychelles, Singapore, Spain, Thailand, Turkey, the UAE, the UK, the US, and Yemen. It is commanded by US Navy Vice Adm. Brad Cooper, who also serves as commander of US Naval Forces Central Command and the US Navy’s Fifth Fleet.

All three commands are co-located at US Naval Support Activity Bahrain. The deputy commander is the British Royal Navy’s Commodore Adrian Fryer. Other senior staff roles at CMF headquarters are filled by personnel from member nations.

It has had three combined task forces under its command for some time: CTF 152 deals with maritime security inside the Arabian Gulf; CTF150 deals with maritime security outside the Arabian Gulf; and CTF 151 deals with countering piracy. CMF last month announced the establishment of a new multinational task force, known as CTF-153, to patrol the Red Sea and the Gulf of Aden.

At any given time, CTF-153 will have two to eight vessels patrolling the waterway between Egypt and Saudi Arabia, through the Bab Al-Mandab Strait to the waters off the Yemen-Oman border, according to Cooper.

He said that the creation of the new task force “reflects a regional consensus on the importance of maritime security.” CTF-153 will first be led by the Fifth Fleet’s Capt. Robert Francis before command rotates to other CMF member countries.

The augmentation of CMF task forces is motivated by a recognition that Iran has been escalating its destabilizing activities over recent months, including missile and drone attacks on land and in the sea, as well as the harassment of oil tankers.

Last July, just a few days before Ebrahim Raisi was sworn in as Iran’s president, there was a brazen drone attack on the Mercer Street tanker off the coast of Oman; it was an early indicator of the new leadership’s direction.

At the time, the foreign ministers of the G7 nations (Canada, France, Germany, Italy, Japan, the UK, and the US), plus the EU, described that attack as “deliberate and targeted” and without justification.

Then-Chief of the British Defense Staff Gen. Nick Carter said that Western powers needed to retaliate for such tanker attacks, “otherwise, Tehran will feel emboldened.” Carter told the BBC that, if a regime of deterrence is not restored in the Gulf, there will be more attacks and a higher risk of “miscalculation” by Iran. “What we need to be doing, fundamentally, is calling out Iran for its very reckless behavior,” he said.

There has been no direct retaliation for the attack on Mercer Street, but significant efforts have been made to restore deterrence through upgrading the capabilities of existing security frameworks, including the CMF.

After the addition of the new CTF-153, the CMF’s framework and mandate is sufficient to deal with many threats to maritime security in the region, especially when working closely with national capabilities. However, with the escalation in the number and sophistication of recent attacks, more needs to be done to restore deterrence. The Red Sea in particular is vast and largely unpatrolled, creating an inviting space for mischief-makers.

A potential source of maritime threats in Yemen. Although there has been a fragile truce in place for the past two months, the Houthis have previously sent many explosives-laden remote-controlled boats into the Red Sea to attack Saudi and other targets. Iran has been the main party responsible for providing the Houthis with drones and missiles.
Last week’s attacks on the Greek oil tankers and the IRGC’s threat to seize more ships should be taken seriously to deter future attacks.

In addition to the close cooperation between CMF partners and the GCC-US coordination bodies, political and diplomatic work needs to be enhanced to put Iran on notice that it should not use the cover of nuclear negotiations to continue to undermine regional maritime security, either directly or through its proxies and allies.

Iran is all for “cooperation among regional states for peace and security,” according to Raisi, but the first step in such cooperation should be for it to stop its disruptive behavior, including its frequent attacks on shipping.

Source: Eurasia Review


At the Posidonia trade fair today, classification society DNV presented Pleiades Shipping with a certificate recognizing their new vessels as the first delivered to a Greek owner with the Cyber secure vessel notation. The presentation was a fitting milestone as DNV also celebrates 100 years of operation in Greece and topping 100 contracted vessels for the Cyber secure notation.

The digitalization of the maritime industry continues to accelerate as new integrated systems, increasing automation, and continuous connectivity are being used to enhance efficiency, boost safety, and improve sustainability. But as the number integrated and connected systems and vessels increase, so too does the threat of remote attacks that can impact critical on-board control systems. These new threats make cyber security a vital tool to reducing risk and led to the release of DNV’s cyber secure class rules and notations. And as recognition of the new risk picture has climbed, more owners and operators are choosing an additional voluntary cyber security verification.

“The mission of Pleiades Shipping is to provide our customers with safe, environmentally sound and efficient services,” says Miltos Synefias, Technical Director at Pleiades Shipping. “We in Pleiades have realised the values of digitalisation since a couple of years ago. Today digital transformation still goes on and opens for new ways to further improve both efficiency and safety. During this time, we have seen the necessity to also set up a robust environment to safeguard the reliability and quality of information, data transfer, and communications, and our IT and HSQE departments have developed our systems and skills accordingly. Today we see Cyber security as a key element to ensure that we can make use of this new technology in a safe and secure way and have taken with pleasure the decision to assign all our four new built vessels with additional voluntary cyber security verification to meet growing requirements of our charterers in this very demanding trading field.”

“For DNV to continue to support the Greek maritime community as we have for the last 100 years, we need to be aware of emerging risks and constantly work to provide solutions to address them,” said Ioannis Chiotopoulos, Regional Manager South-East Europe, Middle East & Africa. “This is why we are so pleased to be able to recognize the foresight of Pleiades Shipping, in opting for the Cyber secure class notation. The notation offers a way for owners and operators to demonstrate that they recognize and are taking steps to improve their cyber resilience, as these threats continue to grow in number and sophistication. Last year, some 20% of DNV classed newbuilds chose to work towards an extra cyber security verification, and with new requirements incoming we expect this will continue to grow.”

While cyber risk regulations like IMO 2021 require owners, operators, and managers, to consider overall cyber risks, to date there have been limited concrete requirements for establishing cyber security barriers in system and vessel design. This will now change as the International Association of Classification Societies (IACS) recently published its new Unified Requirements for cyber security, UR E26 and UR E27, which will become mandatory for classed ships and offshore installations contracted for construction on or after 1 January 2024.

These new requirements will simplify the challenge ship owners and operators face when ordering cyber secure vessels, as the new URs will oblige both yards and system suppliers to proactively address cyber risks in their designs. The new requirements are based on recognized international standards for control system cyber security, IEC 62443, and are fully aligned with DNV’s current class notations for cyber security.


Secretary (East), Saurabh Kumar participated in the meeting (ARF SOM) virtually. The meeting was attended by senior officials of the ARF member states and chaired by Cambodia as the Chairperson of ASEAN.

New Delhi: ASEAN Regional Forum (ARF) in a virtual meeting on Thursday discussed terrorism, maritime and cyber security.

Secretary (East), Saurabh Kumar participated in the meeting (ARF SOM) virtually. The meeting was attended by senior officials of the ARF member states and chaired by Cambodia as the Chairperson of ASEAN.

“The meeting reviewed activities and exchanges of the 27 member ARF over the past year and deliberated on its future plans and activities. Senior Officials exchanged views on regional and international developments, and on COVID-19 pandemic, terrorism, maritime and cyber security,” said a statement.

Secretary (East) appreciated the role of ASEAN-led architecture particularly the ARF in advancing peace, security, and cooperation in the region.

Recognizing the evolving traditional and non-traditional threats in the maritime domain, he emphasised the convergence between the ASEAN Outlook for the Indo-Pacific (AOIP), India’s Indo-Pacific Oceans’ Initiative (IPOI) and Indo-Pacific policies announced by several ARF countries. He also shared our perspectives on the threat posed by terrorism and the challenges of cyber security.

In the current inter-sessional year, Australia, India and Indonesia co-chaired an ARF workshop on “Law of the Sea and Fisheries” on 7-8 December 2021. India, the US, and Indonesia co-chaired the 13th ARF Inter-Sessional Meeting on Maritime Security on 12 May 2022. India seeks to continue to contribute to ARF activities and processes in the next inter-sessional year.

Resource: The Munsif Daily


Bureau Veritas (BV) has awarded type approval certification (TAC) to an IoT solution offered by METIS Cyberspace Technology SA: ‘METIS IoT SYSTEM’. This solution is a combination of two services, ‘METIS SHIP CONNECT’ & ‘METIS SPACE’. It offers data acquisition and analysis through a highly sophisticated AI-based system.

METIS Cyberspace Technology SA specializes in Data Acquisition, Real-time Performance Monitoring and Intelligent Analytics for the Maritime Industry, using Machine Learning and Artificial Intelligence. Its secure digital tools help shipping companies to enhance vessel performance and quantify gains in areas as diverse as route cost optimisation, energy efficiency, fuel efficiency, total emissions management and fulfilment of charter party agreements.

To obtain the type approval certification, METIS has demonstrated to BV cyber security experts that its system ensures the integrity, confidentiality and availability of data collected within a fully secure architecture. The approval follows a series of meetings between METIS and BV experts to verify compliance with all requirements set out in BV Rule Note NR 659. It is based on a review of the METIS system schematics, detailed documentation, security functions and services. BV experts also acknowledged the high level of cyber security practices implemented in the solution examined.

Paillette Palaiologou, Vice President for Southeast Europe, Black Sea & Adriatic Zone at Bureau Veritas Marine & Offshore, commented: “It is always a great pleasure when BV cyber security experts can collaborate effectively with their counterparts at equipment suppliers. The high level of technical expertise that METIS teams have been able to demonstrate shows that some equipment suppliers in the maritime industry have already understood and are even anticipating the formidable challenges brought about by the new IACS URE27 that will come into force on January 1, 2024. We can only be satisfied and proud of that.”

Serafeim Katsikas, CTO, METIS, said: “Today, data itself is a resource but its value depends on the techniques used for acquisition, monitoring and analytics to ensure its cleanliness, security and relevance. Securing BV Type Approval Certification for cyber resilience is a significant milestone for METIS and a key vindication of our approach, expertise and technological competence.”

Bureau Veritas Marine & Offshore is a trusted partner to build and achieve compliance with cyber security best practices for all key stakeholders of the maritime ecosystem, including shipowners, shipyards, equipment integrators and manufacturers, as well as third-party service providers. BV has developed a comprehensive framework based on its NR659 Rules on cyber security for the classification of marine units. This framework outlines comprehensive organizational and technical measures, enabling shipowners to protect their assets, and defining expectations for crews, shipyards and manufacturers.

Sea News,


There are often more than 150,000 ships at sea over a 24-hour period. To add some perspective, this is three times greater than the average number of airplanes that are tracked by the Federal Aviation Administration on any given day. When combined, all the ships at sea form one of the largest mobile communication networks imaginable. As is often the case with a security mindset, this level of complexity creates great challenges.

A ship is capable of ship-to-shore communication at close range through the use of traditional terrestrial radio, or shore stations, and when far out to sea, satellite communication is used. To add to the complexity, there are more than ten satellite companies that provide maritime communication services. The international scope of sea-based communications is governed by both multinational organizations, as well as advisory organizations, such as the International Telecommunications Union (ITU).

The New Cannonball Vulnerability

It is easy to think that these impenetrable hulls are immune to security problems. After all, they are somewhat akin to a remote island, far removed from our land-locked security concerns. However, there are threats to maritime vessels, both physical, and virtual. In the event that the physical criminals increase their technological competencies, the results to a fleet could be devastating.

Up until a few years ago, the idea of high-sea pirates was something most people thought existed in age-old tales of rum-soaked hooligans. However, when a recent American President ordered the execution of a pirate, we all recognized that this is a problem that exists even today. Maritime pirates remain a threat, and if the pirates join the cybercrime industry, they could use technology to disrupt both normal communications, as well as distress signals from a targeted ship.

Another threat to the maritime industry is drug trafficking. Disruptions in communication can enable the illegal drug trade, and can also interrupt the delicate balance of the supply chain. As was recently demonstrated, a kink in the supply chain can wreak global havoc.

Maritime-based attacks are not new. At least two of the world’s largest shipping organizations have suffered a ransomware attack. These attacks, as well as other cybercrimes, were initiated using phishing scams. While the attacks have been used for compromising on-shore operations, it is not unreasonable to assume that a ship’s on-board network could also be affected, leaving a ship in a dangerous state. However, there is currently no hard evidence that the electronic crippling of a ship has ever occurred. What has happened in some parts of the world is that Global Positioning Systems (GPS) have been tampered with, affecting navigation, as well as communications.

Better Monitoring of All the Ships

Fortunately, proposed improvements in maritime communications protocols, as well as similar technologies to better track ships, are being developed to offer more unified views of locations, and messages. Along with that, regulatory agencies are also working to improve communications by strictly defining maritime communication radio frequencies.

How Tripwire Can Help

The complexity of modern maritime operations makes it vulnerable not only to phishing-based account compromise, but more significantly, unnoticed configuration modifications. Tripwire is uniquely positioned to help secure maritime operations by providing the foundational controls needed to secure communications.

Tripwire helps ensure that all of the IT and OT systems are configured securely. This is done by tracking the configuration baseline of a system, measuring it against a hardening standard, and providing remediation advice to ensure that the system is configured securely. An example of a hardening standard is the Center for Internet Security benchmarks. This process is known as Security Configuration Management. It is commonly practiced on traditional IT networks and is also a good best practice for maritime devices.

Ransomware attacks make changes to critical system files in order to lock the administrators out of those systems. Tripwire monitors for changes in real time and can help differentiate between a good and bad change, or an authorized or unauthorized change. When an unauthorized or malicious change is detected, an alert and an incident workflow can be triggered so that the appropriate actions can be taken to reduce the exposure of the cyber incident.

Finally, attackers are always trying to leverage a vulnerability in the system to gain unauthorized access. Tripwire’s solutions can monitor both IT and OT devices for vulnerabilities, prioritize which vulnerabilities would have the greatest impact to the critical devices on the network, and provide remediation advice to ensure minimal risk exposure to the maritime devices. With these controls in place, Tripwire can help reduce the attack surface.https://www.tripwire.com/state-of-security/topics/ics-security/


New Delhi, Jun 2 (IANS): India once again asserted its leadership role in the recently concluded Quad Summit in Japan. The second in-person Quad Summit attended by Prime Minister Anthony Albanese of Australia, Prime Minister Narendra Modi of India, Prime Minister Fumio Kishida of Japan, and US President Joe Biden in Tokyo on May 24 was significant to showcase steadfast commitment to a free and open Indo-Pacific that is inclusive and resilient.

The four leaders in a significant move launched new maritime domain awareness initiative, the Indo-Pacific Partnership for Maritime Domain Awareness (IPMDA), designed to work with regional partners to respond to humanitarian and natural disasters, and combat illegal fishing.

Quad partners bring decades of skills and experience together to catalyse infrastructure delivery to the region and are committed to working closely with partners and the region to drive public and private investment to bridge gaps. To achieve this, the Quad will seek to extend more than USD 50 billion of infrastructure assistance and investment in the Indo-Pacific, over the next five years.

Reviewing Quad’s ongoing efforts to combat the COVID-19 pandemic, the leaders welcomed the enhanced manufacturing capacity of Biological-E facility in India and called for the expeditious grant of EUL approval by the WHO so that delivery of vaccines can commence. The leaders welcomed the gift of 525,000 doses of Made in India vaccines by India to Thailand and Cambodia in April 2022 under the Quad Vaccine Partnership.

They will continue to pursue a holistic approach to pandemic management by addressing last mile delivery and distribution challenges, augmenting regional health security through cooperation in genomic surveillance and clinical trials, and bolstering global health security architecture, the Quad joint statement said.

A Quad Climate Change Action and Mitigation Package (Q-CHAMP) was announced to strengthen efforts towards green shipping, clean energy, including green hydrogen and climate and disaster resilient infrastructure. Prime Minister Modi reiterated the importance of assisting countries in the region with their COP26 commitments through mobilisation of climate finance and technology transfer.

In an increasingly digital world with sophisticated cyber threats the Quad members recognised an urgent need to take a collective approach to enhancing cybersecurity. To deliver on the Quad Leaders’ vision for a free and open Indo-Pacific, the forum committed to improving the defence of its member nations’ critical infrastructure by sharing threat information, identifying and evaluating potential risks in supply chains for digitally enabled products and services, and aligning baseline software security standards for government procurement, leveraging our collective purchasing power to improve the broader software development ecosystem so that all users can benefit.

The Quad partners will coordinate capacity building programmes in the Indo-Pacific region under the Quad Cybersecurity Partnership, and will initiate the first-ever Quad Cybersecurity Day to help individual internet users across the nations, the Indo-Pacific region and beyond to better protect themselves from cyber threats.

As part of ongoing work related to critical and emerging technologies, Quad’s Common Statement of Principles on Critical Technology Supply Chains was launched. The four countries will coordinate capacity building programmes for the Indo-Pacific region to bolster critical cyber security infrastructure of the region.

The Prime Minister called for greater Quad collaboration to build trusted global supply chains and spoke of the national framework being adopted in India to create a semiconductor ecosystem in India.

A Quad Partnership on Humanitarian Assistance and Disaster Relief (HADR) for the Indo-Pacific was announced by the Leaders to enable more effective and timely responses to disasters in the region. The Leaders agreed to provide countries in the region resources on earth observation data through a Quad satellite data portal to help track climate events, disaster preparedness and sustainable use of marine resources. India will play a proactive role in this effort given its longstanding capabilities in using space-based data and technologies for inclusive development.

The members said they will build high-standard, inclusive, free, and fair trade commitments and develop new and creative approaches in trade and technology policy that advance a broad set of objectives that fuels economic activity and investment, promotes sustainable and inclusive economic growth, and benefits workers and consumers. The efforts include, but are not limited to, cooperation in the digital economy.

The Summit talked about commitment to improving transparency, diversity, security, and sustainability in its supply chains to make them more resilient and well-integrated.

“We seek to coordinate crisis response measures; expand cooperation to better prepare for and mitigate the effects of disruptions to better ensure business continuity; improve logistical efficiency and support; and ensure access to key raw and processed materials, semiconductors, critical minerals, and clean energy technology,” the statement on Indo-Pacific Economic Framework for Prosperity.

“In line with our Paris Agreement goals and efforts to support the livelihood of our peoples and workers, we plan to accelerate the development and deployment of clean energy technologies to decarbonize our economies and build resilience to climate impacts. This involves deepening cooperation on technologies, on mobilizing finance, including concessional finance, and on seeking ways to improve competitiveness and enhance connectivity by supporting the development of sustainable and durable infrastructure and by providing technical assistance.”

 


Vessels are now more integrated with the shore organisation, and more are connected to the internet — and that creates vulnerabilities on the vessel.

Drug dealers have tricked shipping cargo tracking systems to think drugs are “bananas” and unknown actors have jammed GPS signals in northern Norwegian waters. Fixing these problems requires understanding how seafarers themselves perceive cyber risks — so they can do a better job protecting themselves and their vessels.

It was the afternoon of June 27, 2017, when nearly every computer serving the Danish shipping giant Maersk went dark. A piece of malware called NotPetya, created by Russians to attack the Ukraine, had accidently snuck into the company’s system when a Maersk finance executive in Odessa asked his IT Department to install accounting software that  — unbeknownst to them — opened the door to the cyber attack.

Vessels are now more integrated with the shore organisation, and more are connected to the internet — and that also creates vulnerabilities on the vessel.

While Maersk wasn’t the target — the bug had been created by Russian hackers to cripple Ukrainian businesses and government infrastructure — the shipping company, along with thousands of other companies across the globe, were collateral damage. Merck, the pharmaceutical manufacturer, lost $870 million while FedEx’s European subsidiary lost $400 million.

The thing that set Maersk apart, however, was that this was by far the biggest cyberattack on the maritime industry.  As reported by Andy Greenberg in Wired magazine, Maersk, “responsible for 76 ports on all sides of the Earth, and nearly 800 seafaring vessels… representing close to a fifth of the entire world’s shipping capacity, was dead in the water.”

The attack ended up costing Maersk an estimated $300 million, but cybersecurity experts widely agree that’s likely an underestimate.

Yet there was one component in the Maersk system that managed to escape the attack: its ships.

While the malware shut ports, it didn’t affect the ships themselves. All of Maersk’s ships at sea were essentially isolated from the cyber attack.

“But it is a real risk,” says Marie Haugli Larsen, a PhD candidate studying maritime cybersecurity at the Department of Ocean Operations and Civil Engineering at NTNU in Ålesund. “Vessels are now more integrated with the shore organisation, and more are connected to the internet — and that also creates vulnerabilities on the vessel.”

The importance of human behaviour

Larsen’s research focuses on the human side of cybersecurity — that is, figuring out how to get seafarers to take the steps necessary to protect themselves and their ships from malware and other cyber attacks. While most people think of cybersecurity as mainly an IT issue, human behaviour frequently causes cyber incidents, Larsen said.

That means finding out how seafarers perceive the problem, she said.

“I’m trying to understand how seafarers — the operational crew —experience cyber risk in order to give them proper training,” she said.  “I’ve been interviewing the people in charge on ships, deck officers and captains, about how they experience cyber risks towards their vessels today. Then I’m trying to see what influences this perception in order to develop targeted risk mitigation measures. The idea is that you meet people where they are, and give them the tools they need to protect themselves.”

Larsen has a secret weapon when it comes to meeting seafarers “where they are”. She herself is educated as a deck officer, and has worked for two years aboard different vessels before beginning her research.

“Part of my journey has been thinking about how little I’ve thought about cyber risks,” she said. “When I worked at sea, I never thought maybe I shouldn’t use this USB stick, or maybe I shouldn’t charge my phone in this equipment. Or maybe I need to be more careful what I’m connecting to the internet or what I’m using the bridge computer for, because I didn’t think about vulnerabilities or what kind of cyber risks that could be there. So I’ve used my own experience to think about how to talk to others in the same situation.”

Hackers controlling ships

Larsen says shipping companies have known for some time that they could be victims of a cyber attack, much like what happened to Maersk. “It’s no longer a question of if it is going to happen, but when it will happen,” Larsen said.

If hackers want to, they can target the vessels’ operational systems so they can steer the ships. We haven’t seen it happening yet. But the tools are there.

A recent research paper looked at 46 cyber attacks in the shipping industry from 2010 to 2020, and noted that there was a 7-fold increase in attacks over the reporting period — which makes addressing the problem all the more important.

It was here that researchers described incidents where shipping systems that were fooled into thinking that smuggled drugs were bananas, and where GPS systems were hacked or jammed, including on the northern Norwegian coast.

The increasing availability and use of the internet aboard ships themselves opens the possibility for new, increasingly unnerving situations, Larsen says.

“If hackers want to, they can target a vessel’s operational system so they can control it. We haven’t seen it happening yet. But the tools are there,” she said.

Imagine, Larsen says, that hackers get control of an oil tanker, the largest of which can hold more than 2 million barrels of oil, or nearly 320 million litres.

“If hackers take control of the ship and open the valves, then you have an environmental catastrophe,” she said. “Or what if the ballast tanks of a cruise ship are hacked, and the hackers cause it to list, so that it tilts? I’m not sure you can actually capsize it, but it can have enormous safety consequences for the people on board.”

Unrealistic optimism

There’s a whole branch of behavioural psychology that deals with perceived risk, which Larsen is relying on for her research.

No, this is something that’s happening elsewhere. It’s not happening on my ship.

“A part of decision making is how we perceive risk,” Larsen said. “If you don’t think there is any risk for your systems on the ship, if you don’t think it will be attacked by hackers, then you’re probably not being too careful with your systems. Or maybe you are a bit careless, because you’re not thinking about the risk. And if we can help people by giving them more information and enhanced awareness then we can also affect their risk perception.”

When people perceive various risks, they can often rely on something called cognitive biases. One well-documented bias is the optimistic bias, which has to do with people thinking that they themselves are not at risk, even if the activity they are involved in has risks. One classic example of this, is why people smoke, she says.

“If you ask someone why they smoke since they can get cancer, they tend to say, ‘that’s something happening to others, not to me’,” she said.

Mariners have the same cognitive biases as other people, and since cyber incidents may occur in regions far from where the mariners work, they can experience unrealistic optimism, Larsen said.

“All the people I have interviewed have said, ‘I believe the cyber risk to be low in the areas I’m working in, and it’s not likely that a cyber-attack will happen on my ship. That is something happening elsewhere, like the Gulf of Aden or around the Cape of Good Hope’,” she said.

People are also less likely to worry about something if they or people they know haven’t actually experienced the problem, she said. But of course, that doesn’t make the risk go away.

The Internet of Ships

The “Internet of Things” is a phrase used to describe how more and more of our appliances and other items contain sensors that are connected to the internet and can be controlled and interacted with digitally.

It’s common to find this technology in everything from your washing machine to the lock on your front door or in different components in your electric car.

The same trend is happening at sea, Larsen said, which increases a ship’s exposure to cyber risk. At the same time, however, instead of making a mariner’s work easier, digitalization can actually make their work harder, she said.

“Before, a ship was more autonomous or free from impacts from shore, but now, you have sensors that monitor the vessel’s performance in different settings, and you have a shipping company that needs to save money, for example, or has green values,” she said. “And all of these factors mean that ships need to be more efficient.”

While that’s a good thing, it can put crews in a difficult situation, she said. For example, if a captain feels like the ocean conditions aren’t safe, he or she may decide to stop, or go to port. But both customers and the shipping company can now monitor this behaviour and question the captain’s judgement.

“By use of these new parameters, companies are now suddenly making statistics for their vessels’ daily operations. And captains have to address this, they experience getting questioned about why they are using more fuel than other captains, for example,” she said. “They have much less self-governance. And that they don’t feel very good about that.”

Digitalization can be seen as red tape

This situation also can increase cyber risks, she said, because deck officers can be overwhelmed. More and more systems are being digitalized, which increases the reporting required of seafarers.

You think that digitalization means efficiency, but that’s not their experience.

“And this is connected with increased digital exposure, because seafarers can feel overwhelmed because they experience that there is more and more information that needs to be processed digitally, for example,” she said. “They have to report numbers in five different places now because there are so many systems and still they have to print it out and hang it up on the whiteboard.”

“You think that digitalization means efficiency, but that’s not always the seafarer’s experience. Their experience is that digitalization can create more administrative work, or bureaucratic red tape, as some of them called it. So they feel like technology and this increase in utilisation gives them less freedom and flexibility.”

Identifying these issues will allow Larsen and her colleagues to develop measures that can educate mariners and the companies they work for to protect themselves against cyber risks.

“We have to implement mitigation measures on different levels in the shipping companies,” Larsen said. “We need to target the individuals, the vessels and management to the maritime industry improve their cyber security.”

Source: NTNU


Company DETAILS

SHIP IP LTD
VAT:BG 202572176
Rakovski STR.145
Sofia,
Bulgaria
Phone ( +359) 24929284
E-mail: sales(at)shipip.com

ISO 9001:2015 CERTIFIED