Maritime Safety News Archives - SHIP IP LTD

US Coast Guard releases final rule on maritime security and cybersecurity standards

February 10, 2025 CYBER SECURITYGENERALMARITIME CYBER SECURITYMaritime Safety NewsRegulation

The U.S. Coast Guard is set to publish this week its final rule covering maritime security regulations by establishing minimum cybersecurity requirements for U.S.-flagged vessels, outer continental shelf facilities, and facilities subject to the Maritime Transportation Security Act of 2002 regulations. This final rule addresses current and emerging cybersecurity threats in the marine transportation system by adding minimum cybersecurity requirements to help detect risks and respond to and recover from cybersecurity incidents.

In a final rule scheduled for publication in the Federal Register, the Department of Homeland Security through the Coast Guard aims to enhance cybersecurity within the marine transportation system. The proposal includes mandates to create and uphold a Cybersecurity Plan, appoint a Cybersecurity Officer, and implement various strategies to ensure cybersecurity is maintained. Additionally, the Coast Guard is inviting feedback on a possible extension for the implementation timelines for U.S.-flagged vessels.

The final rule aims to protect the marine transportation system from cybersecurity threats by establishing minimum cybersecurity requirements. These requirements are designed to detect, respond to, and recover from risks that could lead to transportation security incidents (TSIs). The rule specifically targets risks arising from the increased interconnectivity and digitalization of the marine transportation system, addressing current and emerging cybersecurity threats to maritime security.

The Coast Guard noted that with this final rule, it has to finalize the requirements that were proposed in the notice of proposed rulemaking (NPRM), ‘Cybersecurity in the Marine Transportation System,’ published last February 22. The agency also responded to the public comments that we received to the NPRM and made several clarifications regarding the regulatory framework.

The Cybersecurity Plan must include seven account security measures for owners or operators of a U.S.-flagged vessel, facility, or outer continental shelf facility enabling of automatic account lockout after repeated failed login attempts on all password protected IT systems; changing default passwords (or implementing other compensating security controls if unfeasible) before using any IT or operational technology (OT) systems; and maintaining a minimum password strength on IT and OT systems technically capable of password protection.

It also covers implementing multi-factor authentication on password-protected IT and remotely accessible OT systems; applying the principle of least privilege to administrator or otherwise privileged accounts on both IT and OT systems; maintaining separate user credentials on critical IT and OT systems; and removing or revoking user credentials when a user leaves the organization.

The U.S. Coast Guard outlined that the Cybersecurity Plan also must include four device security measure requirements. They are developing and maintain a list of any hardware, firmware, and software approved by the owner or operator that may be installed on IT or OT systems; ensure that applications running executable code are disabled by default on critical IT and OT systems; maintain an accurate inventory of network-connected systems including those critical IT and OT systems; and develop and document the network map and OT device configuration information.

Additionally, the Cybersecurity Plan must include two data security measure requirements that ensure that logs are securely captured, stored, and protected and accessible only to privileged users, and deploy effective encryption to maintain confidentiality of sensitive data and integrity of IT and OT traffic when technically feasible.

The U.S. Coast Guard prescribed that owners or operators of U.S.-flagged vessels, facilities or outer continental shelf facilities must also prepare and document a Cyber Incident Response Plan that outlines instructions on how to respond to a cyber incident and identifies key roles, responsibilities, and decision-makers amongst personnel.

Furthermore, owners or operators must also designate a Cybersecurity Officer (CySO) who must ensure that U.S.-flagged vessel, facility, or outer continental shelf facility personnel implement the Cybersecurity Plan and the Cyber Incident Response Plan. The CySO must also ensure that the Cybersecurity Plan is up-to-date and undergoes an annual audit. The CySO must also arrange for cybersecurity inspections, ensure that personnel have adequate cybersecurity training, record and report cybersecurity incidents to the owner or operator, and take steps to mitigate them.

The Coast Guard estimates that this final rule creates costs for industry and government of about US$1.2 billion total and $138.7 million annualized, discounted at 2 percent (2022 dollars). This increased estimate from the NPRM is primarily driven by increases to our estimates of costs related to cybersecurity drills, exercises, and penetration testing. Cost estimates are also increased due to updated affected population data.

The final rule also notes that its benefits include reduced risk and mitigation of cyber incidents to protect impacted entities and downstream economic participants, and improved protection of marine transportation system business operations to build consumer trust and promote increased commerce in the U.S. economy. Additional benefits include improved minimum standards of cybersecurity to protect the marine transportation system, which is vital to the nation’s economy and national security, and to avoid supply chain disruptions.

The U.S. Coast Guard also requires owners and operators of U.S.-flagged vessels, facilities, and outer continental shelf facilities to segment their IT and OT networks, and log and monitor connections between them. Based on information from CGCYBER, CG-CVC, and NMSAC, network segmentation can be particularly difficult in the marine transportation system, largely due to the age of infrastructure in the affected population of U.S.- flagged vessels, facilities, and outer continental shelf facilities. The older the infrastructure, the more challenging network segmentation may be.

The document also laid down that it will require owners and operators of U.S.-flagged vessels, facilities, and outer continental shelf facilities to limit physical access to IT and OT equipment; secure, monitor, and log all personnel access; and establish procedures for granting access on a by-exception basis.

Last July, the DHS’ Office of Inspector General (OIG) published a final report identifying that the U.S. Coast Guard has made progress in enhancing the cyber posture of the marine transportation system by establishing maritime cybersecurity teams over the past two years, in line with statutory requirements. Based on its findings, the report proposes four recommendations to improve the Coast Guard’s cyber readiness and precautions to secure the U.S. supply chain. The DHS has concurred with four recommendations.

 

Source : Industrial Cyber

Safeguarding Marine Terminals from Cyber Threats: IT vs. OT in the Age of Industry 4.0

February 10, 2025 CYBER SECURITYGENERALMaritime Safety NewsRegulation

As Industry 4.0 continues to redefine operations, the lines between Information Technology (IT) and Operational Technology (OT) systems are increasingly blurred. Marine terminals now face unique cybersecurity risks to both types of systems, each requiring tailored defenses.

IT Systems: Protecting Data and Networks

IT systems manage critical business data and communication infrastructure. Cybersecurity risks for IT systems include malware, phishing attacks, and data breaches. Employing strong network security protocols, regular software updates, and staff training are essential for safeguarding sensitive data.

OT Systems: Securing Operational Processes

OT systems, which control equipment and automation at marine terminals, face distinct risks. These include attacks on Industrial Control Systems (ICS) and vulnerabilities in legacy systems. Protecting OT involves ensuring real-time monitoring, regular upgrades, and physical security to prevent unauthorized access.

Best Practices for Marine Terminals:

  • For IT systems: Implement multi-factor authentication, regularly update software, and train employees to spot phishing attempts.
  • For OT systems: Maintain an inventory of all assets, update outdated systems, and ensure secure remote access.

With both IT and OT systems now interconnected, a unified approach to cybersecurity is crucial. Protecting these systems is not just about safeguarding data but also ensuring the continued safe operation of critical infrastructure.

Cybersecurity in Maritime Critical Infrastructure: Reflection on African Ports (CRIMSON III)

February 10, 2025 CYBER SECURITYGENERALMaritime Safety NewsRegulation

Modern commercial ports are a critical infrastructure which is highly dependent on information systems. The security of a port thus relies on the integrity of both physical and cyber assets. Despite evidence that ports are becoming targets for hackers, whose attacks can affect both cyber and physical assets and halt operations, too many ports have inadequate cybersecurity. Physical threats, incidents, and accidents to the physical assets (e.g., terminals, gates, buildings) of the maritime infrastructures or cyber threats and attacks to the cyber assets (e.g., Port Community Systems, navigation systems) can jeopardise the maritime operations, disrupt supply chains and destroy international trade and commerce.

 

https://rusieurope.eu/wp-content/uploads/2024/02/cybersecurity-in-maritime-critical-infrastructure-crimson-report-english.pdf

Recent IMO Decisions: Key Headlines

February 10, 2025 IMOMaritime Safety News

  • IMO Adopts Revised Action Plan to Combat Marine Plastic Litter
    On February 6, 2025, the International Maritime Organization’s Sub-Committee on Pollution Prevention and Response agreed on the draft 2025 Action Plan to Address Marine Plastic Litter from Ships. The plan is set for approval by the Marine Environment Protection Committee in April 2025.

    imo.org
  • Nine Countries Join IMO’s GreenVoyage2050 Program
    Announced on February 6, 2025, nine nations have been selected as partners for the IMO’s GreenVoyage2050 program, which supports the implementation of the 2023 IMO Greenhouse Gas Strategy.

    imo.org
  • IMO Secretary-General Urges Enhanced Efforts to Reduce Shipping Emissions
    In October 2024, IMO Secretary-General Arsenio Dominguez called for increased action from the shipping industry to cut carbon emissions, emphasizing the need for immediate and comprehensive measures to meet the IMO’s emission reduction targets.

    apnews.com
  • IMO Mandates Reporting of Containers Lost at Sea
    Starting January 1, 2026, the IMO will require mandatory reporting of all containers lost at sea, aiming to enhance maritime safety and environmental protection.

    worldshipping.org
  • IMO Condemns Attacks on Ships in the Red Sea
    In May 2024, the IMO’s Maritime Safety Committee adopted a resolution condemning attacks on vessels in the Red Sea and Gulf of Aden, calling for an immediate end to these “illegal and unjustifiable” actions.

    hellenicshippingnews.com

Maritime Industry News Highlights: February 7–10, 2025

February 10, 2025 Maritime Safety News

Shipbuilding and Deliveries

  • Fincantieri Delivers LNG-Powered Cruise Ship to TUI Cruises: Fincantieri has handed over the first of two low-carbon cruise ships to TUI Cruises. The vessel is powered by liquefied natural gas (LNG), marking a significant step toward sustainable cruising.
    marinelink.com

Market Trends

  • South Korea Leads in January Shipbuilding Orders: South Korean shipyards secured orders totaling 900,000 compensated gross tons (CGT) for 13 ships in January, accounting for 62% of global orders. This surge is attributed to contracts for LNG dual-fuel container ships.
    marinelink.com
  • Decline in Ship Recycling Prices Anticipated: The ship recycling market is experiencing downward pressure on prices due to ongoing tariffs and counter-tariffs. Industry experts predict a continued decline in the first half of 2025.
    marinelink.com

Environmental Initiatives

  • Canadian and European Ports Collaborate on Energy Transition: Canada’s Halifax Port Authority has announced an investment of up to $17 million, including $15 million dedicated to developing the Halifax-Hamburg green shipping corridor, aiming to enhance sustainable maritime practices.
    maritime-executive.com

Regulatory and Political Developments

  • Trump Administration Plans 25% Tariffs on Steel and Aluminum Imports: The U.S. government has announced intentions to impose a 25% tariff on all steel and aluminum imports, including those from Mexico and Canada, potentially impacting shipbuilding and repair costs.
    maritime-executive.com

Security and Incidents

  • Tanker Explosion at Russian Port of Ust-Luga: A tanker suffered an engine room explosion at the Russian port of Ust-Luga. Investigations are ongoing to determine the cause and assess the impact on port operations.
    maritime-executive.com

Enhancing Maritime Cybersecurity: The Critical Role of OT Inventory for Ships

February 10, 2025 CYBER SECURITYGENERALMaritime Safety NewsRegulation

🔒 Strengthening Maritime Cybersecurity: The Importance of OT Inventory for Ships 🚢

With evolving cybersecurity regulations like the IMO’s MSC-FAL.1/Circ.3 and upcoming EU NIS2 Directive, ships must enhance their Operational Technology (OT) security to prevent cyber threats. A crucial step in compliance and risk mitigation is maintaining an accurate OT inventory.

📌 Why is OT Inventory Important?

Regulatory Compliance – Authorities require clear documentation of OT assets onboard.
Vulnerability Management – Knowing what systems exist helps identify security risks.
Incident Response – A complete inventory speeds up recovery from cyber incidents.
Network Segmentation – Mapping OT systems helps separate critical assets from IT networks.

🔹 How to Build an Effective OT Inventory?

Identify & Categorize – List all OT systems (e.g., ECDIS, VDR, engine control, ballast systems).
Document Connectivity – Map each device’s network connections to spot potential weak points.
Assess Cyber Risks – Regularly evaluate vulnerabilities and update security measures.
Monitor & Update – Keep inventory updated to reflect new installations or modifications.

🌍 Take Action Now!
With cyber threats rising in maritime operations, a well-managed OT inventory is a key first step to ensuring compliance and safeguarding your vessel. Start today to protect your fleet from cyber risks!

Maritime Cybersecurity Alert: Surge in Threats and New Protective Measures

February 10, 2025 CYBER SECURITYMaritime Safety NewsRegulation

Recent reports indicate a significant escalation in cyber threats targeting the maritime industry. Marlink’s Security Operations Center observed a sharp increase in malicious activities during the first half of 2024, with over 23,400 malware detections and 178 ransomware incidents. Phishing remains the primary method attackers use to breach corporate networks, and there’s a notable rise in sophisticated botnet attacks leveraging AI to target IoT devices.

marinelog.com

In response to these growing threats, the International Maritime Cyber Security Organisation (IMCSO) has been established. This non-profit entity aims to standardize cybersecurity risk assessments across the maritime sector. IMCSO offers certification programs for security consultants and maintains a professional register to assist shipping organizations in selecting qualified personnel. Additionally, it will validate and standardize report outputs, storing them in a central database accessible to authorities and third parties for assessing vessel risk.

seatrade-maritime.com

These developments underscore the critical importance of robust cybersecurity measures in maritime operations. Organizations are urged to stay vigilant, update their security protocols, and invest in advanced threat detection capabilities to safeguard their operations against evolving cyber threats.

Stay Ahead: Key Maritime Rules & Compliance Deadlines for 2025-2026

February 10, 2025 Maritime Safety NewsRegulation

Regulation Jan 2025 Feb 2025 Mar 2025 Apr 2025 May 2025 Jun 2025 Jul 2025 Aug 2025 Sep 2025 Oct 2025 Nov 2025 Dec 2025 2026
IMDG Code Amendments 🟢
IMSBC Code Amendments 🟢
STCW Electronic Certificates 🟢
MARPOL Annex I & V (Red Sea & Gulf of Aden) 🟢
Ballast Water Record Book (BWM Convention) 🟢
Mediterranean SOx Emission Control Area 🟢
Hong Kong Ship Recycling Convention 🟢
MARPOL Annex VI – Low-Flashpoint Fuels & Reporting 🟢
Electronic Ballast Water Record Books 🟢
More 2026 Regulations 🔵

🟢 = Regulation comes into force
🔵 = Future regulations for 2026 and beyond

1. International Maritime Dangerous Goods (IMDG) Code Amendments (42-24)

  • Effective Date: January 1, 2025
  • Key Changes:
    • Enhanced classification and handling protocols for lithium batteries, including new entries for lithium-powered vehicles.
    • Stricter regulations for the transport of charcoal and carbon products to mitigate fire risks.
    • Introduction of guidelines for sodium-ion batteries, aligning them with existing safety standards.
  • Reference: Marine Mirror

2. International Maritime Solid Bulk Cargoes (IMSBC) Code Amendments (07-23)

  • Effective Date: January 1, 2025
  • Key Changes:
    • Mandatory declaration of bulk density by shippers, as per SOLAS regulation XII/10.
    • Addition of new cargo entries, including baryte and brown fused alumina, each with specific handling requirements.
    • Reclassification of certain cargoes, such as stabilized fish meal, to non-dangerous goods, simplifying certification processes.
  • Reference: Maritime Cyprus

3. Amendments to the Standards of Training, Certification, and Watchkeeping (STCW) Convention

  • Effective Date: January 1, 2025
  • Key Changes:
    • Authorization for the issuance of electronic seafarer certificates, specifying minimum information requirements.
    • Guidelines provided for the use and acceptance of electronic certificates to support global digitalization efforts.
  • Reference: Maritime Cyprus

4. MARPOL Annex I and V Amendments – Red Sea and Gulf of Aden Special Areas

  • Effective Date: January 1, 2025
  • Key Changes:
    • Designation of the Red Sea and Gulf of Aden as Special Areas under MARPOL Annexes I and V, enforcing stricter discharge controls for oil, oily mixtures, and garbage.
    • Ships must comply with enhanced discharge regulations, including the prohibition of certain discharges unless specific conditions are met.
  • Reference: Maritime Cyprus

5. Ballast Water Management (BWM) Convention – Revised Ballast Water Record Book

  • Effective Date: February 1, 2025
  • Key Changes:
    • Implementation of a revised format for the Ballast Water Record Book to enhance clarity and address common deficiencies.
    • Ships are required to adopt the new record-keeping format to improve compliance during inspections.
  • Reference: Maritime Cyprus

6. Mediterranean Sea Emission Control Area (ECA) for Sulphur Oxides (SOx)

  • Effective Date: May 1, 2025
  • Key Changes:
    • Enforcement of a 0.10% m/m sulphur content limit for fuel oil used by ships operating within the Mediterranean Sea ECA.
    • Alternatively, ships may use approved exhaust gas cleaning systems (EGCS) to meet the emission requirements.
  • Reference: Gard’s Insights

7. Hong Kong International Convention for the Safe and Environmentally Sound Recycling of Ships

  • Effective Date: June 26, 2025
  • Key Changes:
    • Requirement for ships over 500 GT engaged in international voyages to maintain an Inventory of Hazardous Materials (IHM).
    • Ships must be recycled at authorized facilities that comply with the convention’s safety and environmental standards.
  • Reference: Gard’s Insights

8. MARPOL Annex VI Amendments – Low-Flashpoint Fuels and Data Reporting

  • Effective Date: August 1, 2025
  • Key Changes:
    • Clarification of regulations concerning gas and low-flashpoint fuels, including updated definitions and bunker delivery note requirements.
    • Reclassification of replacing steam systems with marine diesel engines as major conversions, necessitating compliance with emission standards.
    • Enhanced fuel consumption data reporting requirements, including total onshore power supplied and transport work metrics.
  • Reference: Maritime Cyprus

9. Ballast Water Management (BWM) Convention – Electronic Record Books

  • Effective Date: October 1, 2025
  • Key Changes:
    • Authorization for the use of electronic Ballast Water Record Books, aligning with practices under MARPOL Annexes and the NOx Technical Code.
    • Guidelines provided for the implementation and use of electronic record-keeping systems.
  • Reference: [Maritime Cyprus](https://maritimecyprus.com/2024/11

 

SHIPIP INVENTORY OF HAZARDOUS MATERILA MAINTENANCE

Reporting of Lost Containers to Be Mandatory From 2026

February 3, 2025 Maritime Safety News

New rule changes adopted at the 108th session of the International Maritime Organisation’s maritime safety committee will result in the reporting of lost containers becoming mandatory from 1st January 2026.

The rule changes – which take the form of amendments to the International Convention for the Safety of Life at Sea (SOLAS) – will mean that Masters involved in the loss of containers must immediately report specific details of the loss to nearby ships, the nearest coastal state, and the vessel’s flag state.

Additional information that must be provided includes the total number of lost containers, and if any containers contained dangerous goods.

Masters will also – voluntarily – be able to provide details about the sea conditions and more, should they wish.

Following the provision of information, it will then be up to the flag state to pass the data to the IMO via a new module in the Global Integrated Shipping Information System (GISIS).

The changes to SOLAS also cover requirements if drifting containers are observed. In this instance, the position and total number of drifting containers must be reported.

The amendments have been warmly welcomed by stakeholders across the maritime industry, perhaps most notably the World Shipping Council, which has been gathering lost container data from its members since 2008. This information has been published by the Council each year in their ‘Containers Lost at Sea’ report.

Commenting on the amendments to SOLAS, the World Shipping Council’s SVP Safety & Security, Lars Kjaer, said:

“The new regulations, specifically amending SOLAS Chapter V Regulations 31 and 32, mark a significant advancement in maritime safety and environmental protection. By ensuring prompt and detailed reporting of lost and drifting containers, these amendments will enhance navigational safety, facilitate swift response actions, and mitigate potential environmental hazards”.

The World Shipping Council’s Containers Lost at Sea report for 2024 (covering 2023), shows a decline in lost containers. 2023 saw 221 containers lost, compared to 661 in 2022. An impressive number when one considers that approximately 250 million containers were transported by sea last year. The report also highlights that of the containers lost, some 33% were recovered.

Analysis of the human factors leading to bridge deficiencies in the context of the Paris mou for bulk carriers

February 3, 2025 CrewExpressMaritime Safety News

Shipping remains the dominant mode of cargo transportation worldwide, ensuring the safe and efficient movement of goods in compliance with international regulations. As part of these regulations, nations have the authority to inspect vessels calling at their ports under established agreements.

This study examines the human factors contributing to bridge-related deficiencies on bulk carriers, focusing on inspections conducted under the Paris Memorandum of Understanding (Paris MoU). By analyzing data from annual reports and the 20 most common bridge deficiencies, the study highlights key areas affecting navigational safety.

Using the Delphi method, industry experts identified several critical factors influencing deficiencies on the bridge. These include lack of motivation, skills, knowledge, familiarity with procedures, general awareness, experience, adherence to company directives, excessive workload, fatigue, and stress. However, there was no consensus regarding the impact of indifference on navigational safety.

The findings underscore the importance of addressing human factors in maritime operations to enhance bridge performance and overall vessel safety. Implementing targeted training programs, reducing workload, and fostering awareness can significantly improve compliance and navigation safety standards.

To support these efforts, our software CrewExpress provides an efficient solution for recording crew work and rest hours, ensuring compliance with international regulations and improving operational oversight.

crewexpress stcw rest hours software

Older Posts

News

Quick Menu

Company DETAILS

SHIP IP LTD
VAT:BG 202572176
Rakovski STR.145
Sofia,
Bulgaria
Phone ( +359) 24929284
E-mail: sales(at)shipip.com

ISO 9001:2015 CERTIFIED