Loading...

(+30) 2118501121

MARITIME CYBER SECURITY - SHIP IP LTD

cyber-1654709-696x392.jpg

Three cornerstones for effective Maritime cyber security

Maritime’s fragmented approach to digitalisation carries risk, especially when it comes to cyber security.

Speaking recently at Lloyd’s Register Asia Shipowners’ Forum, Wallem Group chief executive Frank Coles highlighted how operators can fail to update critical processes when embracing new onboard technologies. By overlooking the human elements of cyber security, he said, operators can undermine the potential benefits of acquiring a new technology – introducing risk instead capitalising on the rewards it can offer.

While cyber security risks posed to the shipping sector are real and pressing, they can be quantified and managed, if the right approach is taken.

Safeguarding critical assets in a fragmented digitalisation process and ensuring profitability in the years to come depends on three cornerstones:

Cornerstone 1: threat-intelligence assessment 

Maritime cyber security .

The cyber security landscape is rapidly changing and the insights gained as little as five years ago are of less and less value as threat actors adjust their approaches in response to advances made by security professionals and technical defenders. Regular threat intelligence and assessment activities allow an owner to view their organisation through the eyes of a potential attacker, to perceive their attack surface in detail, and to assess the real-world threats to their business.

Cornerstone 2: Crisis-management cyber attack simulation

With knowledge of the attack surface and adversaries already in hand, owners can take steps to safely, effectively and efficiently ensure they are prepared to respond to a cyber attack by using a simulated cyber attack known as a ‘red team’ exercise. Such exercises allow a company to define and simulate real-world attack scenarios using the same tactics, techniques, and procedures as a genuine threat actor. They also help determine the level of assurance and ability needed to effectively detect and respond to a genuine cyber attack and educate defence teams about effective responses within a controlled and forgiving environment.

Cornerstone 3: Define a cyber security strategy

An effective cyber security strategy completes the foundation of a secure technological and organisational infrastructure. Designing a cyber security strategy is a complex task for most firms as the strategy must be robust and responsive enough to address a dynamic operational environment. Security professionals can work to create a cyber security strategy to create operational efficiencies, maximum return on technology investments, and assured data and asset protection into the future.

Given the cost and reputational risks associated with a cyber attack – estimated at £11.7M (US$15.4M) per company according to a World Economic Forum 2017 study – there is no doubting the importance of taking a strategic approach to cyber security.

Ultimately, a truly cyber resilient shipping organisation is one that gains intelligence on evolving cyber threats to inform decisions and plans, going beyond the minimums needed to achieve compliance.

SOURCE https://www.marinemec.com


cybersecurity-1200x675.jpg

Korean Register (KR) has granted its first cyber security type-approval certificate to a new smart shipping integrated communication system.

The cyber security type-approval certificate has been awarded to Hyundai Electrics for its Hyundai Integrated Smart Communication System (Hyundai-ISCS), aimed at providing comprehensive cyber security protection for next-generation vessels.

KR’s cyber security type-approval is based on international standards such as IEC 62443 4-2 and IEC 61162-460. Under the certification, technical, security and audit functions are inspected and assessed for confidentiality, integrity and availability, while backup and recovery functions are also inspected and analysed to assess their response strength in the wake of a cyber incident.

 

KR executive vice president Hyung-chul Lee said “This is the very first cyber security type-approval certificate to be issued anywhere in the world, but it reflects the speed of development in this sector and rising level of risk to on board systems from cyber attack.”

Hyundai-ISCS was developed jointly by Hyundai Electric and Hyundai Heavy Industries. It provides a range of information on vessels and acts as an interface between more than 20 types of equipment including safety systems and sensors, combining to enhance a vessel’s smart abilities.

The certificate was formally presented to Hyundai by KR in a ceremony at Nor-Shipping 2019 in Oslo, Norway, on 5 June.

It was also announced on 5 June that Hyundai Global Service (HGS) and Inmarsat have signed a business co-operation agreement aimed at facilitating digitalisation for owners and managers of vessels. The agreement will enable co-operation including using Inmarsat’s Fleex Xpress dedicated bandwidth services to support HGS’ digital services for shipowners.

The agreement was announced following trials on three vessels over a three-month period, testing sensor-driven applications measuring voyage and equipment operating data including fuel consumption and vibration monitoring, plus HGS analytics and reporting services.

 

SOURCE


GettyImages-701167058.jpg

CMA CGM and MSC to Join Maersk’s Maritime Blockchain Platform

CMA CGM and MSC Mediterranean Shipping Company (MSC) have announced they will join TradeLens, a blockchain-enabled digital shipping platform, jointly developed by A.P. Moller – Maersk and IBM.

TradeLens enables participants to connect, share information and collaborate across the shipping supply chain. The attributes of blockchain technology are ideally suited to large networks of disparate partners, says Maersk. Blockchain establishes a shared, immutable record of all the transactions that take place within a network and enables permissioned parties access to trusted data in real time.

The platform now has over 100 participants. The addition of CMA CGM and MSC will result in data for nearly half of the world’s ocean container cargo being available on TradeLens. The companies will promote TradeLens and create complementary services on top of the platform for their customers and partners.

TradeLens is already processing over 10 million discrete shipping events and thousands of documents each week for shippers, carriers, freight forwarders, customs officials, port authorities, inland transportation providers and others.

CMA CGM and MSC will operate a blockchain node, participate in consensus to validate transactions, host data, and assume the critical role of acting as Trust Anchors, or validators, for the network. The companies will be on the TradeLens Advisory Board which will include members across the supply chain to advise on standards for neutrality and openness.

“Digitization is a cornerstone of the CMA CGM Group’s strategy to provide an end-to-end offer tailored to our customers’ needs. We believe that TradeLens, with its commitment to open standards and open governance, is a key platform to help usher in this digital transformation,” said Rajesh Krishnamurthy, Executive Vice President, IT & Transformations, CMA CGM Group. “TradeLens’ network is already showing that participants from across the supply chain ecosystem can derive significant value.”

The TradeLens platform has enormous potential to spur the industry to digitize the supply chain and build collaboration around common standards, said André Simha, Chief Digital & Information Officer, MSC. “We think that the TradeLens Advisory Board, as well as standards bodies such as the Digital Container Shipping Association, will help accelerate that effort.”


marine-shipping-insurance-800x550.jpg

Cyber Adversaries Targeting Commercial Vessels

This bulletin is to inform the maritime industry of recent email phishing and malware intrusion attempts that targeted commercial vessels. Cyber adversaries are attempting to gain sensitive information including the content of an official Notice of Arrival (NOA) using email addresses that pose as an official Port State Control (PSC) authority such as: port @ pscgov.org. Additionally, the Coast Guard has received reports of malicious software designed to disrupt shipboard computer systems. Vessel masters have diligently reported suspicious activity to the Coast Guard National Response Center (NRC) in accordance with Title 33 Code of Federal Regulations (CFR) §101.305 – Reporting, enabling the Coast Guard and other federal agencies to counter cyber threats across the global maritime network.

As a reminder, suspicious activity and breaches of security must be reported to the NRC at (800) 424-8802. For cyber attempts/attacks that do not impact the operating condition of the vessel or result in a pollution incident, owners or operators may alternatively report to the 24/7 National Cybersecurity and Communications Integration Center (NCCIC) at (888) 282-0870 in accordance with CG-5P Policy Letter 08-16, “Reporting Suspicious Activity and Breaches of Security.” When reporting to the NCCIC, it is imperative that the reporting party notify the NCCIC that the vessel is a Coast Guard regulated entity in order to satisfy 33 CFR §101.305 reporting requirements. The NCCIC will in turn forward the report to the NRC that will then notify the cognizant Coast Guard Captain of the Port (COTP).

The Coast Guards urges maritime stakeholders to verify the validity of the email sender prior to responding to unsolicited email messages. If there is uncertainty regarding the legitimacy of the email request, vessel representatives should try contacting the PSC authority directly by using verified contact information. Additionally, vessel owners and operators should continue to evaluate their cyber defense meaures to reduce the effect of a cyber-attack. For more information on the NCCIC’s services, cyber-related information, best practices, and other resources, please visit: https://www.dhs.gov/CISA.

The Coast Guard applauds companies and their vessels for remaining vigilant in the identification and prompt reporting of suspicious cyber-related activities. Questions pertaining to this bulletin may be directed to the Coast Guard Office of Commercial Vessel Compliance’s Port State Control Division (CG-CVC-2) at PortStateControl@uscg.mil.

DOWNLOAD THE BULLETIN

 

 

 


autonomo-ploio.jpg

Final preparations are underway for a 12-metre-long ship to set sail from Canada and attempt the world’s first transatlantic crossing without a crew.

 

TOLLESBURY, England: 

Final preparations are underway for a 12-metre-long ship to set sail from Canada and attempt the world’s first transatlantic crossing without a crew.

The USV Maxlimer, an unmanned surface vessel, is bound for the south coast of England and will conduct deep sea surveys on the way, guided by a skipper in a control station in Britain. The voyage is expected to take about 35 days.

The ship was built by Sea-Kit International, which develops vessels for the maritime and research industries, for the Shell Ocean Discovery XPRIZE, a competition to autonomously survey the sea bed.It can launch and recover autonomous underwater vehicles but has the potential to operate in different roles with different cargo.”(It is) almost like a utility pick-up vehicle of the sea, it’s robust, it’s adaptable, it’s got a huge range,” said SEA-KIT International Managing Director Ben Simpson.

The vessel is operated by a hand-held remote control when in harbour and when at sea it can stream live data to the controller via multiple satellite links.

“What is now available through technology is very, very similar to what you have on the bridge of a ship and in many ways, I would argue, even more comprehensive,” said James Fanshawe, a director of SEA-KIT.”The controller here in this station can actually see all the way round on the horizon near real-time and in many ships it’s quite difficult to actually even see what’s behind you from the bridge of that ship,” said Fanshawe.

COMMENT

The company said it sees a future for unmanned vessels as they can remove humans from harm’s way.The team said ships that do not need to accommodate people also have significant economic and environmental benefits.”You don’t need a bridge, you don’t need a galley, you don’t need water supplies, you don’t need air conditioning and suddenly the size of that vessel becomes a fraction of the size of vessels currently being used offshore,” Simpson said.The combination of size and hybrid diesel-electric propulsion cuts fuel use by around 95 percent, the company said.

 

SOURCE READ FULL ARTICLE


Automation-to-drive-marine-and-motor-cyber-cover-09-18-bg-1200x600.jpg

Specialist insurer Beazley has created an innovative marine cyber insurance product to meet the rapidly developing needs of vessel owners and operators.

Should a cyber incident impact a vessel’s operational capabilities, Beazley Cyber Defence for Marine provides insurance for physical damage and loss of hire.

At the heart of the product are risk management services designed to reduce the likelihood of a cyber incident occurring and demonstrate compliance with forthcoming International Maritime Organization (IMO) guidelines. By 1st January 2021, vessel owners and operators must have incorporated measures to manage cyber risk into their existing risk management processes, which have traditionally focused on the physical risks to safe shipping operations.

There are three elements to the risk management services included within Beazley’s product: a self-assessment questionnaire; a cyber security workshop; and an on-board cyber survey.

The product has been launched at a time when operational technology has become more digitalised. New challenges have also arisen out of greater interconnectivity between shore-based and on-board systems, including those responsible for navigation, propulsion and power control. A breach of an operating system on board a vessel could, for example, lead to a grounding or collision.

The cover, which focuses on the operational technology of vessels, complements Beazley’s other marine products and existing cyber cover for information technology systems. It can be bought on a standalone basis or as part of a package.

Richard Young, Beazley’s head of hull and war, said: “Ship owners and operators are dealing with the increased threat of cyber-attack as well as the impact of human error and increasingly interlinked vessel operating technology and IT systems. Our preparation services reduce the risk of an incident occurring and the indemnity provides owners with clear cover and limits. Should the worst happen and a cyber incident impacts the smooth running of vessels, clients can be confident they are protected with affirmative cyber cover.”


cybersecurity-1200x675.jpg

Overview

BIMCO’s Documentary Committee has agreed a new standard Cyber Security Clause that requires the parties to implement cyber security procedures and systems, to help reduce the risk of an incident and mitigate the consequences should a security breach occur.

In the wake of recent costly cyber security incidents involving large shipping companies, cyber security has become a major focus in the maritime industry.

BIMCO has taken a lead position on cyber security issues through its active role at the International Maritime Organization and by co-authoring the “Industry Guidelines on cyber security onboard ships”. The development of the BIMCO Cyber Security Clause has been an important part of this initiative.

The clause has been written by a small drafting team, led by Inga Frøysa of Klaveness, with representatives from shipowners, P&I clubs and a law firm, and will be published towards the end of May.

“I am very pleased to see BIMCO as the first mover on this important topic. Recent years have shown that there is a clear need for a clause addressing the contractual issues that can arise from a cyber security incident,” says Inga Frøysa.

Sharing relevant information

The clause is drafted in broad and generic language which allows for it to be used in a wide range of contracts and in a string of contracts for easy back-to-back application. It is hoped that the clause will assist parties in obtaining affordable insurance for their cyber security exposure, as the clause introduces a cap on the liability for breaches.

“It was very important to the subcommittee to impose an obligation on the parties to keep each other informed if a cyber security incident should occur, and to share any relevant information, which could assist the other party in mitigating and resolving an incident as quickly as possible,” Frøysa says.

This is done through a two-fold notification process. Firstly, through an immediate notification from the party who becomes aware of an incident to the other party. Secondly, through a more detailed notification once the affected party has had the chance to investigate the incident.

The clause also requires the parties to always share subsequent information, which could assist the other party in mitigating or preventing any effects from the incident.

The level of required cyber security will depend on many elements such as the size of the company, its geographical location and nature of business.

The clause takes this into account by stipulating that the parties must implement “appropriate” cyber security. The clause also requires each party to use reasonable endeavors to ensure that any third-party providing services on its behalf in connection with the contract, has appropriate cyber security.

SOURCE BIMCO


2017-06-30_11h48_28-1.png

Maritime cyber risk management: boiling the ocean or storm in a tea cup?

 

Is the shipping industry’s most valuable commodity also its biggest risk?

As one of the world’s oldest industries, the shipping industry has capitalised on its capability to move assets around the world for thousands of years. Whether for trade, military or tourism, there are more than 50,000 ships world-wide that currently navigate our waters and facilitate both thriving economies and promote nation state security.

Know your risks and implement security measures

Our recent maritime report has explored the cyber security challenges that the maritime industry is facing now and will likely face in the future. With the increasing trend of attackers turning their attention to ships and shipping operations, more needs to be done to identify cyber risks at sea and mitigate them – a method to begin this process is to perform a risk assessment. Traditionally, a business might perform a risk-assessment periodically, say on a yearly basis, to identify what security risks need addressing, and follow this with implementing the right measures to protect against these risks occurring.

But what happens when your risk profile is constantly changing? All variables such as a ship’s cargo, employees and geography can change drastically within 24 hours as a ship makes its journey across the world and participates in trading. The main inputs to assessing risk are therefore constantly changing, significantly more than your standard business who needs to implement cyber security measures – so how is it feasible to have confidence that ships are implementing the right security in such a unique situation?

What are the key changing risk factors?

We have identified the main factors impacting cyber security that are associated with the constant movement of trade ships as follows:

  • Route: A ship relies on multiple navigation technologies to get it safely from point A to point B without damaging it, its cargo or risking life onboard. But what if malware could ever so slightly change measurements over time, à la Stuxnet. This would have little impact in the Pacific; but in the Panama Strait it would be catastrophic and the perfect attack for criminals to launch in order to then loot a ship.
  • Cargo: A ship will be carrying multiple cargos of different market value during its route and over time. These cargos may also have different value to different territories and groups.  Cargo systems can be compromised providing intelligence to criminals who can subsequently target specific cargo ships and resell on the black market. For example, pharmaceuticals would be an attractive target due their high value on the black market.
  • Piracy: There are certain areas of the world which may be at higher risk of attack from piracy, such as the seas that border Eastern Africa. Not only could the cargo training systems be tracked to identify when ships are carrying precious cargo like gold; we understand that pirates could also manipulate systems and spoof the position of ships in distress. This would result in a longer period of time for them to carry out their physical attacks.
  • Ports and business operations: Shipping staff may engage with multiple ports and succumb to various operational processes each time, notably payment and administration regarding docking. Threat groups have been known to track ships and spoof emails to shipping companies to request payment for their upcoming or previous docking. This has resulted in ships losing money as they have been unable to distinguish what is the legitimate process for these payments – made harder when a ship uses many ports over a short period of time.

READ FULL ARTICLE


2018-03-09_14h38_45.png

Maritime Cybersecurity Operations Center opens in Singapore

The Maritime and Port Authority of Singapore (MPA) has opened a new Maritime Cybersecurity Operations Centre (MSOC), to provide early detection, monitoring, analysis and response to potential cyber-attacks on the port state’s critical maritime information infrastructure.

The MSOC will be operated by ST Engineering at its Singapore Hub, and will conduct 24/7 monitoring and correlate data activities across all maritime Critical Information Infrastructure (CII) systems.

MPA says that the facility will have the capability to detect and monitor cyber-attacks by analysing activities in the IT environment, recognise anomalies and threats, and then initiate a response using a range of technology systems.

Key data linkages will also be established between MSOC and Singapore’s Port Operations Control Centre, in order to respond to cyber incidents in a more collaborative manner.

“Cyber threats come in many forms and have been rising steadily across the globe. As the world’s busiest transhipment hub, it is important that we safeguard our maritime and port critical infrastructure to prevent a major disruption to port operations and delivery of services,” said Niam Chiang Meng, Chairman of the Maritime and Port Authority of Singapore (MPA).

In addition to setting up MSOC, MPA has also introduced other initiatives to strengthen the cybersecurity readiness of the maritime sector, having collaborated with the Singapore Shipping Association and Singapore Polytechnic to develop a new Maritime Cybersecurity (Intermediate) Training Course for maritime personnel.

The one-day course, to be rolled out in first half of next year, will be built upon an existing basic course to allow participants to further expand their knowledge of cyber risk management and counter-measures from a practitioner’s perspective.

Other new cyber initiatives include a Maritime Cybersecurity Research programme that has been created as a collaborative effort between MPA, the Singapore Maritime Institute and other local institutes of higher learning, which will focus on the protection of shipboard systems from cyber threats, and an expansion of the existing Port Authorities Roundtable initiative to encourage greater sharing of intelligence relating to maritime cybersecurity.

SOURCE FULL ARTICLE


cyber-1654709-696x392.jpg

Maritime Cyber Security The maritime sector is being targeted by highly motivated cyber criminals, and the shipping industry should be on the highest alert for a cyber-attack, warned Naval Dome CEO Itai Sela.

Speaking at the Singapore Maritime Technology Conference (SMTC) 2019, organized by the Maritime and Port Authority of Singapore, Sela said: “Somebody, somewhere is targeting the maritime sector. The shipping industry should be on Red Alert.”

Sela’s warning follows widespread concern that the maritime industry remains vulnerable and is not doing enough to protect itself.

During a round table discussion in which several companies informed the Greek shipping community of the importance of cyber security, one analyst said that while the industry is “concerned about the cyber risk it struggles to understand where and how best to manage it.”

U.S. congressman John Garamendi made a similar comment during a Brookings Institution debate on securing U.S. maritime commerce. “Congress is aware of the cyber risks,” he said, “but not adequately engaged nor adequately addressing the problem.”

“The maritime industry is just not prepared,” Sela told SMTC delegates. “Shipping is a $4 trillion global industry responsible for transporting 80 percent of the world’s energy, commodities and goods, so any activity that disrupts global trade will have far reaching consequences.

“It is easy to understand why shipping is now in the cross-hair of the cyber-criminal or activist. But the maritime industry still believes it is enough to have a Level 1 solution to protect against a Level 4 threat.”

Referring to the global certification standard IEC 62443, which has been adopted by several certification bodies, Sela explained the four levels of security used for safeguarding against a cyber-attack.

“A Level 4 attack is extremely sophisticated and intended to cause the most amount of disruption for either political, social or financial gain. It is the Level 4 type attack criminals are using to penetrate the shipping industry,” Sela said, referring to an incident in which the navigational equipment aboard a fleet of 15 tankers was simultaneously hacked.

The easiest way for hackers to penetrate ship systems is to attack systems at the ship manager or original equipment manufacturer’s (OEM) head office, said Sela. “All a hacker has to do is infiltrate these systems and wait until some someone sends an infected email to someone onboard ship – the attack is delivered. It spreads. It’s autonomous.”

Sela said: “For a few thousand dollars sophisticated ‘viruses’ can be easily bought on the dark web, so it is quite easy to implement a Level 4 attack now. Level 4 cyber protection result in a system or equipment that even those with enough time, money and motivation will be unable to penetrate. Every shipboard PC-based system has to be protected individually.”

The current regulations consider improving interactions between the operator and machine as the optimum way of combating maritime cyber crime. However, Naval Dome believes the best solution is based on technology that removes the human element altogether.

In his presentation to the Singapore maritime community, Sela suggested that a ship can be used as a very effective weapon to “create chaos and destruction” at the port.

“A ship whose systems are under the control of the cyber-criminal could result in pollution, cause collisions or groundings or be used as an incendiary device. The result could be catastrophic if a vessel is not secured to the highest level. Over the last three years we have developed a type-approved Level 4 solution certified to prevent shipboard systems from being hacked.”

Sela said a country like Singapore must have the ability to monitor all the ships that enter its waters in order to verify whether its infected or cyber clean. “I strongly recommend that all Port Authorities have the ability to control the cyber threat that each and every vessel entering their waters brings with them. This will protect assets and avoid potential disaster,” he said.

SOURCE FULL ARTICLE LINK