CyberWorkbook2019-960x540.jpg

BIMCO And ICS Publish New Cyber Security Guide For Crew On Board.

The digitalisation of maritime operations and the reliance on technology and network connectivity for daily onboard and on shore operations means that shipping is vulnerable to the threat of cyber incidents.

To help crew prepare, both on the bridge and in the engine room, the new “Cyber Security Workbook for On Board Ship Use” includes several checklists of how to protect, detect, respond and recover from a cyber incident, and thereby offers a practical and easy to use guide for the master and the officers.

BIMCO is continuously raising awareness to shipowners on issues such as the cyber threat and helps lead the work by issuing industry guidelines to assist companies in formulating their own approaches to cyber risk management onboard. Based on contributions by BIMCO, IMO recently decided to identify cyber risks as specific threats, which companies should try to address to the same extend as any other risk that may affect the safe operation of a ship and protection of the environment. Guidance on these issues can be found in the Guidelines on Cyber Security Onboard Ships.

To protect multimillion-dollar floating assets, cyber risk should be managed as any other risk that may affect the safe operation of a ship and jeopardize the protection of the environment. The new workbook gives an easy introduction to incorporating cyber security into the ship’s management system.

“Cyber security risk management is not just an IT issue. Managing the complex interactions between technology and humans correctly will be key to avoid a cyber incident, and to recover from them, should an incident happen,” says Aron Frank Sørensen, Head of Maritime Technology and Regulation at BIMCO.

“I see the workbook as a valuable tool that will help officers manage cyber risks while carrying out their daily routines on board,” Sørensen says.
Source: BIMCO

 


29674_banner.jpg

Maritime cyber security, threats, trends, and relevant safeguards

Milan – Even more than within other sectors, across the maritime domain’s evolving landscape of real-time connectivity requirements, which provides data in order to optimize maritime operations and customer experience, there are increasing vulnerabilities onboard vessels, potentially leading to ever more disruptive incidents; in what follows, Giuseppe D’Agostino, Associate Cybersecurity & Privacy Partner at PwC, talks about the subject.

Maritime cyber security

Cyber Security is increasingly becoming a topic of great interest across all economic sectors. After all, the statistics speak for themselves: 30% of businesses believe there’s a high probability they could be target of a cyber attack (source: PwC Digital Trust Insights 2018); proceeds from cyber crime, particularly those of drug smuggling operations, are estimated to be close to 3,000 billion dollars (source: Serious & Organized Crime Threat Assessment); around 15% of companies indicated they had uncovered over 50 cyber incidents over the past year (source PwC Digital Trust Insights 2018), marking a trend that’s on the rise.

Figures regarding the consequences of cyber attacks are equally dire. For instance, data breaches at Yahoo in 2016, and at Equifax in 2017, resulted in 320 million dollars being knocked off its sale price, and in a 32% drop in its share value, respectively. Danish shipping and logistics giant Maersk fared not much better, following an attack employing NotPetya ransomware. It’s estimated that the significant impact on business that followed that incident translated to around $300 million in lost revenue. Analysis of concrete incidents such as these sheds some understanding on the potential economic aspects of a cyber attack, and indeed quantifies them.

The introduction of new technologies has opened new vulnerabilities for enterprises, which, therefore, require innovative approaches to cyber security. An overview of the global picture shows that by 2020 some 50 billion devices will be interconnected (Internet of Things), a trend that is reflected across the maritime domain, with exponential growth expected in the use of wearable devices and integrated sensors; 100% of new cars will, moreover, be connected by 2022; similarly the piece of news that stands out in the maritime sector has to be the upcoming launch of the world’s first autonomous ship, the Yara Birkeland.

Cyber criminals will try to exploit the vulnerabilities that new technologies inevitably carry, and companies are starting to plan for new control regimes as these new developments are rolled out. An analysis of this data clearly shows an increase in vulnerabilities and threats regarding Cyber Security, which results in a need to develop and implement a holistic approach to cyber security incidents, by acting on three separate levels: prevention, identification, and response.

In terms of prevention, for example, it is essential to integrate the principles of security and privacy within evolving business models, such as developing new services and systems (security by-design and by-default). Many studies have shown how the costs for the mitigation of a vulnerability grow exponentially as time elapses; solving a security bug in the development phase, for example, is clearly much easier and cheaper than working on a system in full operation. Another aspect related to the prevention of security incidents concerns external suppliers.

Maritime cyber security

The services provided by companies are becoming increasingly integrated within complex and geographically dispersed value chains, in which relations and data exchanges with third parties assume a predominant role. A company’s security, therefore, hinges on the security of the entire value chain. In addition, less structured suppliers increasingly constitute an entry point for attackers, making no company, however mature, immune from an attack.

No matter how effective the countermeasures implemented may be, it’s essential to be able to detect attacks in a timely manner. An example of how companies are addressing this need is in the setting up of ad hoc structures to perform monitoring and alerting; these structures are usually termed Security Operation Center (SOC) and are responsible for the collection, correlation and analysis of data in order to generate alerts and detect possible security breaches.

The GDPR, particularly the measures concerning data breach (which oblige violations of personal data to be reported within very short times), gives even greater emphasis to the importance of effective monitoring. The response to incidents, that is the containment and restoration of the components impacted, is crucial for damage containment. It is important to make use of adequate professional skills that can contain the incident quickly, ensure the collection of exhaustive data that can stand up in court, and understand the root cause as soon as possible, to ensure that it will not happen again in the future (lesson learned).

Figures show that in this context there are considerable possibilities for improvement, given that it’s estimated that, on average, it takes 197 days time to identify a data breach, and 69 days to contain it (source: 2018 IBM – Cost of a Data Breach Study). The growth in threats and attacks has made cyber threats one of the top 5 priorities for CEOs. In fact, firms often feel unprepared, and 57% of firms in Italy consider action in the field of Cyber Security & Data Protection a priority (source PwC Digital Trust Insights 2018).

In conclusion, the following 5 basic steps should form the basis of a strategic security program: 1. Ensure that Cyber Security strategy is aligned with business objectives and is adequately supported by the company management. 2. Identify the most critical data resources, and prioritize investments through risk analysis to anticipate threats. 3. Be aware of threats (Intelligence), their motivations, resources and methods of attack, to reduce the time between detection and response to an incident 4. Evaluate Cyber Security of third parties and partners across the value chain, ensuring compliance with security policies and procedures 5. Provide training for employees and collaborate with others to raise awareness of Cyber Security threats and response techniques. Increasing knowledge and understanding of the threats and actions to be taken will allow companies and enterprises to improve their resilience. The ability to respond effectively to these challenges will increasingly be a key distinguishing factor in the future, which will reward companies able to provide reliable cyber-ready services on the market, thus turning measures aimed at avoiding risks into true business opportunities.

Maritime cyber security, threats, trends, and relevant safeguards

SOURCE : THEMEDI TELEGRAPH


CyberSecurityShip2-1200x801.jpg

Maritime Cyber security

The University of Plymouth has created a cyber security research lab that focuses on challenges faced by the shipping industry.

The £3 million ‘Cyber-SHIP‘ lab will complement the university’s existing maritime facilities which includes a simulator dedicated to training professional sailors.

The lab is a transformational step towards developing a national centre for research into maritime cyber security, according to Professor Kevin Jones, the executive dean for science and engineering and principal investigator for the project.

Jones believes that the lab will support a range of research and training that cannot be achieved with simulators alone. These will also facilitate the development and delivery of new maritime cyber provision for graduates, postgraduates, and industry.

“Cyber attacks are a Tier1 National UK threat. But, although the maritime sector is advancing technologically, it is not well protected against cyber or cyber-physical attacks and accidents,” he said.

“Worth trillions, it has an unmatched reach across international waters, which exposes people and goods to a diverse range of factors, putting the shipping industry at high risk. As such, this facility has never been more timely.”

The lab has been developed in partnership with shipping equipment manufacturers, port operators, shipbuilders, classification agencies, and insurance companies. Some of the areas it will look at include the cyber risk of autonomous ships, maritime cyber risk assessment, and the scope and impact of evolving tech on international shipping.

The project, which has been funded by Research England will last for three years with the hope that it will be self-sustaining by then. It aims to bring together a host of connected maritime systems currently found on an actual ship’s bridge. Cyber security experts will then assess these systems for vulnerabilities and identify the technology and skillsets needed to make them more secure.

The lab will feature cutting edge maritime technology including radar equipment, a voyage data recorder, an electronic chart display and information system, an automatic identification system, and communications devices.

 

SOURCE ITPRO


SEAFARER.png

Loneliness of Seafarers !

Researchers call for better provision to prevent mental health issues for those working at sea

Long working hours, isolation and extended periods away from home put seafarers at risk of poor mental health, new research by Cardiff University finds.

The study, funded by the Institution of Occupational Safety and Health (IOSH), urges cargo shipping companies to provide greater support for workers to help prevent conditions such as anxiety and depression. This includes the provision of on-board amenities such as internet access, improved accommodation and recreational activities.

More than 1,500 seafarers completed a questionnaire on their experiences for the research, while face-to-face interviews were conducted with a small group of seafarers, employers, maritime charities and other stakeholders. Lack of internet access, long periods away from friends and family, poor accommodation and food were among the leading causes of concern for those working at sea.

Professor Helen Sampson, who led the study, says there is evidence that recent-onset psychological disorders are increasing among serving seafarers, yet more than half (55%) of employers said they had not introduced any policies or practices to address mental health for a decade.

When questioned in an interview about suffering from mental ill-health, one seafarer said: “Between pressure, workload, no days off and you are a gazillion miles away from home with limited communication, what do you think is going to happen?” Another said: “Three months on land is nothing. You can’t see your kids grow up, you can’t see anything. You are just like an uncle coming and going.”

Professor Sampson, Director of Cardiff University’s Seafarers International Research Centre, based in the School of Social Sciences, said: “It is all too easy for seafarers working out on the deep ocean to be invisible to those ashore. Their remoteness allows for abuse to go undetected. Sometimes seafarers are subjected to bullying and harassment by superiors and colleagues on board.  However many employers also mistreat seafarers by failing to provide decent and humane living conditions which promote good mental wellbeing. This research, funded by the Institution of Occupational Safety and Health, reveals that seafarers working on cargo ships experience very little happiness on board and suffer the consequences of social isolation, stressful working conditions, fatigue, and monotonous institutional environments. It is time such issues were properly addressed.”

The report concludes that the provision of free internet access would make the most significant contribution to improving the mental health and wellbeing of those working onboard ships. Other areas for focus include better terms and conditions of work, relationships with colleagues on board, accommodation and recreation.

Duncan Spencer, Head of Advice and Practice at IOSH, said: “Lone workers or those working in small crews in remote areas often work without close interaction with other employees or family members. They face a unique set of challenges and are particularly vulnerable when it comes to their mental health.

“Organisations employing remote workers need to shift their approach to follow similar standards that are being implemented in other industries. Poor leadership and culture in the organisation, excessive pressure, bullying and harassment are factors that have the potential to negatively impact on workers’ mental health and wellbeing. It is crucial that these are seriously considered and given a proportionate approach.”

Specific recommendations from the researchers include:

  • At least one activity on-board, such as basketball, squash or swimming;
  • At least four activities from table tennis, darts, barbecues, karaoke, bingo, and card and board games;
  • A gym with at least three pieces of equipment;
  • At least two facilities from a sauna, a book and DVD library, satellite TV with cabins and a library of interactive video games;
  • Comfortable mattresses and furnishings within cabins;
  • Shore leave at every opportunity for all ranks;
  • Varied, good quality food.

In addition, organisations are urged to provide self-help guidance on improving mental resilience, provide contracts that balance work and leave time, introduce and enforce anti-bullying and harassment policies, train officers on creating a positive on-board atmosphere and set up confidential counselling services.

(Source: www.iosh.com/seafarerswellbeing)


Wana_Decrypt0r_screenshot.png

On 12  May 2017 cyber-security hit public consciousness in a big way when Wannacry ransomware brought down the NHS as the worm-driven malware spread around the globe hitting hundreds of thousands of computers.

Then security researcher Malwaretech, AKA Marcus Hutchins, registered a domain that acted as a kill switch, making him a hero. SC Media UK was happy to give him an award for his achievement, and later when his exploits brought him to the attention of law enforcement and he was arrested in the US for teenage black-hat hacking, creating code that was used in banking malware, SC suggested that he’d done enough to deserve a pardon. Ultimately the judge in his court case took a similar view.

The story is now told in a highly watchable documentary, WANNACRY: THE MARCUS HUTCHINS STORY, on Unlocked,  the online magazine for digital culture created by Kaspersky and available on YouTube.  Well worth viewing.


scrubber.png

s&P Global Platts has started publishing time charter equivalent assessments based on 0.5% sulphur bunker fuel for scrubber and non-scrubber dry bulk carriers from November 1, this year, exactly two months ahead of the International Maritime Organization sulphur cap regulations

 

The new TCE assessments are calculated using daily 0.5% delivered bunker prices published by Platts. The vessel speed and consumption used in these TCE calculations were derived by extensive market survey and reflect market practice for vessels using low sulphur fuel.

The scrubber indices reflect the average of the difference between the TCE returns for scrubber-fitted and non-scrubber ships for respective routes under each vessel class.

Last month S&P Global Platts launched a capesize earnings index. The CapeT4 Index reflects ton-mile demand on four time charter equivalent (TCE) assessments.


AdobeStock_69734198-1280x720-1200x675.jpeg

The new IMO global sulphur cap requirements enter force on 1st January 2020 and a robust and consistent approach to compliance is expected by all Port State Control (PSC) regimes. PSC inspections will be carried out in accordance with the IMO PSC procedures, the 2019 guidelines for PSC under MARPOL Annex VI.

In order to establish whether a ship is in compliance, PSC inspectors will likely focus their attention on documents and procedures maintained on board. In certain jurisdictions PSC inspectors will carry portable sulphur testing kits and if the results of these tests are inconclusive or indicate potential non-compliance then additional sampling will take place for verification ashore.

It is important therefore that ships’ crews are aware and familiar with the new regulations, associated documentation and procedures and are able to confidently demonstrate this knowledge to a PSC inspector.

Bunker Delivery Notes (BDNs) and Fuel Sampling

Details of fuel delivered on board for combustion purposes should be recorded by means of a BDN. The BDN should be accompanied by a Representative Sample of the fuel delivered – the MARPOL Sample. Most ships will also take commercial samples in the normal way. The Representative Sample is to be sealed and signed by the supplier’s representative and the Master (or senior officer in charge of the bunker operation) on completion of bunker delivery and retained on board until the fuel has been substantially consumed, but in any case for a period of not less than twelve months from the time of delivery. BDNs and associated samples should be easily identifiable and filed properly on board. BDNs should be retained on board for at least three years after the fuel has been received on board.

There are two locations where fuel sampling might be required by PSC: (1) downstream of the fuel oil service tank and (2) the storage tanks, “in use” and “on-board” respectively. In accordance with ISO 4259-2: 2017, and allowing for a 95% confidence limit, the maximum amount of sulphur allowed in these samples is 0.11% m/m for ECA fuel and 0.53% m/m for global fuel.

In situations where the Commercial Samples (taken during bunkering) indicate a higher sulphur content than noted on the BDN then the flag administration and PSC at destination need to be notified in writing without delay. Note that the ship will have likely sailed by the time these test results are known. In the event of any further investigation by PSC, the Representative Sample (MARPOL sample) will be used by PSC for further verification procedures and the ship may be ordered to de-bunker the fuel at the next port.

 

SOURCE : MARINE INSIGHT


autonomous-.jpg

The Wind Assisted Ship Propulsion (WASP) project, funded by the Interreg North Sea Europe programme, part of the European Regional Development Fund (ERDF) to the tune of EUR 3.4 million has been officially approved and launched.

The project brings together universities, wind-assist technology providers with ship owners to research, trial and validate the operational performance of a selection of wind propulsion solutions thus enabling wind propulsion technology market penetration and contributing to a greener North Sea transport system through harvesting the regions’ abundant wind potential.

This aligns with the wider programmes’ objective of promoting the development and adoption of products, services and processes to accelerate the greening of the North Sea Region.

“We’re delighted to be able to commence the WASP project and we are thrilled or looking forward to being able to test the wind propulsion systems on different types of vessels, routes and sea conditions throughout the project duration thanks to Interreg’s support and the efforts of all the project partners,” Danitsja van Heusden-van Winden, Netherlands Maritime Technology Foundation and WASP project lead beneficiary, said.

The project shipping partners include Scandlines Gedser-Rostock, Boeckmans Ship Management and Van Dam Shipping along with two additional partners to be added shortly.

Wind propulsion, shipping logistics and innovation experts will be monitoring and evaluating operations and developing pathways and applications to tackle the regulatory and business-related issues that are often major barriers to the uptake of new technologies.

“The transition to decarbonised shipping is the greatest maritime challenge of our time and demand for low carbon solutions is growing. Direct wind propulsion along with secondary renewables: wind-sourced ammonia, hydrogen and other fuels and batteries, are all pieces in this decarbonisation puzzle,” according to the Nord University.

The high potential for wind energy in North Sea region and innovative, automated wind propulsion technologies such as rotors sails, suction wings and rigid sails can directly harvest this resource and contribute at a time of rising fuel prices, market instability, emission reduction directives, carbon pricing, a tightening regulatory and policy environment. All are making wind solutions more commercially attractive for the future.

“Wind propulsion solutions are a very important technology segment for the decarbonisation of shipping. The propulsive energy provided is substantial and this is delivered directly to the ship with no need for new infrastructure,” Gavin Allwright, Secretary General of the International Windship Association, added.

“That secures a significant portion of ship owners fuel requirement at zero cost, creating an element of certainty in a volatile and increasingly insecure market in the future.”

These wind propulsion systems can be installed on existing vessels saving 5-20% of fuel and emissions and possibly up to 30% as retrofits or incorporated into optimised new builds with potentially higher savings.

SOURCE WORLD MARITIME NEWS


vide0_fire.jpg

 

Japan’s Mitsui O.S.K. Lines, Ltd. (MOL) has added a new dimension to its virtual reality (VR)-based marine safety education program, allowing trainees to virtually capture the sensations of “falling”, having a “hand being caught between something”, and experiencing “an incinerator explosion incident.”

The new content involves all the trainees’ senses by introducing new equipment that replicates the touching and sensing they would experience during an onboard accident, taking the training to a new level of realism.

ELECTRIC SHOCK

In particular, says MOL “trainees may feel an electric shock (at an extremely low current) administered by the controller, as well as hear and see the situation and feel vibration through the VR goggles. This is intended to connect the training to instinctive learning by recreating the experience of an actual accident.”

The program uses VR goggles and VR technology created by Tsumiki Seisaku Co., Ltd.

With the VR tool, trainees can experience onboard operations, with computer graphic simulations of moving around on the ship, in conjunction with their own movements, allowing them to pinpoint dangerous areas and situation.

If a crew works without recognizing a danger, there is a higher likelihood of an accident or problem, says MOL. The VR-based content enables them to think about issues that require extra care and helps them plan their next moves during onboard operations.

SOURCE MARINELOG


engineer.jpg

India has decided to act on reducing plastic litter pollution and has introduced a ban on the use of single-use plastics onboard calling vessels.

The ban will require some items to be locked away and introduces a new requirement for recording all single-use plastics onboard vessels. The ban applies to all Indian vessels and to foreign flag vessels calling at Indian ports.

The ban will take effect in two stages – the first effective immediately and the second stage on 1 January 2020.

The immediate ban applies to single-use plastic items used as:

  • Cutlery, plates and cups
  • Water and other drinks bottles up to 10 litres
  • Garbage and shopping bags
  • Dispensing containers for cleaning fluids which are less than 10 litres.

Taking effect from 1 January 2020, the following single-use plastics are prohibited:

  • Bags, trays, containers, food packaging film
  • Milk bottles, freezer bags, shampoo bottles, ice cream containers
  • Bottle for water and other drinks, dispensing containers for cleaning fluids, biscuit trays
  • Hot drink cups, insulated food packaging, protective packaging for fragile items
  • Microwave dishes, ice cream tubs, potato chip bags, bottle caps.

The North of England P&I club has advised that enforcement will be done by Port State Control and that affected plastic items must be stored prior entering Indian territorial waters. Vessels calling at Indian ports are required to make a log entry identifying the ‘Single Use Plastic Items’ on board the ship, along with the onboard location of where these items are stored, and the time and ship’s position of when this is done. No single use plastic items are to be discharged to a port reception facility at Indian ports.

PSC inspectors may verify compliance with this regulation as part of a PSC inspection. However, the Directorate General of Shipping (DGS) has stated that no detentions of foreign ships will be enforced. A handwritten deficiency in the printed PSC Form ‘B’ (to be rectified prior departure) may be issued.


Twitter

@AnyawbSales - 6 months

INDIA TO BAN SINGLE USE PLASTIC ON ALL CALLING SHIPS

@AnyawbSales - 1 year

SQEXpress maritime electronic sms forms platform just released

Photo Gallery

https://www.instagram.com/p/BatcssbnSgk/https://www.instagram.com/p/BJzdwtGgh4v/https://www.instagram.com/p/BGO4t61PyVg/https://www.instagram.com/p/BGG80Upvyfs/https://www.instagram.com/p/BGG8nnCvyfX/https://www.instagram.com/p/BGG8XW4vye2/https://www.instagram.com/p/BGG8QKPPyen/