The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.
Cyberespionage and sabotage attacks, and also ransomware attacks against critical infrastructure and government offices will trigger the response of the Dutch authorities, explained Ben Knapen, Dutch Minister of Foreign Affairs.
The Dutch Minister added that the response to severe cyber attacks could be escalated, an attack against a critical response will require the rapid reply of the cyber defense, a response that disregards diplomatic relations between the countries involved.
Knapen highlighted the difficulty of attributing a ransomware operation to a specific threat actor, it explained that it is very complex to demonstrate that a non-state actor carries out the operation on the explicit instruction of or under the control of a state. As a result, the legal attribution of an act of a non-state actor to a state is usually not easy.
“For several years, the threat of ransomware attacks has been increasing around the world. A broad explanation of this threat is included in the Cyber Security Assessment Netherlands (CSBN) 2021, which was shared with the Chamber in June by the Minister of Justice and Security. One of the conclusions of CSAN 2021 is that cybercrime can affect national security if an attack causes massive damage, for example by disrupting vital processes. In a number of cases, cybercriminals enjoy the protection of the state from which they operate or there is cooperation.” Knapen wrote in a letter to the Dutch Parliament. “Due care principle In situations where attribution appears not to be possible in a legal sense, it may be desirable to look into a possible violation of the due care principle in the context of state liability law. The principle of due care means that states are expected to take into account the rights of other states when exercising their sovereignty. States have a duty to act when they have knowledge of the use of their territory in a way that harms the rights of a third state. Failure to comply with this obligation is a violation of an international law obligation.”
There has never been a more important time to listen. “Seek first to understand,” is a lesson I picked up early in my career that has generally proved effective in many situations as a leader, colleague and employee. (Not to mention at home as a partner, father, and friend; it’s a versatile maxim.) Eighteen months into this pandemic, given that the experience and effects of COVID-19 are simultaneously something that is universally shared and individually experienced, it’s more useful than ever to listen before you leap.
I have found the most rewarding moments are when you listen not just as a leader but also as a learner. With so many sources of education available, it’s tempting to gloss over the one right in front of you: your team.
Here are four examples where I recently learned from the people I lead. And remember, it doesn’t have to be a new piece of information to count as learning; the point is to be ready to adapt to something new.
1. Create a safe space
Demonstrate that you can hold a safe space for any kind of conversation. Be emotionally, mentally, and physically present (if you’re on video) to focus on the person in front of you, and what they want to talk about. Someone recently thanked me for creating a safe space after a conversation about a path to promotion, and while my initial response was to reply, “It’s a pleasure and it’s my job,” it made me think that if such a seemingly standard discussion requires a safe space, what about all the conversations currently not being had about more potentially sensitive topics?
It made me think about additional conversations we should be having about mental health, grief, anxiety, uncertainty, being overwhelmed, handling the return to work, among many others. As leaders, we must find ways to build trust and provide opportunities for our teams and colleagues to thrive.
2. Encourage open conversations
One of the ways to encourage more open conversation is to lean in. A usual weekly one-on-one coaching meeting recently opened with “How are you doing?” When I answered “Good!” the question came back, “How are you really doing?” I must have looked tired, maybe it was a Monday, either way it was an excellent question. It caught me off guard, as I was not really “Good,” rather more “Meh,” and we proceeded to have a really honest, open, authentic conversation both about some minor irritants I had experienced that day, and the importance of talking about such things together.
We are undergoing a seismic shift in our professional, social, and family lives. It’s one thing to say that “It’s OK to not be OK.” It’s quite another to model how this should work in practice. It’s OK to say you are not OK. Gently pressing on a topic in a non-confrontational way, perhaps with a time-bound get-out clause, can really open up a valuable discussion. The simple, but powerful, question: “How are you really doing, today?” Might help someone let off a little steam about current events and avert an explosion caused by bigger issues.
3. Get to know your team all over again
It can be hard to calibrate how much social interaction to try and foster as a distributed team all stuck WFH; weekly happy hours in crazy hats seems too much, never seems too distant. It’s impossible to get right, and it’s vital to try.
During a recent team discussion, someone randomly asked a teammate, a former Wall Street trader, about his opinion of our quarterly earnings call. The person asking the question did not know about his finance background, despite having been colleagues for almost two years. Once all the jokes had died down and we had agreed to stage a version of Mad Money on a subsequent team call, it made me think about all the connections that could break unless we protect them, such as small pieces of personal information that would get shared in an office or at a dinner, that help build familiarity (and inform team jokes and rituals).
Leaders need to find time for these group interactions and for one-on-one meetings that are more than just status updates. Another colleague advocates setting up quick introductory Webex meetings with people she meets in peripheral situations through the course of work to get to know them better, with no agenda except networking. Two years ago, I might have dismissed this as a distraction; now I think it’s vital and I do the same.
4. Listen to the most important member of the team: you
Whether you’re the leader, or the loudest person, or the longest-serving team member who everyone goes to for advice; whoever you are, check in with yourself. Make like a parent on a plane who is told to put their own oxygen mask on before attending to their family in case of emergency.
Self-care takes many forms and it’s worth remembering it can be as simple as taking one big meaningful breath. It could be the first breath of the morning, or between meetings to help context shift, or in the middle of a frustrating moment to help avoid being overwhelmed or when you walk out of your door for exercise. Whatever it is, whenever during the day it is, focus on your breath, fill your lungs to bursting, be in the moment, realize that there is always something to be grateful for (even if the only thing you can think of is the breath you are currently experiencing) and shut out the noise. Hold that breath for a moment, then a moment longer and then, as you exhale, let something go. Say goodbye to a worry or a negative thought and turn your mind toward things you’re grateful for.
I am grateful for the team I get to work with every day, and I love learning from them about how we can focus on the present, reflect on our past, and plan for our future.
At Cisco, we are leading a more inclusive future for all. To learn more about our open positions around the world, click here.
Maritime Cyber Security – Naval Dome CEO Itai Sela says that while it is true that the inadvertent downloading of a computer virus from the internet or a memory stick is a serious cyber security issue for shipping companies, the industry should be wary of attributing system breaches to human error.
In agreement with comments made yesterday in Dubai during a Cyber Risk and Data Theft seminar, that cyber security is still considered by shipping companies and terminal operators as an after-thought, Sela does not agree that better cyber awareness, crew training or the implementation of crew guidelines alone will have a lasting positive effect.
“When the cyber-criminal will always need the unwitting assistance of an unsuspecting crew member, technician or employee to activate or spread the virus, irrespective of the level of their cyber training or awareness, it is not enough to put it under the ‘human factor’ umbrella or apportion individual blame when a critical system has been breached.
“A cyber incident happens because systems are not protected, and hackers will continue to develop innovative ways and sophisticated solutions intended to take advantage of any weak spots in human nature. The implication, therefore, is that any cyber awareness training is a waste of time and money.”
The sophisticated methods hackers use is evident by the deployment of a new, previously unknown malware trojan called xHunt, which researchers at Palo Alto Networks’ Unit 42 say is being used to specifically target the shipping industry. It is alleged that xHunt and Hisoka – a backdoor used to facilitate trojan delivery – were successful in infiltrating the networks of two shipping companies operating out of Kuwait.
“The attackers have added some fun capabilities to Hisoka and its associated toolset. The attackers are aware of probable security measures in place at their targets and have attempted to develop ways to get in undetected,” Ryan Olson, Vice President of threat intelligence at Unit 42, told ZDNet.
Given that hackers will always find a way in, Sela believes attributing blame to individuals is pointless. It is also problematic because of the potential legal proceedings envisioned should a virus result in damage to the ship, its systems, personnel or the environment.
Maritime Cyber Security !
“It would be very easy to point the finger at an individual crew member, technician or employee for inadvertently spreading malware or other viruses, but this would not prevent further system breaches. What it will do is create unnecessary friction between employers and employees.”
He adds that limiting crew members’ access to the internet, social media or mobile phone charging facilities will also create problems.
“Prohibiting internet access is not the answer. This is now considered a basic human right and with many seafarers away from loved ones for months at a time, if they are unable to maintain regular contact with those at home, then not only could it adversely affect their well-being but deter others from a maritime career.”
Sela says the maritime sector – shipping companies and port operators – needs to adopt technical solutions to prevent system hacking, rather than simply implementing a culture change.
Recalling incident where a Mobile Offshore Drilling Unit lost control of its Dynamic Positioning system while drilling in the Gulf of Mexico, Sela says the investigation found that various crew members introduced malware when they plugged in their smart phones, and other devices.
“Would this have been considered human error if the DP and associated OT systems were adequately protected and the hack thwarted? I doubt it. If cyber-crime continues to be designated a human factor event, then the industry does not fully grasp the cyber problem.”
Source: Naval Dome
The emerging risk associated with cyber threat requires not only better training for seafarers, but also spreading awareness of best cyber security practices, argued Peter Broadhurst, Senior VP of Safety and Security, Inmarsat Maritime, adding that there is still ‘a long way to go’ when it comes to effective cyber protection.
Whether in pursuit of personal data or money, cyber crime is now a big and highly automated business, ready to strike at the most vulnerable part of an organisation’s defences 24/7, anywhere in the world.
Speaking on a panel at the World Economic Forum earlier this year, A.P. Møller-Maersk Chairman Jim Hagemann Snabe revealed that responding to the NotPetya ransomware attack of June 2017 had required the reinstallation of 4,000 new servers, 45,000 new PCs, and 2,500 applications, all within ten days. During this period, the company reverted to manual systems.
In hitting a company equipped with experienced cyber security specialists, NotPetya showed that the cyber threat is as real for shipping as it is for any other connected business, especially where legacy systems proliferate.
If the warning should be sinking in, an Inmarsat Research Programme report, The Industrial IoT on land and at sea (2018) suggests that maritime minds are slow to change. The unique study drew on testimony from 750 survey respondents across a range of industries to establish preparedness and perceptions regarding the adoption of IoT-based solutions.
The survey found 87% of maritime respondents saying they believed that their cyber security arrangements could be improved. It also saw more of them identifying data storage methods (55%), poor network security (50%) and potential mishandling/misuse of data (44%) as likely to lead to breaches in cybersecurity than outright cyberattack (39%).
Given the self-diagnosis, it is perhaps surprising to find that only 25% of maritime respondents said they were working on new IoT-based security policies.
In fact, Inmarsat’s research exposed ambivalence as one of shipping’s leading feelings towards IoT-based solutions. With some owners engaging at the level of blockchain, others take their lead from their need to comply with regulation: this is an industry which simultaneously sustains just over 30% of shipping respondents as ‘IoT leaders’ and just under 30% as ‘IoT laggards’, the report says. For every owner signed up to the benefits of condition-based monitoring and predictive maintenance based on real-time connectivity, there appears to be another for whom maintenance is something that takes place at regular and predictable intervals, or whenever is most convenient.
Inconsistent views on cyber security also appear free to coexist with immature ones. Around 70% of respondents identify reducing marine insurance premiums as a main driver for IoT uptake, where insurers have shown themselves as especially sensitive to cyber threats. At the same time, other studies have found attitudes such as “I’m not the target /we have security in place, don’t we?/I will be protected by AntiVirus” alive and well among seafarers.
For those prepared to engage in the IoT, ships today sustain crews in small numbers, representing both an opportunity and challenge for automation, and indeed for cyber security. On the one hand, low crew numbers align strongly with operational technology that is remotely updated, self-managing and supported by automated security and from third parties and OEMs, such as voyage planning, weather routing, navigation, fuel management, etc. On the other hand, the opportunities to ‘patch’ embedded operational technologies (OT) safely are not frequent, and patches usually require certification by control system manufacturers.
The broader point, though, is that cyber security is not just about software patching and systems configuration. Ship operators do not buy computer processors, disk storage and software and then build them into a system: they procure turnkey systems. Again, shipboard engineers may well be IT-literate, but no space has been made on the crew roster for cybersecurity specialists.
In these circumstances, the integrity of the systems on ships is best maintained by software which can identify, contain and resolve threats wherever they appear in the network. Such Unified Threat Management (UTM) detects all deviations from the ‘known good’ configuration as anomalies and potential threats to security and can update securely, even during operation. Some specialist functions such as a deep analysis of alerts or security forensics will need to be delivered remotely.
Inmarsat believes that a collaborative approach – that includes shipboard systems, but also the crew operating them and the processes involved – is vital to develop the maturity response demanded by multiple threats from cyber villains, whatever their origin. For this reason, we have been working with some of the best security-focused experts available to tailor products and services to meet shipping’s requirement.
As noted, however, software is only part of the answer: cyber security and vigilance for ‘the human element’ and a well thought-out recovery strategy to mitigate against multiple, automated assaults are also critical. Failures in processes and mistakes by people can present the security loophole that, if unchecked by the UTM, compromise the entire network.
Weaknesses at the first line of defence (to phishing, plugging infected USB in, downloading from untrusted source etc.) are common but, in the case of satellite-connected ships, it is also common to see updates turned off and no AV software in operation. Today, cyber security training is not compulsory for the world’s 1.6 million seafarers, while expertise in antivirus software is inevitably more likely to be based ashore.
As far as awareness is concerned, it is fair to say that there is likely to be more temptation to risk plugging in a memory stick that might be infected once a vessel is under way. Creating awareness for seafarers and staff is a continuous task because good cybersecurity practice is shipping’s first line of defence against ‘attack’.
Inmarsat recently participated in discussions with academics at the World Maritime University in Malmö over what future classroom-based and e-learning cyber security course content might include for Maritime Safety and Security Diploma students.
Inmarsat is not and does not aspire to be a training company, but it is an interested party. As such, we are fully aware that training is not just a tick box exercise and must be backed up with monitoring and reinforcement. We also know that using tools to identify breaches of policies such as USB usage help reinforce the message: constant reminders and real-life examples are often the quickest ways to stop bad practice.
But to address the cyber security risks of the future effectively, we need the involvement of ship designers, builders, regulators, verifiers, equipment manufacturers, service providers and, of course owners and operators. We were therefore one of the founding partners in a Joint Working Group run by the International Association of Classification Societies (IACS) whose members survey and certificate more than 90% of the world’s commercial vessels, ensuring that ships are fit-for-purpose and comply with safety and quality regulations.
Brigadier General Gholam Reza Jalali, head of Passive Defence Organisation of Iran, has said more attention needs to be paid to cyber threats against commercial ports and shipping, insisting that this is a real area of concern.
Iran Press/ Iran news: According to an Iran Press report, in an exclusive interview on Sunday, Brigadier General Jalali said: “Cyber threats which impact our ports and maritime operations are a critical issue which must be discussed, and we must be payed great attention to this issue.”
He added: “Cyber threats can be divided into three categories. The first one is, the probable extension of sanctions to cover the realm of infrastructure and cyberspace. The other one is, penetration and a cyber-attack on our maritime infrastructures. There have been significant joint efforts which have been carried out by the “Passive defence” and “Port and Maritime” Organisations and with decent structures regarding cyber defense and passive defense, we can jointly strengthen our infrastructure against cyber-threats.”
In further remarks, the head of the Passive Defence Organisation of Iran said: “In fact, to deal with this issue, we devised and prepared five guidelines or instructions, which are:
(1) An Emergency Response Project which is currently being implemented.
(2) Emergency security of Cyber Infrastructures.
(3) Protection of our computer systems and immunizing against a cyber-attack, which means security in the long term.
(4) Information Retrieval when a cyber-attack does take place.
(5) Cyber Preparedness and simulating a cyber-attack.”
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
