– We follow a structured process to ensure thorough assessment and enhancement of cybersecurity measures:

  1. Questionnaire Completion
  2. Discussion of Penetration Testing Methods (Black Box, Grey Box, White Box)
  3. Test Execution by Our Expert Engineers
  4. Delivery of Detailed Report with Findings
  5. Assistance with Mitigation Strategies

– Before beginning the penetration testing process, we’ll ask you to complete a comprehensive questionnaire.

– This questionnaire helps us gather essential information about your vessels, networks, and existing security measures.

Once we receive the completed questionnaire, we’ll schedule a web meeting discussion to talk about the penetration testing methods.

– Our team of experienced engineers will then proceed with the penetration testing.

– They will simulate real-world cyber-attacks to identify vulnerabilities and weaknesses in your cybersecurity defenses.

After completing the testing phase, we’ll compile all findings into a detailed report.

– This report will provide insights into identified vulnerabilities, potential risks, and recommended actions for mitigation.

– We understand that addressing cybersecurity vulnerabilities is crucial for safeguarding your vessels and assets.

– Our team will assist you in implementing effective mitigation strategies to address the findings identified in the report.

– Additionally, we can provide guidance on best practices and security measures to prevent future cyber threats.

Please get in contact with us TODAY for discuss a possibly co-operation !



Maritime security is increasingly becoming impossible to achieve without ensuring cyber security, and the ability of states to protect their maritime assets and critical infrastructure against cyber attacks.

This was one of the conclusions from a recent workshop on developing a maritime security strategy for South Africa. The workshop was organised by Stellenbosch University, the Institute for Security Studies Africa, and United Nations Office on Drugs and Crime (UNODC).


Denys Reva, maritime researcher at the Institute for Security Studies Pretoria, highlighted the fact that 80% of South Africa’s trade is seaborne, and for all intents and purposes, South Africa can be seen as an island. “We are dependent on well-functioning maritime infrastructure, which needs to be protected, including from cyber threats,” he said.

The maritime sector is becoming increasingly vulnerable to cyber threats, as it digitalises. For example, ships are using Electronic Chart Display and Information System (ECDIS), GPS and remote engine and cargo control systems, while ports are going paperless, becoming automated and removing humans from the equation.


The container terminal at China’s Qingdao Port is fully automated, while South Korea’s Busan Port is using blockchain for logistics innovation, for example.

While only 53 of the world’s container terminals are automated (4%), the maritime sector is going digital and is on an upward trend in this regard. “What if someone tries to disrupt the technology, purposefully or accidentally?” Reva asked, as new cyber security risks and vulnerabilities are exposed.

In Africa, a cyber attack was only a matter of time, he said, citing the 2021 attack on Transnet, which disrupted not only local but regional trade. “It’s inevitable another attack will take place,” Reva believes.

Featured Image

“In 2020 alone there was an alleged 400% increase in incidents targeting the maritime sector around the world. We don’t know the real scope of the problem. Some cyber security reports suggest hundreds of thousands or millions of attacks.”

One of the largest cyber attacks to affect the maritime sector was the June 2017 NotPetya cyber attack. NotPetya was developed as a disk-wiping cyber weapon, disguised as ransomware, by the Russian military to destabilise Ukraine, but thousands of companies around the world were also hit.

It took Maersk more than 90 days to recover from the attack, which cost an estimated $350 million in damages. Maersk still being sued by some companies.

“We will all be victims of a cyber attack at some point,” Reva cautioned, and cited other examples, including the port of San Diego going offline for several days in 2018 due to a ransomware attack, and Israel’s disruptive cyber attack on Iran’s Shahid Rajaee port terminal in May 2020.

Cyber offers new opportunities for bad actors, Reva said, but Africa is in a privileged position as it is a lesser target at present and can learn from the experiences of other countries, but time is running out for this.

Source: https://www.eblueeconomy.com/cyber-security-becoming-integral-to-maritime-security/


CREWEXPRESS STCW REST HOURS SOFTWARE - Paris and Tokyo MoU have announced that they will jointly launch a new Concentrated Inspection Campaign (CIC) on Standards of Training, Certification and Watchkeeping for Seafarers (STCW) from 1st September 2022 to 30th November 2022

A revolution is now happening in maritime domain awareness that will have a profound impact on maritime security in the Indo-Pacific. The Quad’s Indo-Pacific Partnership for Maritime Domain Awareness, announced at the leaders’ summit in Tokyo in May, will combine new satellite-based technologies with existing systems to help identify illicit maritime actors. This and similar initiatives will be provide a significant boost to the ability of many Indo-Pacific countries, especially small island states, to govern their waters.

Maritime domain awareness involves gaining situational awareness of the maritime environment, especially through an understanding of the position and intention of actors in a given maritime space. It is fundamental to understanding what’s out there, what it’s doing and what should be done about it.

But achieving maritime domain awareness involves overcoming major challenges in combining data from multiple sources into a single common operating picture that can be analysed and acted on.

Over the past couple of decades, technological advances have allowed data from multiples sources such as coastal radars, ships, aircraft and satellites to be pooled and analysed on a single platform, in close to real time. This often involves sophisticated and expensive sensors and computing technology, making it accessible only to large or wealthy countries. The necessary resources and technologies are often out of reach for many countries, effectively leaving much of our oceans as ungoverned spaces for illicit or other bad actors.

Recent years have also brought a proliferation of regional information fusion centres that pool data and analysis at a regional level. This can make considerable sense for many countries, but it can also come with its own sensitivities, including for smaller countries that aspire to exercise sovereignty over their own maritime jurisdictions.

Regional maritime law enforcement agencies can also directly access several web-based information platforms. The SeaVision system, for example, provided by the US Department of Transport, is used in more than 100 countries.

All of these system rely heavily on automatic identification systems, or AISs, which are transmitters required to be installed on most commercial vessels. That’s good for keeping track of legitimate or ‘white’ shipping, but is less useful in identifying vessels engaged in illicit activities. Illegal fishers, drug smugglers and other bad actors can go ‘dark’ by switching off or hacking their AIS systems so they can’t be tracked.

This big gap in maritime governance is being plugged. Under the Quad’s initiative, an enhanced version of the SeaVision platform will be offered to Indo-Pacific partners, allowing them to identify and track dark shipping. This includes radio frequency data from the commercial Hawkeye 360 satellite system that picks up electronic emissions (such as radar, radio and satellite phone signals) from vessels under its path. The SeaVision system compares that data with AIS data to identify vessels that have switched off or spoofed their AIS systems. Dark shipping can then be targeted for further investigation using other data sources.

Other satellite-based data is being progressively added to SeaVision to help identify the types and activities of dark vessels. This includes electro-optical imagery or synthetic aperture radar data, which can be used to build a 3-D picture of targeted vessels—helping authorities identify, say, a drug smuggling dhow or a mothership. Data from the Visible Infrared Imaging Radiometer Suite, a scanning radar that detects reflected light, can help identify illegal fishers, which commonly use bright lights to attract fish at night.

Some data, particularly from commercial sources, is expensive, but prices will likely fall as providers and users proliferate. Time lags in the acquisition and dissemination of satellite-based data (which may be 12 hours or more) will also likely be reduced to give end users a closer to real-time picture.

The US Coast Guard is offering an enhanced SeaVision product to five Southeast Asian partners in the first phase of the Quad initiative, although the cost of commercially sourced satellite data currently constrains the broader rollout of the system.

Competing platforms are offered across the Indo-Pacific by other players, including the EU’s IORIS system, the UK’s SOLARTA system and the not-for-profit Skylight system. These tools can provide specific options or features. For example, the IORIS system allows users to share data bilaterally with others rather than through a common platform. The Skylight system focuses on using artificial intelligence to analyse vessel behaviour such as ‘dark rendezvous events’.

Together, these enhanced web-based systems will be a game changer for many Indo-Pacific island states and others that struggle to police huge maritime jurisdictions with few resources. Giving them direct access to satellite-based data with AI analysis effectively democratises maritime domain awareness for many users, reducing their information reliance on large countries or regional fusion centres.

While information is a fundamental requirement in the maritime domain, national enforcement agencies will also require the ability to take action against illicit actors, whether by interdicting them at sea or by conducting close surveillance that allows vessels to be specifically identified for others to interdict, prosecute or make their activities public.

The Quad initiative, once fully rolled out, will be a major tangible demonstration of the value of the Quad in providing public goods for the Indo-Pacific—in stark contrast to China’s lack of interest in helping others to police their waters.

But information by itself is not enough. It must be complemented with cost-effective capabilities such as vessels and drones that allow smaller Indo-Pacific states to take action against illicit or nefarious actors in the maritime domain. This should include expanding Australia’s successful Pacific maritime security program to additional users and platforms.

Source: https://www.aspistrategist.org.au/new-satellite-based-technologies-a-game-changer-for-indo-pacific-maritime-security/

US Coast Guard will be examining the Hapag Lloyd vessel ROTTERDAM EXPRESS in relation to the pipeline that was severed off near the coast of Southern California. It is being speculated that a ship’s anchor might have damaged the pipeline that led to 3,000 barrels of crude flowing into the sea near Huntington Beach, south of Los Angeles on Sunday.

The speculations are fueled by the US Coast Guard’s initial investigation which revealed that a section of the pipeline was laterally displaced from its place by more than 30m. Hapag-Lloyd owned vessel, ROTTERDAM EXPRESS had anchored approximately 500m away from the pipeline when the oil spill was first detected, and later the vessel left for Oakland.

A Hapag-Lloyd spokesperson explained that as per the direction of San Pedro Traffic, ROTTERDAM EXPRESS had anchored at SF-3 anchorage on 21 September 2021. The vessel had dropped at the exact directed location and the same was confirmed by San Pedro Traffic.




Pakistan’s Ministry of Maritime Affairs at the annual joint meeting of the China Pakistan Economic Corridor (CPEC), on September 26th, announced major investment plans by the Chinese government for the development of the Karachi Coastal Comprehensive Development Zone, or KCCDZ. The project aims to develop a modern port city in coordination with the Karachi Port Trust.

Unlike previous deals under the CPEC which included monetary loans for development projects, the new agreement involves direct equity investment worth $3.5 billion. The KCCDZ plans to establish various infrastructure facilities on 1500 acres of underutilized land owned by the Karachi Port Trust, to support residential, commercial, and seaport activities.




Israeli shipping company ZIM Integrated Shipping Services has established a new subsidiary, Ship4wd, a digital freight platform offering online solution services similar to Airbnb and Uber.

The new service will cover all aspects of the complex international shipping process, enabling customers without previous experience in cross-border shipping to manage their import and export business.

The Ship4wd platform will also allow users to choose either the most economic or the fastest shipping option, with both sea and air shipping services up to the final destination, including land & rail transport, and associated logistic services.

“Similar to the way other groundbreaking platforms such as Airbnb in tourism and Uber in transportation have transformed their industries, we are aiming to enable everyone to be a self-shipper, by simplifying and streamlining the transfer of goods worldwide down to its essence – a ‘few clicks’ shipping solution,” Assaf Tiran, ZIM VP Global Customer Service also heading Digital Innovation, added.


ZIM: Like Airbnb and Uber, everyone can be a self-shipper in shipping

Korean shipyard Samsung Heavy Industries (SHI) has ordered the tank design for four new LNG carriers from the French LNG containment specialist GTT.

Samsung Heavy orders GTT tank design for 4 new LNGCs
Illustration only; Courtesy of Samsung Heavy Industries

SHI needs these designs of the new LNG carriers that will go to an undisclosed Asian ship-owner.


Samsung Heavy orders GTT tank design for 4 new LNGCs

Norwegian offshore vessel owner Eidesvik Offshore has signed a cooperation agreement with the technology group Wärtsilä to retrofit an offshore supply vessel (OSV) with an ammonia-fuelled combustion engine along with the required safety system and fuel supply.

The conversation project, named Apollo, will be the first of its kind in the world, Eidesvik reported on Friday. The provisional completion target for the project is late 2023.

Jan Fredrik Meling, CEO & President of Eidesvik commented on the use of ammonia to fuel the ship’s engine: “Using ammonia as a fuel is seen as a key future contributor to shipping’s energy transition, and we’re excited to be the first offshore shipowner taking this step.”


Eidesvik and Wärtsilä bringing to life world’s first ammonia conversion project

In a first between a maritime union and an autonomous technology company, American Maritime Officers (AMO) has entered into a labor agreement with Sea Machines Robotics, a developer of autonomous command and control systems.

As explained, the partnership signals the recognition by both entities that a prosperous future for the maritime sector is built on a firm relationship among workers, technology and business.

In the collaboration, AMO-represented U.S. Coast Guard-licensed officers are supporting Sea Machines’ first-of-its-kind 1,000 NM autonomous voyage around Denmark.

Named The Machine Odyssey, the voyage marks a pivotal moment for autonomous transportation and is slated to prove that the world’s waterways are primed and ready for long-range autonomy.


Maritime union joins Sea Machines’ 1,000 NM autonomous voyage

oil spill california
Oil on the water off Orange County, October 3 (USCG)



The U.S. Coast Guard has considered and reportedly set aside the possibility that the boxship Rotterdam Express was responsible for the San Pedro Bay Pipeline oil spill off Orange County, California. After a port state boarding and an examination of her logbooks, the vessel has been released and allowed to proceed to her next port of call, according to operator Hapag-Lloyd.

On Wednesday, the Associated Press reported that AIS data from MarineTraffic appeared to show the Rotterdam Express passing over the affected area of the pipeline three times. Hapag-Lloyd vigorously denied that the the AIS data reflected the vessel’s true position, and after the Coast Guard boarding, a company spokesman said that the ship was “no longer under investigation.”

The pipeline spilled about 125-145,000 gallons of crude oil into San Pedro Bay over the weekend, and oil has been washing up on Orange County’s beaches and wetlands ever since. About 800 people are involved in cleanup efforts and more than 5,000 gallons of oil have been recovered.

Federal, state and local law enforcement officials have launched a criminal investigation into the spill, centered on pipeline operator Beta Offshore and its parent company Amplify Energy. The inquiry follows revelations that the pipeline’s operator may have waited more than three hours in between the time of the first low-pressure alarm and the time of pipeline shutdown. The first alarm sounded at 0230 on Saturday; shutdown occurred at 0601; and regulators were notified at 0907.

This timeline does not appear to be consistent with previous public statements from Beta’s parent company, Amplify Energy; at a press conference Tuesday, Amplify CEO Martyn Willsher told the OC Register that his firm became aware of the potential leak at about 0800 – more than five hours after the alarm and two hours after his firm had shut down the pipeline.

Amplify is part of the unified command managing the spill response effort, as is customary for a significant marine casualty, but Orange County District Attorney Todd Spitzer has asked the Coast Guard – the lead agency and Federal On Scene Coordinator – to stop appearing in public with Amplify officials and to cut Amplify out of the process of examining the pipeline.

“We don’t let criminals conduct their own investigation into their crimes – why would we allow the owner of the oil pipeline to conduct its own investigation into the oil spill?” Spitzer said in a social media post. “Our beaches and coastline are what draw people from around the world to Orange County and the people responsible for endangering our wildlife and marring our picturesque beaches and shorelines must be held accountable.”

Late Thursday, the U.S. Coast Guard announced that it will treat the spill as a major marine casualty, citing the possible involvement of a vessel and the severity of the resulting economic damages. The decision puts the USCG in the lead of a marine casualty investigation, with support from NTSB, PHMSA, BSEE and California Department of Fish and Wildlife. NTSB is conducting its own parallel inquiry.





VAT:BG 202572176
Rakovski STR.145
Phone ( +359) 24929284
E-mail: sales(at)shipip.com