Source: beaumontbusinessjournal

Global market leader for commercial maritime software Veson Nautical has formally launched VIP Data Lake, the newest module of its innovative cloud solution, the Veson IMOS Platform (VIP).

One of VIP’s optional Data Solutions, Data Lake offers a cloud-native, scalable solution that allows users to interact with and download large amounts of data in a highly efficient manner. The module was first announced at Veson’s ONCOURSE user conference, which took place virtually last month.

Bill McConnell, Product Manager at Veson Nautical, commented:

“In a single day, the maritime shipping industry generates roughly 120 million data points related to contracts, vessel movement, cargo locations, and more. Without a proper solution, organizations are not able to effectively analyze their historical data. The Data Lake solution solves that problem by making data in the VIP operational database available on an ongoing basis, in a format compatible with leading data reporting and analytics tools.”

VIP Data Lake is designed handle vast quantities of data at one time, and is compatible with data warehouse, business intelligence and data analytics solutions. By increasing simplifying full access to historical operational data snapshots, Veson seeks to empower its clients to unlock powerful insights and make better, data-driven decisions.

Ben Thurecht, CTO at Veson Nautical, commented:

“Many of the conversations we have with our client base center around accessing, securing, and integrating data into downstream applications. VIP Data Lake allows clients to gain rapid access to all of the data stored in VIP, refreshed on either a daily or hourly basis. That data can then be downloaded and ingested into downstream systems, such as a custom data warehouse solution or a third party application. This allows our customers to retrieve and work with larger quantities of data easier than ever before, which in turn opens up a world of opportunity for extracting valuable insights and supporting decisions with data”

VIP Data Lake joins 16 other modules on the Veson IMOS Platform as an optional Data Solution in the market-leading end-to-end system. The module is available today.

Source: seawanderer

German container shipping line Hapag-Lloyd on Wednesday reported preliminary results for the first half of 2020 showing core profits above those of the same 2019 period and upholding its guidance for full year earnings.

However, the company said in an ad hoc announcement that the forecast was subject to “high uncertainty” due to risks related to the coronavirus crisis and its impact on the macroeconomy and global shipping.

Hapag Lloyd achieved a 20.3% year-on-year rise in earnings before interest, tax, depreciation and amortization (EBITDA) to 1.15 billion euros ($1.31 billion) and a 28.5% increase in earnings before interest and tax (EBIT) to around 500 million euros in the six months, it said.

Full-year EBITDA should be 1.7 to 2.2 billion euros and EBIT 0.5-1.0 billion euros, it reiterated.

Analysts see a chance that container shipping companies, helped by cost discipline and the resumption of Chinese business activities, can prevent a steep decline in freight rates and benefit from a tentative recovery later in 2020.

Hapag-Lloyd has added several hundred million euros to its 1.1-1.2 billion euro reserve, allowing its operations to continue unhindered for 12 to 18 months should demand problems outside China linger, chief executive Rolf Habben Jansen said in May. Final first half figures will be published on August 14.

Source: maritimeprofessional

ClassNK reports that it has joined the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC), a US-based non-profit formed in February 2020 to promote cybersecurity information sharing throughout the maritime community.

The MTS-ISAC has already produced a number of maritime cybersecurity advisories sourced from member shared information, aiming to share members’ best practices so that critical infrastructure stakeholders can be better protected. ClassNK is the group’s first non-US member, though it expects to add further additional international stakeholders to the community in the future.

The partnership provides ClassNK with additional community-sourced cyber threat intelligence to reinforce its own Cyber Security Guidelines, something the class society has been keen to do in advance of the IMO’s January 1, 2021, deadline for Maritime Cyber Risk Management to be addressed in Safety Management Systems.

In addition, the US Coast Guard will begin inspecting facilities regulated under the Maritime Transportation Security Act of 2002 for cyber risk management efforts for the first time next year, starting with annual inspections occurring on or after October 1, 2021.

“We are excited that ClassNK is bringing a proactive, classification society perspective into the MTS-ISAC community,” said Scott Dickerson, the MTS-ISAC’s Executive Director.

“The MTS community’s resiliency is improved when we can quickly address cyber risks with meaningful cybersecurity controls. ClassNK joining the MTS-ISAC is a perfect example of how community partnerships provide win-win situations while reinforcing to stakeholders how the implementation of guidelines and recommended security controls can reduce their exposure to risks the community is actively seeing.”

“The MTS-ISAC’s Board of Directors understands the importance of cyber risk prevention efforts and are supportive of the inclusion of class societies into our information sharing ecosystem as a key component to building a stronger culture of community cybersecurity.”

Source: smartmaritimenetwork

Ransomware attackers who hacked leading Australian maritime logistics business Toll Group’s corporate server files in May 2020 have published stolen data on the Dark Web, the company has revealed. The hackers used Nefilim ransomware to steal sensistive dat  including Toll employee names, home addresses, age, birthdates, and payroll details including salary, superannuation, and tax file numbers.

While it’s not illegal to visit the Dark Web, it provides access to illegal activities. Web sites that exist on the Dark Web are encrypted most commonly through the Tor encryption tool and most Dark Web users access those sites using the Tor browser.

The Dark Web allows users to remain anonymous through encryption. This is attractive to anyone involved in illegal activity, such as child pornography, sex trafficking, illicit drugs, or counterfeit goods. The hackers who scolded Toll did so easily because of  its lack of security measures. “Toll Group failed to secure their network even after the first attack (in January),” read the post, screen grabbed by Data Breach Today. “We have more than 200 GB of archives of their private data.”

Toll have refused ransom demands by the unknown hackers so far. 

The first attack, which took place in January and has since been attributed to a Russian criminal group, a Toll spokesperson has said there has been a second unrelated attack. The second security breach, which took place in May was in concert with a spate of attacks on other industries in Australia. Australia’s trade and diplomatic relationships with China have worsened over issues regarding the COVID-19 pandemic and as yet unattributed cyber attacks on Australian institutions and businesses.

A recent joint cyber security survey by the international maritime  association BIMCO found the “attack surface” or human element to be a major factor in maritime shipping  industry breaches. 

The survey noted that training in the maritime industry was important to prevent seafarers and dockers opening emails containing malware or inserting infected USB sticks into company computers.

Maritime organisations would stop doing business with a third-party supplier due to a lack of cyber-security protections, according to an industry survey.

More than three-quarters (77%) of respondents to the 2020 Safety at Sea and BIMCO Maritime Cyber Security survey said they would cancel a contract with a third-party supplier over concerns with their cyber-security practices, or if it was found to be the cause of a cyber incident in the respondent’s own organisation. Furthermore, 26% admitted they had previously recommended not doing business with a third-party supplier due to concerns over poor cyber security practices. The survey found 68% reported phishing incidents where email attachments or web links led to breaches. Contractors or third parties were also a liability.

What is susceptible to attack at sea is navigation control and propulsion, automatic identification system (AIS), electronic chart display and information system (ECDIS), or radar. In ports, ships’ cargo handling or container tracking could be compromised.

The International Maritime Organisation has given ship-owners and managers until January 2021 to incorporate cyber risk management into their respective ship management systems.

Toll said it had further strengthened its systems and operations across its global network have resumed as normal.
While maritime companies are expanding their assessments into cyber security weaknesses across their supply chain, many of their measures remain firmly focused on reducing human error.

“Cyber-security training is seen by many as a first line of defence, especially against the most common types of cyber incidents,” said Jakob P. Larsen, Head of Security at BIMCO. “Eighty-eight percent of respondents indicated that their company offers some sort of cyber training, either internally provided (58%) or externally provided (30%).

BIMCO

ABSG Consulting Inc. (ABS Consulting), a subsidiary of ABS focused on safety and risk management, and American Steamship Owners Mutual Protection and Indemnity Association, Inc. (the American Club) have joined forces to provide education, training and insurance guidance that address maritime cyber security.

As digital transformation in the maritime industry brings both opportunities and new challenges, owners and operators are relying more on smart technologies and operational data to drive decisions and run their businesses. Comprehensive cyber security programs are not only necessary to protect operations but are also critical to protect the overall safety of crew and the environment. More frequent cyber attacks, increased digitalization and emerging global regulatory focus are adding to immediate demands to address and reduce cyber risk across the industry’s value chain. Cyber security has become a business imperative and new measures will have an impact on how maritime vessels and facilities will be covered by insurers.

Dr. William Moore, Director of Loss and Prevention at the American P&I Club, says:

“The safety and security of our members is a priority. Having a better understanding of the tools available, the programs that can be implemented and the integration of these in the marine industry will help us provide better services to shipowners and charterers globally. The work we are going to do with ABS Consulting is going to help us identify how to enhance our policies, and the offerings we need to incorporate to improve the coverage and services we offer to our members.”

Ian Bramson, Global Head of Cyber Security of ABS Group, says:

“Collaborating with the American Club to build education programs for their members and industry will give us a better understanding of the real challenges we are collectively facing. This alliance enables us to develop the tools, training and services that support compliance and help ship owners and operators put protections in place to secure their vessels – from the design and construction phases through continuous operation over their service life.”

Source: seawanderer

A teaming with the consulting subsidiary of classification society ABS will help American Club “identify how to enhance our policies, and the offerings we need to incorporate to improve the coverage and services we offer to our members,” said Dr William Moore, director of the club’s Loss Prevention.

“Collaborating with the American Club to build education programs for their members and industry will give us a better understanding of the real challenges we are collectively facing,” commented Ian Bramson, global head of Cyber Security at ABS Group.

Related: US ports and infrastructure providers come together on cyber security

“This alliance enables us to develop the tools, training and services that support compliance and help ship owners and operators put protections in place to secure their vessels – from the design and construction phases through continuous operation over their service life,” he added.

Source: seatrade-maritime

ClassNK has joined the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC). Set up in February this year, MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training and collaboration efforts between private and public sector stakeholders.

ClassNK is the first classification society and the first non-U.S. organization to formally join MTS-ISAC, helping broaden the reach of MTS-ISAC’s efforts to support the maritime community.

The partnership provides ClassNK with actionable insights from community-sourced cyber threat intelligence to reinforce ClassNK’s Cyber Security Guidelines to help prevent cyber incidents from negatively impacting the safety and security of maritime operations.

Both vessel and shoreside cybersecurity efforts will be under increasing scrutiny starting in 2021. IMO has set a January 21, 2021, deadline for Maritime Cyber Risk Management to be addressed in ships’ Safety Management Systems. Meanwhile, the U.S. Coast Guard will be inspecting Maritime Transportation Security Act of 2002 regulated facilities for cyber risk management efforts for the first time starting with annual inspections occurring on or after October 1, 2021.

“We have been working with the International Association of Classification Societies (IACS), maritime stakeholders and cyber security professionals to understand and promote cybersecurity best practices across the maritime transportation system (MTS),” says Hirofumi Takano, Executive Vice President at ClassNK. “By joining the MTS-ISAC, we will have increased visibility to current, real-world examples of cyber threats targeting MTS stakeholders. This provides us an opportunity to reinforce how, and periodically update, ClassNK’s Cyber Security standards to provide our stakeholders with the latest security recommendations to protect their assets from cyber threats. With IMO 2021 right around the corner, this relationship is perfectly timed to add increasing value to our stakeholders, and we are excited to be a part of the active and growing MTS-ISAC community. We hope ClassNK stakeholders will quickly understand the value of this partnership.”

“We are excited that ClassNK is bringing a proactive, classification society perspective into the MTS-ISAC community,” says Scott Dickerson, MTS-ISAC’s Executive Director. “The MTS community’s resiliency is improved when we can quickly address cyber risks with meaningful cybersecurity controls. ClassNK joining the MTS-ISAC is a perfect example of how community partnerships provide win-win situations while reinforcing to stakeholders how the implementation of guidelines and recommended security controls can reduce their exposure to risks the community is actively seeing.”

Source: marinelog

Growing marine industry digitalization brings with it increasing exposure to cyber risk. In response, ABS Consulting, an ABS Group subsidiary focused on safety and risk management, has joined forces with the American P&I Club to provide education, training and insurance guidance on maritime cybersecurity.

More frequent cyber attacks, increased digitalization and emerging global regulatory focus are adding to immediate demands to address and reduce cyber risk across the industry’s value chain. Cybersecurity has become a business imperative and new measures will have an impact on how maritime vessels and facilities will be covered by insurers.

“The safety and security of our members is a priority. Having a better understanding of the tools available, the programs that can be implemented and the integration of these in the marine industry will help us provide better services to shipowners and charterers globally,” says Dr. William Moore, Global Loss Prevention Director at the American Club. “The work we are going to do with ABS Consulting is going to help us identify how to enhance our policies, and the offerings we need to incorporate to improve the coverage and services we offer to our members.”

“Collaborating with the American Club to build education programs for their members and industry will give us a better understanding of the real challenges we are collectively facing,” says Ian Bramson, Global Head of Cyber Security of ABS Group. “This alliance enables us to develop the tools, training and services that support compliance and help ship owners and operators put protections in place to secure their vessels – from the design and construction phases through continuous operation over their service life.”

Source: marinelog

A new interactive infographic summarises the key considerations owners and operators should make when building a cyber security plan.

The Shipowners’ Club infographic is based on the IMO’s recommendation of a cyber security risk management framework based in five functional elements: Identify, Protect, Detect, Respond and Recover.

‘Identify’ – which systems are vulnerable to attacks, which systems are vital to operations and who is responsible for them.

‘Protect’ – the plan should define measures to prevent attacks from taking place.

‘Detect’ – if an attack does happen, recognising it can mitigate damage

Respond – plan a clear means of getting back up and running as quickly as possible using a second system.

Recover – get the primary system back running and analyse the cause.

Neptune Cyber tool

Neptune Cyber has also launched a new online tool to ensure marine operators stay ahead of new cyber risk regulations that come into force in January 2021.

The ‘MV Neptune Cyber’ ship allows visitors to go on a virtual exploration of a vessel and understand potential cyber risks.

In June 2017, the IMO laid out its ‘Guidelines on Maritime Cyber Risk Management’. Shipowners and managers now have until 1 January 2021 to build cyber risk management into their ship safety initiatives – or risk having their ships detained.

Gwilym Lewis, CEO of Neptune Cyber, said: “Our quick-start guide includes clear action steps to help you prepare for the new IMO regulations. Depending on the complexity of your vessel more steps may be needed to adequately protect against cyber attacks.”

By Rebecca Jeffrey