The threat of cyber-attacks on critical systems on board vessels has never been greater. Reports[1] suggests that reliance on digital systems and remote working during the COVID-19 crisis coincided with a fourfold increase in maritime cyber-attacks from February last year.

An IMO resolution[2] came into effect at the start of this year to mitigate this vulnerability. It guides ship owners and managers and requires cyber-risk management in line with the International Safety Management (ISM) Code. In response, Seably is launching a dedicated and comprehensive cybersecurity awareness training course for the maritime sector which directly aligns with the IMO requirements. The course is a collaboration between leading marine insurance providers Alandia and maritime cyber security specialists Deductive Labs.

Sensitive to the complex vulnerabilities within the maritime industry, the dedicated courses have been structured with in-depth content specifically developed by Deductive Labs in line with the established standards and regulations. The virtual training is practical and fulfils all maritime requirements. It provides hands-on instruction and is easily accessible and available both online and offline. Upon completing the training, both participants and shipowner organisations will receive the required certifications for IMO and ISM Code compliance for onboard audits.

The Maritime Cyber-security Awareness Training is suitable for all levels of seafarers. It brings together the understanding of the risks, culture and behaviours – on board and on shore – with the tasks and technology necessary to protect systems, networks, programs, devices, and data from the increasing malicious cyber-attacks.

Commenting on the course content, Johan Sjölund, Business Development Manager for Deductive Labs said, “When designing these courses, we included specialised material that we know from experience creates the right frame of mind. Our goal is to eliminate weaknesses and vulnerabilities at all levels and within all systems. Cyber-security is a complex reality. However, with over 15 years of security knowledge and experience in this field, we are confident that this bespoke training improves cyber security and goes beyond the specified regulations .”

Martti Simojoki, Senior Loss Prevention Manager at Alandia, confirmed their approval and collaboration of the superior quality of instruction contained within these courses. He said, “We have integrated our expertise in pro-active maritime security management and loss prevention with the practical, hands-on and in-depth knowledge of Deductive Labs. We are confident that this new course, now available on the Seably platform, is one of the few recommended and complete learning systems within the maritime sector.”

The introduction of this bespoke maritime training adds to the comprehensive and broad range of specialised content available within the Seably marketplace. Andrea Lodolo, CEO of Seably, said, “Unfortunately, cyber-attacks are on the increase. They are constantly evolving and becoming more common. An attack on a vessel’s critical systems could easily threaten the safety of a ship as well as the business of shipping. No one within our sector can ignore this risk. We are introducing this complete and timely package of training courses to strengthen on-shore and on-board defences. These will equip ship owners and personnel with the required knowledge and skill-sets to ward off cyber threats.”

Created by seafarers for seafarers, Seably is the first maritime digital marketplace that brings together highly-specialised content, cutting edge technology and teaching skills from seafarers, educationalists, industry specialists, insurers, surveyors and a whole range of other related service providers. The launch of the Maritime Cyber-security Awareness Training extends the overall accessibility of global quality online maritime training worldwide. Seably educational modules include IMO and ISM code compliant courses in addition to flag state-approved STCW instruction, legislation typed training, introductory programmes, reflective learning and how-to courses.

Source: hellenicshippingnews

Marco (Marc) Ayala is a process automation professional with more than 25 years of experience working in petrochemical facilities where he designed, implemented, and maintained their process instrumentation, automation systems, and process control networks. Currently the director and ICS cybersecurity section lead at 1898 & Co. (part of Burns & McDonnell), Marco has expertise with safety systems, advanced process control, enterprise historians, and industrial network security where he worked with enterprise IT to implement a corporate PCN security solution. He is active in cybersecurity efforts for the oil and gas, maritime port, offshore facilities, and chemical sectors, working alongside federal, local, and state entities for securing the private sector.

Marco is very active in ISA and has been a member for about 20 years. He is now a senior member and a certified cyber instructor for ISA. He sits on the Safety and Security Division (SAFESEC) committee and is their liaison to the ISA Global Cybersecurity Alliance. He is also the membership chair of the Smart Manufacturing and IIoT Division (SMIIoT).

“Safety, security, and digitalization are all so important,” Marco says. “There’s just so much to do.”

His activities outside of ISA also dovetail with his drive to contribute in these areas. Marco is the Sector Chief for the Maritime Domain Cross Sector Council (CSC) with InfraGard. He is a member contributor of the AMSC Gulf of Mexico (GOM) cyber panel, as well as the chair of the cybersecurity subcommittee of AMSC. Marco served on the working group that developed the “Roadmap to Secure Control Systems in the Chemical Sector” in 2009.

Source: blog

The topic of cyber threat intelligence (CTI) occupies roughly a third of the NMCP. It also generates a significant divergence of opinion among maritime cybersecurity experts.

Carter, who also serves on the Board of Directors for the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC), says that relationships he has established with members of the MTS-ISAC community, along with the contacts he was able to establish at DEF CON Hack the Sea, have become invaluable, and that they are finding successes working with each other.

“We are now seeing localized information exchanges launch that feeds into the larger MTS-ISAC, which will only better protect the maritime sector. I have personally shared half-million elements over five years,” he noted.

Dr. Kessler, on the other hand, says that there’s a need for better and more uniform information sharing of cyber intelligence.

“The ISAC/ISAO model is wonderful if you’re a member. In the late 1990s, the ISACs freely shared information. Today, the model is that you have to pay to be a member. I fully understand that the ISCAs need to be funded but the entire maritime transportation system is at risk, and that includes small operators, small manufacturers, and so on,” he added.

In a section on “Information and Intelligence Sharing”, the NMCP recognizes that “organizations such as Information Sharing and Analysis Centers provide a pathway to share information across the private and public sector coordinating Councils.” It also points out, however, that “multiple private sector entities claim to be the information-sharing clearinghouse for MTS stakeholders. Overlapping membership across cybersecurity information sharing organizations creates barriers to efficiently inform MTS stakeholders of maritime cybersecurity best practices or threats.”

An additional consideration is that not all organizations in the sector are at a sufficient state of cybersecurity maturity to leverage access to CTI. Organizations that do not have adequate understanding of their environment or capabilities to monitor their network and respond to events when they are detected are unlikely to benefit from access to third-party intelligence products. Those limited resources may be better dedicated to basic cybersecurity hygiene and workforce development.

Source: helpnetsecurity

Marco (Marc) Ayala is a process automation professional with more than 25 years of experience working in petrochemical facilities where he designed, implemented, and maintained their process instrumentation, automation systems, and process control networks. Currently the director and ICS cybersecurity section lead at 1898 & Co. (part of Burns & McDonnell), Marco has expertise with safety systems, advanced process control, enterprise historians, and industrial network security where he worked with enterprise IT to implement a corporate PCN security solution. He is active in cybersecurity efforts for the oil and gas, maritime port, offshore facilities, and chemical sectors, working alongside federal, local, and state entities for securing the private sector.

Marco is very active in ISA and has been a member for about 20 years. He is now a senior member and a certified cyber instructor for ISA. He sits on the Safety and Security Division (SAFESEC) committee and is their liaison to the ISA Global Cybersecurity Alliance. He is also the membership chair of the Smart Manufacturing and IIoT Division (SMIIoT).

“Safety, security, and digitalization are all so important,” Marco says. “There’s just so much to do.”

His activities outside of ISA also dovetail with his drive to contribute in these areas. Marco is the Sector Chief for the Maritime Domain Cross Sector Council (CSC) with InfraGard. He is a member contributor of the AMSC Gulf of Mexico (GOM) cyber panel, as well as the chair of the cybersecurity subcommittee of AMSC. Marco served on the working group that developed the “Roadmap to Secure Control Systems in the Chemical Sector” in 2009.

The study is global, yet split into 7 regions: Africa, Asia-Pacific, Central Asia, Europe, Latin America, the Middle East, and North America. It includes the top 100 ports based on twenty-foot equivalent units (TEUs) handled, corroborated for 196 countries.

The shipping industry is responsible for about 90% of global trade by volume. Governments prioritize the safe and secure transportation of goods, including from land to sea at port sites, to ensure economic stability and growth.

Ports are regarded as national infrastructure and are both a potential terrorist target and an entry point for terrorists; still, persistent threats (the illegal movement of individuals, weapons, drugs, or other illicit materials) are often higher on the risk register than terrorism-related threats because they are more common and cause greater losses or damage to port operations. Concerns about persistent threats are primarily behind the push to enhance security technology at ports, with the West taking tougher stances on border control to stem the tide of illegal immigration.

This research assesses the global maritime port security market through the identification of market trends, drivers and restraints, key technologies, and main developments by region. An examination of notable projects and investments will identify areas of considerable growth and opportunities for security providers. The focus is on the land-side security of a port; the study excludes ship onboard security technologies, automatic identification systems, and vessel traffic services and systems.

Technologies include access control and identity management, C2, communication equipment, cybersecurity, data analytics and storage, fire equipment, screening and detection, surveillance, vehicles and platforms, personal protection gear, and managed services.

Source: globenewswire

Take up of cyber insurance in the marine sector to date has been slow, but that’s bound to change.

One key reason is that the maritime industry is changing rapidly, said Dieter Berg, head of marine business development for Munich Re.

“Until recently, ships were isolated, and the logistics process was not technologically advanced. This market is changing very quickly to digital communications and connectivity.”

Those changes include more than just electronic navigation and communication, they extend to smart containers and real-time logistics routing and scheduling.

“This digitalization changes the risk profile for the marine industry,” said Andreas Schlayer, senior cyber underwriter for Munich Re. “The more an operation is electronic, the more the dependence on data changes the risk profile and the behavior.”

Source: riskandinsurance

After the Japanese attacked Pearl Harbor, the Goodyear blimp Resolute was put into service spotting enemy submarines. There’s a lesson for 21st-century cyberwarfare.

The Constitution gives Congress the power to issue “letters of marque and reprisal”—essentially licenses authorizing private parties to wage war on the government’s behalf. Congress issued letters of marque liberally until the end of the War of 1812, and they were particularly useful during the First Barbary War (1801-05). The fledgling U.S.’s fleet of six frigates couldn’t stem piracy alone. Letters of marque enlisted U.S. merchantman as far away as the Mediterranean, where Barbary states often provided pirate ships with safe harbor. In the typical 19th-century use, Congress issued letters of marque to schooners and sloops, giving their operators the authority to sink or capture pirate ships by force.

Source: wsj

TSUNEISHI SHIPBUILDING of Japan is the latest company to be confirmed as implementing shipbaord data collection operations using the IoS-OP (internet of Ships open Platform) framework, for a newbuild bulk carrier currently under construction.

IoS-OP is an open platform that enables the sharing of vessel operations data among shipbuilders, manufacturers, and related service providers based on a set of data sharing rules agreed by all stakeholders.

TSUNEISHI will operate within this framework to collect actual operational data for the newbuild ship, so that the data collection infrastructure is integrated into the 82,000DWT bulk carrier’s operational systems from the sea trial stage.

The data to be collected includes draft and shaft horsepower, fuel consumption and power consumption from the main engine, generator, and auxiliary machinery, as well as information from the Voyage Data Recorder (VDR). In total, some 800 items will be included in the data collection process.

The collected data will be shared between the shipyard and shipowner through the ‘ShipDC Portal’, provided by ShipDC on behalf of the IoS-OP, and will be utilised for the development of new ship types based on an enhanced understanding of machinery condition and evaluation of the ship’s performance.

Source: smartmaritimenetwork

Netbull participates as Gold Sponsor in the online “Maritime Cyber-Security & Safety Conference” organized by BOUSSIAS Communications and netweek, that will take place on Thursday 20th of May 2021.

At the 1st section of the Conference subjeted: Cyber Safety Awareness – One step beyond (10:05 – 12:30), Mr. Nikitas Kladakis – Information Security Director of Netbull at his presentation titled:

“Zero Trust Architecture: A new era in Maritime Security”

will analyze the way, the tools, the architectures and the technologies that our company uses for data breach detection in shipping companies environments. Our effort is assisted by the adoption of Zero Trust Architecture and the use of Automation and Artificial Intelligence technologies, which are independent of where the IT (Information Technology) and OT (Operational Technology) environments are located.

Source: netbull

Dryad and cyber partners RedSkyAlliance continue to monitor attempted attacks within the maritime sector. Here we continue to examine how email is used to deceive the recipient and potentially expose the target organisations.

“Fraudulent emails designed to make recipients hand over sensitive information, extort money or trigger malware installation on shore-based or vessel IT networks remains one of the biggest day-to-day cyber threats facing the maritime industry.”

Dryad Global’s cyber security partners, Red Sky Alliance, perform weekly queries of  backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.

With our cyber security partner we are providing a weekly list of Motor Vessels where it is observed that the vessel is being impersonated, with associated malicious emails.

The identified emails attempted to deliver malware or phishing links to compromise the vessels and/or parent companies.  Users should be aware of the subject lines used and the email addresses that are attempting to deliver the messages.

Those who work in the security industry can quickly identify the suspicious aspects of these emails, but the targets often cannot. Even if attackers can only get 10% of people to open their malicious email attachments, they can send thousands out in a day using similar templates resulting in hundreds of victims per day. They can also automate parts of this process for efficiency. It is critical to implement training for all employees to help identify malicious emails/attachments. This is still the major attack vector for attackers looking to attack a network. These analytical results illustrate how a recipient could be fooled into opening an infected email. They also demonstrate how common it is for attackers to specifically target pieces of a company’s supply chain to build up to cyber-attacks on the larger companies. Doing so could cause the recipient to become an infected member of the maritime supply chain and thus possibly infect victim vessels, port facilities and/or shore companies in the marine, agricultural, and other industries with additional malware.

Source: channel16.dryadglobal