By Kristin McGillicuddy, Senior Marketing Manager, Commercial & Leisure Maritime
There is no doubt that the rate of cybersecurity breaches in the maritime industry is increasing in both frequency and scope with cyber criminals learning how to exploit a minor breach and escalate it into a major security issue.
This has led to the International Maritime Organization (IMO) issuing Resolution MSC.428 (98), requiring all vessels to include cyber risk management in their safety management systems and develop onboard procedures and mitigation measures for cybersecurity.
New technology on vessels and the increase in digitalization has meant that there are multiple points of entry for a prospective hacker including:
Includes navigation systems with interfaces to shoreside networks. Automatic identification systems (AIS), voyage data recorders (VDR), automatic radar plotting aids (ARPA).
Propulsion Systems
Sensors relay data on equipment performance and, if used in conjunction with remote condition-based monitoring systems, especially if integrated with navigation and communications equipment on ships, can make them even more vulnerable to attack.
Access Control Systems
Ensures the physical security and safety of a ship and its cargo including surveillance and shipboard security alarms.
Passenger servicing and management systems
Digital systems used for boarding and access control which holds valuable passenger data.
Passenger facing public networks
Fixed or wireless networks connected to the internet installed onboard for passenger access such as guest entertainment systems.
Administrative and crew welfare systems
Onboard computer networks used for the administration of the ship or welfare of crew.
Communication systems
Internet connectivity via satellite or other wireless connection.
How to Mitigate Risk
Vessel operators should start with a risk assessment to review all their onboard systems against potential cyber threats. It is also recommended that third-party cyber specialists undertake penetration tests to identify system weaknesses that could be exploited by cyber criminals.
The Centre for Internet Security (CIS) provides guidance on measures that can be used to address cyber security vulnerabilities.
Some key best practises include:
These are just some of the areas which need to be considered when reviewing onboard cyber security so should not be considered an exhaustive list as network designs vary.
At KVH, we recommend that our clients adopt a multi-program approach to address the security of both satellite and terrestrial networks. For instance, our cloud email solution which allows vessels to access emails at sea or in port, has built-in spam and malware blocking with secure encrypted email exchange.
In addition, all employees whether onboard or ashore should be given cybersecurity breach awareness training as it tends to be a lack of knowledge amongst employees that leads to a lot of cyber security breaches.
KVH provides enterprise grade cybersecurity to vessels requiring the highest level of protection against cyber-threats. Called the KVH Managed Firewall Service powered by Fortinet, it is designed to complement the terminal-level security found in every TracNet hybrid terminal and TracPhone VSAT-only antenna.
In conclusion, a company’s most sensitive information should be buried away in controlled networks and partitioned by firewalls to create safe zones. The more firewalls that have to be passed through to access a zone, then the more secure the information will be.
