Eutelsat OneWeb LEO satellite provides low-latency, high-speed connectivity (source: Eutelsat OneWeb)
The emergence of low earth orbit (LEO) satellite communications has led to a huge increase in the bandwidth used by crew on ships, but onboard IT networks are vulnerable to cyber threats
These satellite constellations are ushering in a new era of high-speed, low-latency connectivity for commercial ships, offshore support vessels and passenger shipping. However, these always-on connections also create potential entry points for cyber threats, experts explained during Riviera Maritime Media’sThe power of LEO: Strategies for high-speed connectivity at sea webinar, held with sponsorship from Eutelsat OneWeb on 25 April during Riveria’s Maritime Cyber Security Webinar Week.
On the panel were Anglo-Eastern Ship Management chief information officer Torbjorn Dimblad, Eutelsat OneWeb director of maritime and energy Celeste Endrino-Cowley, Port-IT owner and chief executive Youri Hart and GT Maritime chief technology officer Jamie Jones.
They discussed the capabilities and limitations of LEO versus traditional satellite connectivity for ships, and explained why it is important to implement multi-layered cyber-security architectures to secure LEO-connected ship networks.
Anglo-Eastern has deployed terminals to connect to LEO constellations, including Starlink and OneWeb, on 307 of the vessels it manages for owners. “LEO is a gamechanger that bridges gaps between ship and shore communications,” said Mr Dimblad.
“It is an incredible experience with positive crew feedback. It is good for crew welfare, morale and retention, and good for business too. LEO brings another dimension to life at sea.”
Seafarers use the higher bandwidth for media streaming, video communications and social communications.
Anglo-Eastern uses LEO for video conferences, online training and team working to improve safety. “We collaborate with vessels in an entirely different way,” said Mr Dimblad. “More applications are now cloud-first.”
He advised shipowners what they need to improve cyber security on ships includes gaining a greater understanding of onboard IT networks, increasing firewalls, updating antivirus software and encrypting data on ships. “Identity vulnerabilities, do risk assessments and penetration testing, do tabletop exercises on disaster recovery and human resource training,” he said.
Ms Endrino-Cowley said Eutelsat OneWeb used multiple types and standards of data encryption across its ground network and between its satellite network portals (SNPs), LEO satellites and user terminals on ships.
“Our highly secure network is constantly evolving and we are able to provide end users with excellent cyber security,” she said.
Eutelsat OneWeb LEO satellites connect to SNPs using Ka-band so “satellites always remain in contact with the gateways,” Ms Endrino-Cowley continued. These SNPs control and manage the satellites, and receive and transmit user information between the satellites and the distribution hub where partners feed services to their clients.
From the satellites, information is transmitted to and from ships using Ku-band. “There are layers of security for communications from terminals to our satellites and to the SNPs and hubs, while end users can add security with more encryption,” she said.
“Have a plan in place and be ready to flip to secondary networks”
Mr Hart said shipowners need to design communications and IT networks on vessels based on the needs of operationally critical applications with a back-up in case primary communications fail or are obstructed. “If LEO is not working, then communications needs to fall back to back-up connections,” said Mr Hart. He asked whether businesses applications can operate effectively and securely over this secondary network.
“Design what is needed to keep business applications running when over multiple connections. Schedule updates correctly including security upgrades and apply IT hygiene,” he added.
Shipowners must deploy unified threat management and patch compromised systems, identify system issues and “work with partners to reduce risk and vulnerabilities.”
Mr Hart also said shipowners need to apply more encryption and security management if applying communications with lower latency, as there would be less time for checks. “Update software and ask for assistance from third-party suppliers.
“LEO brings great opportunities, but make sure technology takes into account the vulnerabilities”
Mr Jones agreed greater availability of higher bandwidth and the addition of online devices on ships means IT systems are more vulnerable. “Moving data faster would be a great benefit, but shipowners need to understand this could be used against them if vulnerabilities are exploited,” said Mr Jones. “There are opportunities, but risks to safeguarding business-critical operations. It can be costly if these are not secure.”
He also agreed business applications must work effectively over secondary communications if the primary connection was not available. “Have a plan in place and be ready to flip to secondary networks,” said Mr Jones. “They need to work regardless of connectivity.”
He added owners need to invest in enterprise-grade secure networks and ask vendors about their cyber security. “Ask vendors what they do to prevent threats getting to the ship, whether they have accreditations, prevent breaches or attacks, and if they take things seriously,” he said. “LEO brings great opportunities, but make sure technology takes into account the vulnerabilities.”
