Cyber Security in the Maritime Industry
For most of maritime history the threats to vessels at sea have been largely physical, most notably piracy but also battling the elements and armed conflict on the waves. While physical threats still exist, they are joined today by the same threats that affect every other computer network around the world, yet the effects of such threats are magnified by the operating environment of the vessel.
Over the past 30 years, both satellite connectivity and on-board technology have made the modern merchant vessel a floating branch office of the corporate network.
The phrase “cyber security” has entered the modern vernacular in recent years and is the buzzword at just about every technology conference and tradeshow. It is not difficult to see why this is the case with the massive expansion of connected devices we all own and the move to make industrial systems ever more intelligent and sophisticated.
Within the maritime industry these particular threats have been largely irrelevant for many years as the true connected vessel has only recently become a reality with the adoption of high throughput satellites.
With the availability of relatively high speed communications and the adoption of BYOD there are multiple points of ingress into the vessel network, from compromised devices, infected USB memory sticks, infected comms traffic, spam, and phishing emails.
In the event of a cyber security incident on board a vessel, the best case might be a crew PC becomes unusable, however, this could easily become the captain’s PC, navigational equipment, or engine control systems. You only need to look back to 2010 to the Stuxnet virus which, specifically targeted industrial control systems and was perhaps the first major incident in modern cyber warfare – while this looks to have been a state sponsored activity, the rise in anti-globalisation rhetoric and the ever evolving capabilities of activist groups increases the risk for the industry.
In a traditional land based operating environment compromised systems can cause huge inconvenience and loss to an organisation, out at sea this can become much more acute as the ability for the IT department to intervene is much more difficult. While in all areas of cyber security prevention is preferable to a cure, this mantra is never more relevant than in the remote environment of a vessel at sea.
GTMaritime have been providing software to the maritime industry for over 18 years and have been tracking the trends that affect IT systems both within the industry and further afield. Research by Futurenautics reported that 43% of crew who responded to their survey had sailed on a vessel that had been compromised by a cyber incident, yet the industry remains largely unprepared for cyber security threats. Action in this area is raising in priority but still has some way to go before it reaches parity with land based networks.
Over an average 5-day period the GTMaritime mail gateways deal with the following:
Best practices for reducing the risk of a cyber incident:
- Ensure anti-virus solution, such as GTSentinel, is kept up to date
- Keep regular system backups
- Do not disable User Account Control (UAC)
- Do not open Word or Excel documents that contain macros (.docm, .xlsm files) unless they are from a trusted source
- Do not open attachments in emails that were not expected
- Do not follow links in emails unless they are to a trusted website
- Install critical security updates as soon as possible
As others in the industry who are looking to the future are saying the major takeaway here must be one of awareness and a call to action that cyber security has to be taken seriously regardless of your chosen vendor and above all protect systems through a defence in depth attitude to minimise attack surfaces.
If you would like to discuss how GTMaritime can help with your cyber security please contact the sales team – firstname.lastname@example.org