Monday - Friday9AM - 5PM
Visit our social pages
 

Cart

Client Area
Blog

Maritime Cybersecurity?

June 19, 2024by Certified Systems0
MRT 2

What is Maritime Cybersecurity?

Maritime cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies used to protect maritime organizations, their vessels, and their cyber environment.

the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies used to protect maritime organizations, their vessels, and their cyber environment.

And according to the International Maritime Organization(IMO), maritime cyber risk refers to a measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety, or security failures as a consequence of information or systems being corrupted, lost or compromised.

Many of the globally connected networks and infrastructures at sea still leverage legacy technologies that were not built to be connected to the Internet. These complex networks include a blend of information technology (IT) and operational technology (OT) systems (we’ll cover those in the next section) used by internal crew and third-party vendors, extending the potential for a compromise by hackers or insider threats.

There was a time when connectivity on a vessel was minimal, and ship control engineers addressed security issues with air gapping to physically isolate a secure network from unsecured networks. By definition, an air-gapped system is neither connected to the Internet nor any other system. But now, using something as simple as a USB flash drive USB or unsecured Wi-Fi connection, a malicious hacker or even an inexperienced insider could infiltrate and infect critical systems. This development is especially concerning given the connectivity of modern maritime vessels.

Whether moving dry or liquid bulk, containers or cars, crude oil, products, or chemicals, the maritime industry is a critical backbone of our global economy. Protecting a vessel’s critical operations from cyber threats poses unique challenges with operation centers and fleets of numerous classes and vintages spread across the world, increasingly digitalized operations, and a complex environment merging IT with industrial control systems (ICS) and operational technology (OT).

How do IT and OT Cybersecurity Differ?

Operational technology (OT) is hardware and software that detects or causes a change through the direct monitoring and control of industrial equipment, assets, processes, and events. In contrast, information technology covers the entire spectrum of technologies for information processing, including software, hardware, communications technologies, and related services.

Before we delve into the cybersecurity challenges affecting the maritime industry, let’s take a step back and examine some of the differences between IT and OT systems. Some of the differences in system requirements include:

Differences in System Requirements

IT System Requirements

OT System Requirements

Performance
  • Non-real-time
  • Response must be consistent
  • Less critical emergency interaction
  • Tightly restricted access control can be implemented to the degree necessary for security
  • Real-time
  • Response is time-critical
  • Response to human and other emergency interaction is critical
  • Access should be strictly controlled, but should not hamper or interfere with human-machine interaction
Availability/Reliability
  • Responses such as rebooting are acceptable
  • Availability deficiencies can often be tolerated, depending on the system’s operational requirements
  • Responses such as rebooting may not be acceptable because of operational requirements
  • Availability requirements may necessitate redundant systems
Risk Management
  • Manage data
  • Data confidentiality and integrity is paramount
  • Fault tolerance is less critical – momentary downtime is not a major risk
  • Significant risk impacts may lead to delays in ship clearance, loading/unloading, business operations
  • Control physical world
  • Human safety is paramount, followed by protection of the process
  • Fault tolerance is essential; even momentary downtime may not be acceptable
  • Major risk impacts are regulatory non-compliance, environmental impacts, harm to the crew onboard, equipment and/or cargo
System Operations
  • Systems are designed for use with typical operating systems
  • Upgrades are straightforward with the availability of automated deployment tools
  • Differing and possibly proprietary operating systems, often without security capabilities built-in
  • Software changes must be carefully made, usually by software vendors, because of the specialized control algorithms and modified hardware and software involved
Resource Constraints
  • Systems are specified with enough resources to support the addition of third-party applications such as security solutions
  • Systems are designed to support the intended industrial process and may not have enough memory and computing resources to support the addition of security capabilities
Communications
  • Standard communications protocols
  • Primarily wired networks with some localized wireless capabilities
  • Typical IT networking practices
  • Many proprietary and standard communication protocols
  • Several types of communications media used, including radio, satellite Internet, ship to shore, ship to ship, VoIP
  • Networks are complex and sometimes require the expertise of control engineers
Component Lifetime
  • 3 to 5 years
  • 10 to 15 years
Component Location
  • Components are usually local and easy to access
  • Components can be isolated, remote, and might require extensive physical effort to gain access to them

From a cybersecurity perspective, OT and IT are different in several ways. On staffing, there is a cybersecurity specialization on the IT side. Professionals have been specifically trained and certified in application security, network security, or other security disciplines. In OT, those tasked with security are usually operational technology people. As part of their day job, they have to also deal with security—it’s an add-on, not a specialization.

OT and IT are different, especially in attack outcomes. An attack on IT could lead to data theft, while an attack on OT could lead to injury or loss of life, asset damage, or environmental impact. Traditional cybersecurity measures fail to protect vessels from cyber-attacks and leave the OT network exposed, falling short on providing the visibility and protection required for cyber-physical processes underlying in the maritime industry. And with the convergence of IT and OT, organizations must balance the use of traditional IT security tools at the network and endpoint layer with specialized security tools designed for OT requirements.

What are the Cybersecurity Challenges Affecting the Maritime Industry?

Many of the common cybersecurity challenges that affect the maritime industry mirror those in other industries that deal with IT networks:

  • No clear understanding of all systems and devices on the OT network across a fleet or operation
  • Lack of visibility into each vessel’s OT networks
  • Lack of real-time monitoring or segmentation of the OT network
  • Inadvertently connected IT and OT networks
  • Use of unsecured wireless networks
  • 24/7 remote access granted to third-party OEMs
  • Lack of visibility into third-party OEM networks (black box)
  • Poor physical security controls
  • Lack of cybersecurity awareness among the crew, employees, and contractors

Potential Maritime Cybersecurity Attacks

Cybersecurity is not just about preventing hackers from gaining access to systems and information. It is also about protecting digital assets and data, ensuring business continuity, and ensuring that the maritime industry is resilient to external and internal threats. It is crucial to keep ship systems safe from physical attacks and to ensure the integrity of supporting systems.

The complexities associated with vessels and tankers make them vulnerable to high-impact attacks. Cyber incidents can last for hours, days, or weeks. When one ship is impacted, it can often spread malware to sister vessels via the corporate network. Some of the potential attacks that can cripple a vessel’s operations include:

  • An attack on an OEM network or third-party supplier that spreads to their client’s on-vessel OT network
  • An attack on a satellite provider that gains access to a vessel’s IT/OT network
  • Exploited cyber vulnerabilities that grant access to a vessel’s OT network and provide various attack options, including:
    • GPS/navigation system attack
    • Open/close critical valves
    • Propulsion and rudder control
    • Ballast control
    • Ransomware/Malware
    • Gain full administrative privileges.

Leave a Reply

previous
Definition Of Cloud Storage, Types And Benefits,
next
Extraordinary Examples of SaaS Applications in 2024

Headquarters
Suites 26/27, Second Floor, K-30 Mall

Plot 724, Goke Adegoroye Close

Wuye District

FCT Abuja

Nigeria
+234(0)9114568023
+234(0)8052656455
info@certifiedsystemsgroup.com
Our Services
Our Products
Social links
Taking seamless key performance indicators offline to maximise the long tail.
Headquarters
Suites 26/27, Second Floor, K-30 Mall

Plot 724, Goke Adegoroye Close

Wuye District

FCT Abuja

Nigeria
+234(0)9114568023
+234(0)8052656455
info@certifiedsystemsgroup.com
Social links

Copyright by Certified Systems Limited. All rights reserved.

Copyright by Certified Systems Limited. All rights reserved.