Multimodal 2022TBA GroupPort of South LouisianaTelestackCleveland Cascades LtdTOC Events
  • TOC Events
  • The Wolfson Centre for Bulk Solids Handling Technology
  • Vigan
  • Sailors Society
  • Bühler GmbH
  • TBA Group

Human element part of cyber problem

(Posted on 27/06/18)

Most ship cyber security breaches are consequent of human error but can easily be avoided by implementing cutting edge technology and policies to prevent crews from inadvertently infecting shipboard systems.

That was one of the key take-aways from a major maritime cyber conference held in London recently and at which delegates were informed of the potentially catastrophic consequences when Operational Technologies are hacked.

“The problem is that when crew or operators use USB sticks to upload system files or log on using their own mobile phones, laptops and tablets or open an infected email, they can potentially upload a malware virus or worse,” Naval Dome CEO Itai Sela told delegates attending the European Maritime Cyber Risk Management summit.

As 150 million emails are sent globally every minute by more than 4 billion Internet users, it is safe to assume that some of these will be infected and opened by unsuspecting crew members.

“The biggest issue is the internal attack and the human element is definitely part of the problem. Crew training alone is not a solution,” said Sela. “Also, when a technician boards a vessel and connects a laptop or equipment directly to the ECDIS or RADAR to fix or service these systems, can they verify their own systems are secure and have not been infected?

But there is also an external threat, warned Sela. "Since headquarter and vessel operations go hand-in-hand, it is important to know that when a shipping company’s offices have been hacked it means the company’s vessels are also compromised.”

It emerged at the summit that many systems onboard are still based on old operating systems, such as Windows XP, Windows 7, or Linux – systems designed and manufactured without consideration of the cyber threat.

That many of these systems remain unprotected with critical PC-based IT and OT systems frequently using the same Internet connection was a significant concern raised by Lloyd’s Register’s Elisa Cassi, Product Manager, Cyber Security.

“Industrial control systems may still run on separate networks, but true physical isolation is becoming the exception rather than the norm. Even with no direct connection, malware can bridge air-gapped networks by exploiting human activity and operator error.”

Templar Executive’s Director MCERT Chris Gibson said that 47% of ship’s crews have been targeted, with IT and OT systems “very vulnerable to attack”.

“The Maritime sector is a keystone of a modern, digitised world, but remains vulnerable to cyber attack.”

Acknowledging the introduction of legislation and guidelines designed to help safeguard the industry from cyber intrusion, such as the Europe’s General Data Protection Rules, TSMA3 and IMO’s MSC.428(98), which will be in included in the ISM Code, he said there remains a number of maritime industry challenges. He intimated that its fragmented, cost-conscious and competitive nature can make the maritime industry an attractive target for hackers.

Gibson, Sela, Cassi and others speaking at the event all urged the industry to assess their response capabilities. Cassi said: “The earlier the detection point in the chain, the greater the chance that the ship operations center will be able to identify malicious activity, contain it and prevent it from spreading laterally.”

It was also suggested that the industry should implement an anonymous cyber-attack reporting scheme and consider establishing a Maritime Charter of Trust to establish industry-wide protocols for dealing with the threat.

Naval Dome is an Israel-based cyber security specialist providing security detection and protection solutions to the international maritime industry. The award-winning Naval Dome solution is the first maritime multi-layer cyber defence solution for mission critical onboard systems.

Latest News

Healthy bulk market helps Pacific Basin generate record interim results

(Posted on 05/08/22)

Pacific Basin Shipping Limited, one of the world’s leading dry bulk shipping companies, has announced... Read more


Spar Shipping bulker successfully completes biofuel-powered trial voyage

(Posted on 29/07/22)

A 10-day trial onboard a Spar Shipping AS bulk carrier enabled a reduction of at least 75% in carbon... Read more


Inmarsat report offers cyber-risk guidance amid escalating threats

(Posted on 25/07/22)

A new report published by Inmarsat, the world leader in global, mobile satellite communications, highlights... Read more


MHSS responds to new report on seafarer mental health

(Posted on 25/07/22)

Mental Health Support Solutions CEO and founder Charles Watkins welcomes the recently published report... Read more


CSM partners with Kadmos to automate crews’ salary pay-outs

(Posted on 18/07/22)

Columbia Shipmanagement (CSM) has announced a partnership with Berlin-based Fintech Kadmos to automate... Read more


North joins Maritime Anti-Corruption Network

(Posted on 18/07/22)

In the latest demonstration of its commitment to supporting a more sustainable maritime community, North... Read more


ClassNK releases "Guidelines for Ships Using Alternative Fuels (Edition2.0)"

(Posted on 18/07/22)

ClassNK has released the "Guidelines for Ships Using Alternative Fuels (Edtion 2.0)," which sets forth... Read more


Swire Bulk launches its first SE Asia - Europe liner service

(Posted on 01/07/22)

Swire Bulk will operate a new liner service between Southeast Asia and Europe from June 2022, providing... Read more


AtoB@C Shipping confirms additional electric hybrid vessel order

(Posted on 01/07/22)

AtoB@C Shipping, a subsidiary of Aspo Group’s ESL Shipping, has declared an option and order for... Read more


Seanergy announces additional share buybacks

(Posted on 01/07/22)

 Seanergy Maritime Holdings Corp. has announced that the Board of Directors has authorized an additional... Read more


Sailors SocietyCimbriaBühler GmbHViganThe Wolfson Centre for Bulk Solids Handling Technology Van Aalst
  • Van Aalst
  • Multimodal 2022
  • Cleveland Cascades Ltd

Subscribe to our newsletter

Keep up to date with the latest global news in bulk cargo handling and shipping