Cyber Security Characteristics of the Maritime Industry

August 29, 2022

Cyber security is important because of its potential effect on personnel, the ship, environment, company, and cargo. Cyber security is concerned with the protection of IT, OT, information and data from unauthorised access, manipulation, and disruption.

Cyber incidents can arise as the result of

  • a cyber security incident, which affects the availability and integrity of OT, for example corruption of chart data held in an Electronic Chart Display and Information System (ECDIS)
  • an unintended system failure occurring during software maintenance and patching, for example through the use of an infected USB drive to complete the maintenance
  • loss of or manipulation of external sensor data, critical for the operation of a ship. This includes but is not limited to Global Navigation Satellite Systems (GNSS), of which the Global Positioning System (GPS) is the most frequently used.
  • failure of a system due to software crashes and/or “bugs”
  • crew interaction with phishing attempts, which is the most common attack vector by threat actors, which could lead to the loss of sensitive data and the introduction of malware to shipboard systems.

The maritime industry has a range of characteristics that affect its vulnerability to cyber incidents.
These include:

  • involvement of multiple stakeholders in the operation and chartering of a ship potentially resulting in lack of accountability for the IT and OT system infrastructure and ship’s networks
  • use of legacy IT and OT systems that are no longer supported and/or that rely on obsolete operating systems
  • use of OT systems that cannot be patched or run anti-virus due to type approval issues
  • ships that interface online with shoreside parties and other parts of the global supply chain
  • ship equipment that is remotely monitored and accessed, eg by the manufacturers or support providers
  • the sharing of business critical, data sensitive and commercially sensitive information with shorebased service providers, including marine terminals and stevedores and also, where applicable, public authorities
  • the availability and use of computer controlled critical systems, which may not have the latest patches installed or be properly secured, for the ship’s safety and for environmental protection
  • a cyber risk management culture that still has potential for improvement, eg through more formalised training, exercises and clarified roles and responsibilities
    frequently the automation system comprises of multiple sub-systems from numerous vendors that are integrated by shipyards with minimal regard to cyber issues.

These elements should be considered, and relevant parts incorporated into the company cyber security policies and SMS.
The growing use of comprehensive data analysis, smart ships and the “Industrial Internet of Things” (IIoT) will increase the amount of information available to threat actors and the potential attack

Source:

IMO