Understanding security in the maritime industry
Aseguramos que mediante la securización IT (sus datos personales y comunicaciones) y OT (dispositivos físicos and control de la embarcación), su nave esté completamente blindada e inaccesible para intrusos no deseados
¿Cumple su embarcación con la IMO Resolution MSC.428(98) ? Siga leyendo para saber como 3-Lock ayuda a su embarcación en estar actualizada con los últimos estándares de seguridad y regulaciones.
3Lock is the solution to your security problems when you are onboard your ship. We ensure that you are fully secure by following the best practices in cybersecurity.
When it comes to maritime cybersecurity, OT and IT are different, especially in attack outcomes. An attack on IT could lead to data theft, while an attack on OT could lead to injury or loss of life, asset damage, or environmental impact.
Traditionally OT systems have been left out without good security practices. 3-Lock does no longer allow that, and with the convergence of IT and OT systems, we make use of the latest security tools to ensure that you comply with all the IT and OT requirements.
CYBERSECURITY REQUIREMENTS - IS YOUR SHIP READY?
Since 01/01/2021, the International Maritime Organization, adopted a resolution aimed to address cyber risks in maritime environments.
This resolution states that no later than a ship’s first annual Document of Compliance audit after 1 January 2021, every Safety Management System must be documented as having included cyber risk management, in line with the International Safety Management Code.
3-Lock offers ship owners and managers some guidelines covering their responsibilities under the new IMO resolution and explains how we will provide the most optimal cyber security solution, to support them towards compliance of the previous mentioned resolution.
“Ships and other vessels may seem like unusual targets for cyberattacks. But with their growing use of industrial control systems (ICS) and satellite communications, hackers have a new playground that’s ripe for attack.”
According to the survey made by safetyatsea.net, 77% of ship owners see cyber threats as a high or medium risk. However, few appear to be prepared for such situation, as only 42% has a proper OT protection for their vessels.
As hackers become even more sophisticated in their tactics, it’s inevitable that cyber-attacks against OT on ships are becoming the norm rather than the exception. It’s time for the maritime industry to take a look at every aspect of their ship operations to ensure they’re protected and resilient against these growing threats.
With 3-Lock you’ll no longer need to be worried about these threats. We will ensure that you comply with the latest security standards, and prevent any unwanted behavior either from an external or internal attacker.
WHY DOES MY SHIP NEED A CYBERSECURITY AUDIT?
Ships and vessels in general may seem like an inappropriate target for cyber-attacks, as many of them, as well as connected networks and communication infrastructures at sea, still use legacy technologies that were not thought for a secure Internet connection.
These complex networks, are commonly used by crew-members and third-party actors, extending the potential risk for a compromise by a hacker or an inside threat.
Due to the high level of connectivity that exists nowadays, something as simple as inserting a USB flash drive, or connecting to an unsecured wifi connection, can lead to tremendous disasters.
Potential security endpoints
- Bridge control: Automatic Identification systems (AIS), Voyage Data Recorder (VDR), Automatic Radar Plotting Aid (ARPA)…
- Propulsion & Power: Engine control, fuel management, onboard machinery…
- Navigation: GPS systems, radar, weather systems…
- Loading & Stability: Stability control, hull stress, cargo management systems…
- Safety Systems: Fire and flood control, videocamera tracking, emergency shutdown…
- Communications: Satellite communications, ship-to-shore, ship-to-ship, radio, VoIP…
- Operations Security: Human-Machine Interfaces (HMIs), PLCs, sensors, electronics…
- Network security: Firewalls, segmentation devices (DMZ), antivirus software, software updates…
- Physical Security: Server rooms, access control, machinery spaces, network infrastructure…
- Crew Network: Email, wi-fi, wired, personal devices…
- Supply Chain: Remote or on-shore vendor updates, maintenance, administration…
3Lock will make an exhaustive exploration of the possible vulnerabilities in all of the previous endpoints, and more, to ensure that there is no single point of failure for your ship.
Maritime Cybersecurity Challenges + Potential Risks
When dealing with cybersecurity challenges, we tend to forget that the exact same threats that affect the IT networks do exist also in the maritime industry.
- Not enough knowledge of systems and devices involved on the OT network.
- Lack of real-time monitoring or segmentation of the networks.
- Badly connected IT and OT systems
- Unsecured wireless networks
- Remote access granted to third-party OEMs
- Poor physical security controls
- Lack of cybersecurity awareness among the crew.
Some of the previous challenges can lead to disastrous outcomes. Cybersecurity is not just about preventing hackers from gaining access to systems and information.
The complexities associated with the previous risks, make vessels vulnerable to high-impact attacks.
Some of the potential attacks that can put a vessel in danger are:
- Attacking an OEM network, or another supplier, which can lead to the vessel’s OT network access.
- Attacking a satellite provider to gain access to IT/OT systems.
- Exploit vulnerabilities that grant access to a vessel’s networks like:
- GPS/navigation system
- Open/close critical valves
- Propulsion and rudder control
- Ballast control
- Administrative privileges
A compromised ship system could initiate physical harm to the IT and OT systems, personnel, and cargo, potentially endangering lives or causing the loss of the ship and the loss of sensitive information, including commercially-sensitive or personal data.
COMPLIANCE MEASURES FOR SHIPS - IMO RESOLUTION MSC.428(98)
The IMO (International Maritime Organization) points out some of the maritime cybersecurity compliance measures that all ships need to consider. Some of this measures are the IMO Resolution MSC.428(98), ISA/IEC 62443, ISO/IEC 27001 and TMSA.
3-Lock is focused and specialized in the compliance of the IMO Resolution MSC.428(98).
As connectivity and reliance on the Internet grows exponentially, and gets essential for the operation and management of vessels, the security and safety of these systems needs to be properly configured.
This resolution encourages administrations to ensure that cyber risks are properly addressed, in existing safety management systems (as defined in ISM Code), no later than the first annual verification of the company’s Document of Compliance, after January 1, 2021.
The IMO provides the following guidelines and recommendations for an effective cyber risk management:
- Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data, and capabilities that, when disrupted, pose risks to ship operations.
- Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations.Detect: Develop and implement necessary activities to detect a cyber-event in a timely manner.
- Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber event.
- Recover: Identify measures to back-up and restore cyber systems necessary for shipping operations impacted by a cyber-event.
The team of 3-Lock will make sure to follow the guidelines to ensure a full compliance of the resolution, while preventing hackers and external attackers to gain any type of control or surveillance over your ship.
Additionally, the monitoring of the security systems will be done according to the chosen plan for your situation, where security holes and vulnerabilities will be immediately addressed once they are detected, and a support will be available for crew employers when they need it.
3Lock does also offer trainings about cybersecurity best practices for crew members, and staff involved in the vessel’s operations. If you are interested in a cybersecurity training for your crew, contact us.