Shipowners need support for protection from sophisticated cyber hacking

Cyber security has become a ‘hot topic’ in the maritime industry and it is crucial that it does not drop off the agenda. Even air gapped systems can be cyber hacked, and that should ring alarm bells for shipowners.

Tototheo Maritime’s joint CEO, Socrates Theodossiou, gave an eye-opening speech at the 7th Annual Capital Link Operational Excellence in Shipping Forum recently held in Athens.

Latest events have shown that even systems that were considered impenetrable can be vulnerable. Cyber-attack methods are becoming ever more sophisticated, diverse, and threatening.

Socrates Theodossiou referred to a recent demonstration by the Ben Gurion University Cyber Security Research Centre. In this, a drone steals data from an isolated “air gapped” computer’s hard drive reading the pulses of light on the LED drive using various types of cameras and light sensors.

This can be viewed here.

But what does this mean for the maritime industry?

In the short term very little, the industry is likely some way off such attacks – certainly at sea, although close to shore or in a port this could be more of an issue -however it clearly shows how big data is becoming big currency and this is what the maritime industry needs to be aware of and mitigate against.

  • Whether a system is on-board or on land, it still requires the same high level of protection
  • Increased use of web based navigations systems with interfaces to land-based networks make systems vulnerable to cyber attacks
  • Even when bridge systems are isolated from the rest of the network, they can be equally vulnerable if mobile devices are used to upgrade them. A cyber- attack can lead to the blocking of a ship’s navigation system or its manipulation.
  • Computers on-board for management and use by the crew are particularly vulnerable. With access to the internet and e-mail, they can easily be infected with malware and potentially allow cyber-attackers to gain access to the ship’s systems.

Computers and devises with internet and email access should be considered “uncontrolled” and not connected to ship security systems

These are only a few small pointers. The solution for each operation is different and complex and unfortunately not easy to measure in terms of Return on Investment. You are investing to protect against something you hope will never happen.

Operators need to educate people on every level of the hierarchy – on land and at sea – and continuously strive to make systems as secure as possible.

At Tototheo Maritime, we help you to match your budget to the best solution for your organisation and the right support for the users to ensure you stay safe.

Talk to us to find out more on how our IT Support team can help you.