Page 15: of Maritime Reporter Magazine (June 2019)

I

INSIGHTS: CYBER SECURITY

Naval Dome CEO “A Maritime Disaster Waiting to Happen” ince the founding in 2016, Na- val Dome and its Endpoint cy- ber defense system has helped “The maritime industry is

Sto protect merchant ships and just not prepared for yachts from cyber-attack. In 2019, it op- timized Endpoint with a “Dashboard” terrorists to use ships in the app, providing maritime users with a clear picture of the cyber status of all same way that they were able critical systems onboard the ship, de- signed to allow users to quickly deter- to in? ltrate the civil aviation mine which systems are protected and sector.” those that are susceptible to unauthor- ized penetration.

Itai Sela, CEO, Naval Dome “The maritime industry is just not pre- pared for terrorists to use ships in the same way that they were able to in? ltrate etration tests, on the ship’s Electronic hack was able to alter draft/water depth they can inadvertently open the gate to the civil aviation sector,” said Itai Sela, Chart Display and Information System details in line with the spurious posi- a cyber-attack and infect other PC-based

Naval Dome’s CEO. “As a $4 trillion in- (ECDIS), Asaf She? , Naval Dome’s tion data displayed on screen. In a sec- systems onboard the ship. Our solution dustry responsible for transporting 80% CTO, the former Head of the Israeli Na- ond wave, the test ship’s radar was hit. prevents this from happening.” of the world’s energy, commodities and val C4I and Cyber Defense Unit, said While the radar is widely considered an One company that has been quick to goods, any activity that disrupts global “We designed the attack to alter the ves- impregnable, standalone system, Naval respond to the threat is bridge systems trade will have far reaching consequenc- sel’s position at a critical point during an Dome’s team used the local Ethernet supplier Totem Plus. Under an agree- es.” There have already been well docu- intended voyage, during night-time pas- Switch Interface – which connects the ment inked in February, Naval Dome li- mented incidents where shipping com- sage through a narrow canal. During the radar to the ECDIS, Bridge Alert System censed the OEM to integrate its software panies have been hacked but it is less attack, the system’s display looked nor- and Voyage Data Recorder – to hack the with their hard drives across several hun- known that the navigational equipment mal, but it was deceiving the Of? cer of system. “As manufacturers themselves dred systems in the Totem Plus portfolio. aboard a ? eet of 15 tankers has also been the Watch. The actual situation was com- can be targeted, when they take control The arrangement provides cyber protec- hacked. Once ship systems have been in- pletely different to the one on screen.” of onboard computers to carry out diag- tion at the system build stage, prior to fected, it’s open season for the criminal/ According to She? , the Naval Dome nostics or perform software upgrades, shipment to end-users. activist terrorist, with everytthing from- navigational systems to machinery sys- tems at their disposal. “Cruises hips are an especially attrac- tive target,” said Sela. “We have already seen the global response to the Viking

Sky’s engine failure, which resulted in complete loss of power and the ship drift- ing in harsh Norwegian seas. While I am not suggesting in anyway that this was a cyber event, imagine the consequences and the global response if it was.”

Naval Dome has demonstrated the maritime industry’s nightmare security scenario with a series of cyber pen- etration tests on systems in common use aboard tankers, containerships and cruise ships, test results which revealed with startling simplicity the ease with

DON’T BE A TARGET. which terrorists can access and override ship critical systems.

KNOW YOUR CYBER RISK.

While the test ships and their systems were not in any danger, Naval Dome was able to shift the vessel’s reported position and mislead the radar display.

Another attack resulted in machinery be- ing disabled, signals to fuel and ballast

SAFETY LEADERSHIP

Visit us at: pumps being overridden and steering

DRIVING SUSTAINABILITY www.eagle.org/cybersecurity gear controls manipulated.

Commenting on the ? rst wave of pen- www.marinelink.com 15

MR #6 (10-17).indd 15 5/31/2019 9:30:24 AM