Page 11: of Maritime Reporter Magazine (July 2019)

I

INSIGHTS: GOVERNMENT UPDATE ransomware attacks, including law en- attack: rival (NOA) messages. Masters of US (IEC) jointly developed the information forcement agencies, hospitals, municipal • Utilizing unique passwords and vessels were reminded of the obliga- security standard ISO/IEC 27001. The governments, shipping companies, and changing passwords on a regular tion to report suspicious cyber activity standard speci? es a management system in 2017, the major British shipping ser- basis. to the USCG National Response Center intended to bring information security vices ? rm Clarkson Plc. The Australian • Installing software updates and (NRC). Unsolicited emails, particularly under management control and lays out shipbuilder Austral Limited was also the patches promptly upon receipt. those requesting sensitive information or speci? c requirements for conformance. apparent subject of a ransomware attack. • Routinely checking the IT system including attachments, should be veri- Organizations meeting those require-

The Internet of Things (IoT) has made for malware. ? ed by contacting the sending entity via ments may be certi? ed by an accredited access to information and control sys- • Backing up data frequently onto a separate means prior to acting or down- certi? cation body following successful tems easier. These has created expansive stand-alone device disconnected to loading any attachments. completion of an audit. Such certi? ca- opportunities for improved ef? ciencies. the IT system. Cyber security procedures and proto- tion is generally considered the gold

Connected devices and systems offer the • Two-factor identi? cation is an ef- cols must be laid out in the safety man- standard in cyber security.

possibility of ubiquitous access, which fective means of ensuring that per- agement system (SMS) of the vessel and equates to more possible entry points sons seeking access to an IT system the company. Failure to do so constitutes Summary for both authorized and unauthorized are properly authorized, but few en- a de? ciency and may result in the vessel Cyber experts say that they are two users. As more devices become con- tities utilize it. being determined unseaworthy. kinds of company IT systems: those nected to each other and to the internet, • Cyber security training is vital. Baltic and International Maritime known to have been hacked and those the overall risk and impact of a compro- Since the threat evolves rapidly, the Council (BIMCO), the largest interna- that don’t yet know that they have been mise increase, along with the possibil- training must be continual. tional shipping association, has devel- hacked. This may be an over-statement, ity of a cascading effect in the event of The US Coast Guard recently issued oped a new cyber security clause for use but not by far. There are so many threats a cyber attack. Navigation, propulsion, a Marine Safety Information Bulletin in maritime contracts requiring parties and the sophistication of those threats and other vessel operation systems can advising the maritime industry to be on to implement cyber security procedures is increasing so fast that the IT system be hijacked. guard against email phishing and mal- and systems to reduce the risk of an in- administrators are getting overwhelmed. ware intrusion attempts. Cyber adver- cident. Entities and individuals should take as

Preventative protocols saries were reported to be attempting The International Organization for many steps as possible to protect their IT

Following are a few of the steps that to gain access to sensitive information Standardization (ISO) and the Inter- systems and data. Continual vigilance is may be taken to reduce the risk of cyber including the content of notice of ar- national Electrotechnical Commission required.

Maritime Medical

Assistance Worldwide • Medical services for crew members in the Ports of Call • Evacuation and repatriation services for crew members and passengers, including doctor’s escorts on commercial flights/air ambulances • Home country treatment for crew members • Medical health checkup services (PEME, REME) • Medical claims management • Claims Cost Containment and Fraud Investigation • Medical services for seafarers’ families www.ap-companies.com + 34 931 702 286 [email protected]

Armenia, Albania, Austria, Azerbaijan, Belgium, Belarus, Bosnia, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark,

Estonia, Finland, France (including Corsica), Georgia, Germany, Gibraltar, Greece, Hungary, Iceland, Ireland, Israel, Italy (including Sicily and Sardinia), Jordan, Kazakhstan, Kosovo, Kyrgyzstan, Latvia, Lithuania, Luxembourg, Macedonia, Malta,

Moldova, Monaco, Mongolia, Montenegro, Netherlands, Norway, Poland, Portugal, Republic of South Africa, Romania, Russia, Serbia,

Slovakia, Slovenia, Spain, Sweden, Switzerland, Tajikistan, Tunis, Turkey, Turkmenistan, United Kingdom, Ukraine, Uzbekistan www.marinelink.com 11

MR #7 (10-17).indd 11 7/5/2019 10:04:04 AM