Page 18: of Maritime Reporter Magazine (February 2021)
Government Shipbuilding
Read this page in Pdf, Flash or Html5 edition of February 2021 Maritime Reporter Magazine
Cyber Security
Demystifying
Cyber
Security © pinkeyes/AdobeStock ecent cyber attacks to the U.S. Government, the an ef? cient cyber security of? cer. Cyber security is as much
IMO and Maersk, amongst others has caused the about the protection of the system through the hardware as it world to pay attention to criminal cyber activities is through the software. To demystify this ? eld, I checked in by foreign states, terrorists and criminals. The cy- with Cyber Security Specialist Cliff Neve, who retired from
R ber attack against CMA CGM shut down services for close to the USCG Cyber Security unit. two weeks. Two days later, on October 30, the IMO was held The maritime industry is vulnerable to attacks on both our hostage by a cyber attack. These attacks follow attacks earlier Information Technology and our Operational Technology. If this year against MSC and COSCO. this is the ? rst time that you are hearing this, you may be just
As of January 1, 2021, all vessels that have a safety man- as confused as when Mr. Neve explained this to me. Informa- agement system must address cyber security in order to main- tion Technology (IT) is the software that runs our computers, tain ISM certi? cation. The IMO guidelines for cyber security ECDIS, phone, etc. Operational Technology (OT) is the soft- can be found in MSC-FAL.1/Circ.3. This high-level guidance ware and computers that are called upon to operate equip- is just the foundation for a proper cyber security program for ment. OT governs our engines, regulates the angle of our sat- owners/operators. The circular highlights the importance of ellite antenna, and governs the processes of our 3D printers.
protecting vulnerable systems such as: Cyber security is about protecting our access points, but ac- 1. Bridge systems; cording to Dean Constantine hacking the IT network is only 2. Cargo handling and management systems; one concern. Cyber criminals have also developed the capa- 3. Propulsion and machinery management and power bility of hacking into our OT, or Operational Technology. Our control systems; hardware, like engine controls, steering gear, etc are vulner- 4. Access control systems; able to outside attack from hitherto unknown vectors.
5. Passenger servicing and management systems; The dangers of installing software cannot be understated. 6. Passenger facing public networks; Not all apps that your nerd friend recommends are safe. Or 7. Administrative and crew welfare systems; and for that matter, updates from the computer manufacturer 8. Communication systems. or operating system provider. According to another expert,
The thought of having cyber security responsibilities can Christopher Owen, Bios updates should always be vetted be chilling to some and burdensome to others. Personally, through your in house personnel prior to installing. Bios de- whenever I think of cyber security I think of some college termines things such as when the fan turns on, how energy is kid in their parent’s basement trying to get the password to distributed through the computer, ect. It is akin to regulating my bank account. The truth is that hacking scenario, while it our heartbeat.
still exists, is not the predominant cyber crime in the world Add on to that the questionability of manufacturer updates today. Cyber crimes may be conducted by organized crime, as a state sponsored terrorism, and your head may swim. The nation states, terrorists, or industrial espionage. On the other world has recently begun to accept Zoom as the dark overlord side of the fence are the “white hat” hackers whose job it is to of conducting meetings. Photobombing, Zoom style, has ? nd the weak links in a corporate cyber security chain. They been highlighted during the pandemic. Much like crashing expose weaknesses without exploiting them. a party, uninvited attendees will drop in on your meeting, or
One does not need to be versed in code and hacking to be hijack it. The question has been asked, why has nothing been 18 Maritime Reporter & Engineering News • February 2021
MR #2 (18-33).indd 18 2/4/2021 9:17:53 AM