Cyber security in the maritime sector: risks and vulnerabilities
As with other means of transport, the maritime sector is increasingly automated and monitored remotely. Not only are IT (Information Technology) and OT (Operational Technology) becoming more interconnected than ever before, but both technologies are also increasingly connected to the Internet
Consequently, ships are now significantly more vulnerable to cyberattacks. Some of the main risks and vulnerabilities to which ships are exposed are:
Inadequate security settings:
Including inefficient network management or the use of default administrator accounts and passwords:
- There is a risk that unauthorized users (contractors and service providers included) access critical systems (those that guarantee the physical safety of the ship and its cargo).
- Network infection due to existing malware on personal devices connected to the on-board network or removable devices used to download data or print documents.
- Theft or leakage of sensitive and confidential information about the crew, passengers, the company itself or interception of communications between the ship and the public authorities.
- Infection of digital systems used to track hazardous cargo: If, for example, a container loaded with explosive materials is no longer marked as hazardous and is handled incorrectly, an explosion may occur.
There are many on-board networks that lack protection measures and network segmentation:
- Infection of key areas:
- Monitoring and control of on-board machinery
- Propulsion (such as power supply to propellers)
- Power control
- Cargo management systems that interact with ports, marine terminals, etc. This could cause the sudden shortage of, for example, fuel in a region or the sinking of the ship due to an alteration of the weight of the cargo.
- Compromise of critical security systems connected to public networks used by passengers or crew.
Failure to perform proper software patching and maintenance:
- Obsolete, no longer supported or non-compatible operating systemsObsolete or no longer supported antivirus software and malware protection measures.
Global Navigation Systems Vulnerabilities:
- Vulnerabilities in satellite communication antennas or any other wireless communication system.
- Vulnerability of bridge systems due to the increasing use of digital navigation systems.
- Loss or manipulation of external sensors data such as global satellite navigation systems. By altering the coordinates of a ship, a hacker can cause from a collision to a war. What would happen if a warship is apparently located near the coast of a traditionally “enemy” country?
Considering that the more than 51,000 existing commercial ships carry up to 90% of the world trade…
…the consequences of an attack against this industry could be huge. Such is the magnitude of the consequences that a cyberattack against this industry could have that the BIMCO (the largest maritime association in the world with 2100 members in more than 120 countries) recommends the IMO (International Maritime Organization) in its third version of its guidelines on cybersecurity on board ships, to give the same importance to this threat than to any other.
What would happen if communications within ships and/or external communications (from ship to shore) were isolated with RITech? Would we worry about these challenges and vulnerabilities?