Every day, maritime communications networks must balance Internet and intranet, information technology (IT) and operational technology (OT) for ship operations to run smoothly. With these functions becoming increasingly sophisticated and complexly intertwined, cyber security remains a constant concern as it threatens the data and functionality of a ship.

Understanding cyber threat is crucial to protecting your ship from security breaches and should be considered at all levels of an organization. To develop plans to secure onboard systems and networks, it’s important to assess the types of threats and potential impact on a ship’s operations, safety and data.

 

What is the Risk of a Cyber Attack?

Cyber attacks are increasingly sophisticated with the tools and entry points constantly evolving. To protect a ship and its assets, a complete assessment to identify all onboard entry points will help your team realize the extent of the risk present.

Unauthorized Access. Because maritime communication exchanges are so rich in valuable information, these networks are valuable targets:

 

Authorized Access. At the same time, an amazing number of users at multiple locations have legitimate access to a ship’s intricate web of interfaces with the ability to cause harm to:

 

Cyber Access. While some cyber attacks use common applications to elicit a user’s response, others masquerade as authentic websites. Still others are hidden within seemingly authentic communications, but all are looking for one thing – access – through:

 
Third parties connected to your ship’s system may pose additional access points for attackers. Considering these vulnerabilities could potentially lead to system breaches, any third party should also undergo cyber risk assessment.

 

Assessing Your Maritime Cyber Vulnerabilities

In order to effectively and efficiently determine your ship’s system weaknesses, both physical and virtual points of access to system information and controls should be assessed.

Identify High-Risk Areas of Your Ship

Study the systems of your vessel and how they interface with various users, electronic devices, the Internet and email. These areas can indicate where a potential attack is likely to occur. Some common high-risk areas include:

 

Define Levels of Threat

Once a complete inventory is completed, each system needs to be examined in terms of its potential to allow an attacker to:


Categorizing each system’s level of threat lets you prioritize systems – and needs – according to confidentiality, integrity and availability – also known as the CIA model:

 

Identifying Stages of a Cyber Attack

Investing in personnel training to identify and mitigate cyber threats has been noted as one of the most effective methods to reduce the impact of malicious attacks. Regardless of whether a ship is targeted or simply a victim of circumstance, attacks typically follow a four-stage pattern:

  1. Surveillance and Research. Open sources provide amazing amounts of information about both private individuals and commercial companies. Attackers exploit every resource, from social media, technical forums and publications to covert monitoring of a ship’s open data transmissions.

  2. Delivery. Like any weapon, threats must have a delivery system and can originate with either authorized or unauthorized users via any tool or access.

  3. Breach. One of the most misunderstood stages, a breach can be subtle or pronounced, immediate or delayed. The attacker’s tool has found a vulnerability and can now exploit it.

  4. Affect. While some attackers may opt for an immediate and obvious effect like disabling or seizing control of a ship, others may prefer to go unnoticed. An attack may be designed to explore ship systems, collect information, enslave devices or alter accesses for more significant interference at a later date.

 

Developing a Cyber Risk Assessment Strategy

Cybersecurity is a discipline of details, so using an organized approach is key. Map functional areas and systems, and identify points of access for potential breaches. Evaluate systems and equipment, prioritizing those that are out of date or in need of regular updates. Examine protocols, procedures and policies and how they apply to every user, from senior-level executives to ship guests. Most importantly, realize that the process of cyber risk assessment never ends.

For more information on assessing your vessel’s risk of cyber threat, securing discovered vulnerabilities or promoting a culture of cybersecurity, contact BlueTide Communications through our website or by calling 337-205-6710.

 

Information used in this blog conforms to recommendations offered in The Guidelines on Cyber Security Onboard Ships published by the Baltic and International Maritime Council (BIMCO), Cruise Lines International Association (CLIA), International Chamber of Shipping (ICS), International Association of Dry Cargo Shipowners (INTERCARGO) and International Association of Independent Tanker Owners (INTERTANKO).