6 flaws that expose the maritime sector to cyberattacks
The maritime sector is particularly vulnerable to threats from cyberattacks on its operational technology (OT), largely because of the recent profound digital transformation it has undergone. However, exactly how vulnerable is this sector? Let’s take a closer look at the 6 main cybersecurity flaws of maritime transport.
The 6 cybersecurity flaws of maritime transport
Flaw #1: The cargo management system
The cargo management system is relying more and more on digital processes. The cargo control room and its material as well as systems for the remote control of sluice gates, for ballast water management and liquefaction of gases, all benefit from advances in digital technology. They have also inherited the flaws that come with digitization and, like all IT systems, are susceptible to cyberattacks.
Flaw #2: Navigation tools
Navigation relies on a large range of parameters, each one managed by a different system: dynamic positioning, visualization of electronic navigational charts, distress safety system (GMDSS), radars… Furthermore, unconnected gateways are vulnerable to viruses imported from peripheral storage systems such as USB falsh drives, external hard drives… A cyberattack can distort the transmission of information or render navigation tools (AIS, radar, etc.) unavailable.
Flaw #3: Control systems for the engine room
Systems managing propulsion and the operation of machines (energy control system, engine regulator, etc), the integrated control system and the alarm and emergency systems are all entry points for cyberattacks. These attacks can leave a ship stranded at sea, cause a ship to break down or even threaten its safety.
Flaw #4: Access control systems
Surveillance systems (closed-circuit television networks), bridge navigational watch alarm systems, ship security alert systems (SSAS) and even the electronic systems of on-board personnel all need to be protected and segregated in order to guarantee security. If this is not put into place, the systems could be vulnerable to attacks from ransomware (such as Petya or Wannacry) or from worms.
Flaw #5: WiFi
Public networks for passenger use (entertainment, LAN network, communications) are extremely sensitive access points. In order to guarantee the security of these systems, public networks “for enjoyment” must be 100% contained.
Flaw #6: On-board computers
On-board computers are comprised of passenger management systems, (management of goods, ship boarding access, identification systems), basic IT infrastructure (routers, firewalls, VPN, VLAN, etc.), as well as administration systems and entertainment systems for crew members. Cybersecurity on these systems must be able to prevent intrusions. These different systems must be contained.
In order to ensure the security of their networks, passengers, cargo and even the conditions of their ships, maritime companies must become aware of the flaws they are exposed to so they can implement the necessary protections. These industries must contain their different networks and equip themselves with high-performance cybersecurity systems. To provide a solution to cyber risks, the NIST standard recommends a 5-prong approach: identification of risks, protection, detection, response, and system recovery.
Source: https://www.sentryo.net on date 5 October 2017