Seatrade Maritime is part of the Informa Markets Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Simple steps to improve cyber security on ECDIS

Simple steps to improve cyber security on ECDIS
The cyber security risks to ECDIS navigation systems, many of which run on old, and unsupported operating systems, are well known, and ABS director of cyber security Paul Walters offers some very simple advice on how to help keep them safe.

Speaking at the Singapore Registry of Ships Forum, Walters noted that when it comes to information exchange ECDIS is very critical. He outlined how an ECDIS system can be taken offline by the simple act of crew member plugging their phone into charge on the computer on which the ECDIS system is run.

“We’ve had a number of owners call us up and one person or another had plugged in their phone to charge it, the ECDIS goes and looks for the drivers for the phone, can’t find it, so its crashes. And they are very difficult to get back, and that has to do with software quality, a lot of them run XP which is very vulnerable because Microsoft is not supporting it.”

Walters offered a few simple measures to improve the security of ECDIS system.

        To stop crew members from charging their phones or either devices on the ECDIS

-       PC ABS recommends buying a system to block the ports. Walters said these are available cheaply from the likes of Alibaba or Amazon, and stop crew from charging their phones, or vendors from plugging in USB sticks and devices without checking with the crew.

        For ECDIS chart updates

-       Download, encrypted updates from the internet onto a dedicated USB stick

-       Check the USB stick for malware on viruses on a PC dedicated to the task

-       If all clear then upload onto the ECDIS