While cyber security has become a lot more in focus onshore in offices for shipping companies the level of protection onboard vessels is yet to catch up, leaving a vulnerability for cyber criminals to exploit.
“Centrally on a ship there is not a lot of that is of true value but if somebody can use that ship as a backdoor into a corporate environment,” Peter Broadhurst, senior vice president safety and security for Inmarsat, told Seatrade Maritime News at Sea Asia 2017.
“What we see is a lot of C level executives are saying our company needs to be secure because we’ve got a lot of financial information, so they company secure. But then they allow all these ships to connect to the company infrastructure and they don’t consider them as something that needs to secure,” he said.
“They need to broaden their horizons when it comes to cyber, take a more complete of the picture, or else they will just compromise themselves.”
Incidents onboard are caused by the same reasons as on land with phishing attacks the most common threat, and Broadhurst said seafarers needed to be trained in cyber security.
“It’s very easy for the seafarer with no training on that just to click on the link or the attachment and you’re infected, and you don’t know you’re infected and then it starts to proliferate across the vessel,” he explained.
Similarly malicious software can be brought onboard via laptops or mobile devices belonging to the seafarer.
The resulting attacks can see systems both on the vessel and onshore hijacked by ransomware, or confidential data stolen and sold on the Dark Web.
“That can lead to financial loss and most definitely leads to reputational loss which in shipping is really a problem. From a cargo perspective if you can’t give that kind of level of certainty you’ll not be the choice of cargo owner,” Broadhurst warned.
Inmarsat will be rolling out its Unified Threat Management solution which will inspect all incoming traffic and local area network extensions on the vessel.
He said that if an individual client on the ship is compromised the system will quarantine it, identify the problem computer, which allows for the company to fix the problem.