Subscribe to our Mailing Lists (It's free!)
Saturday, May 3, 2025
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    lessons learned

    Lessons learned: Refrain from risky recreational activities

    internet mobile phone

    Gard: Road safety lessons for mobile phone use onboard

    Lessons learned: Closer assessment and vetting was required for crew competency

    Lessons learned: Don’t overlook secondary hazards

    connectivity

    Pilbara Ports take steps to enhance connectivity for seafarers

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    relax

    In the calm lies the cure: Exploring the parasympathetic nervous system

    malaria

    Navigating malaria at sea: Why prevention requires a rethink

    Book Review: Building leaders the MMMA way

    Book Review: Developing soft skills in mariners

    mindfulness

    The new wave of Mindfulness: 7 Key trends

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    co2 carrier

    Europe’s first offshore CO₂ carrier to hit waters

    hydrogen

    BV joins European liquid hydrogen research program

    port of rotterdam

    Port of Rotterdam launches bid for reducing port emissions

    LNG

    US looks into updating LNG infrastructure

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    internet mobile phone

    Gard: Road safety lessons for mobile phone use onboard

    connectivity

    Pilbara Ports take steps to enhance connectivity for seafarers

    training simulators

    Companies shake hands for advanced training simulators

    seafarers gps

    NorthStandard: Key measures when the GPS fails

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    inspection

    Tokyo MoU Annual Report 2024

    malta flag

    Malta: New requirements for vessel registration and seaworthiness

    LPG tanker

    Bangladesh arrests LPG tanker following 2024 fire incident

    PSC training

    IMO conducts Port State Control training in Comoros

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    Baltic Exchange

    Baltic Exchange: Maritime market highlights 28 April – 2 May

    Syria

    CMA CGM invests $260 million in Syrian port development

    Odfjell: A global market-based measure with a carbon price is vital for industry’s energy efficiency

    GMF evaluates its impact regarding sustainability matters

    port of rotterdam

    Port of Rotterdam launches bid for reducing port emissions

  • Columns
    Achilles

    Achilles: Improving supply chain transparency can have a bottom line benefit

    port state control

    Linking ship to shore: Enabling direct communication between onboard crew with Port State Control

    eu shipping

    FuelEU maritime regulation and insights

    Trending Tags

    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    lessons learned

    Lessons learned: Refrain from risky recreational activities

    internet mobile phone

    Gard: Road safety lessons for mobile phone use onboard

    Lessons learned: Closer assessment and vetting was required for crew competency

    Lessons learned: Don’t overlook secondary hazards

    connectivity

    Pilbara Ports take steps to enhance connectivity for seafarers

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    relax

    In the calm lies the cure: Exploring the parasympathetic nervous system

    malaria

    Navigating malaria at sea: Why prevention requires a rethink

    Book Review: Building leaders the MMMA way

    Book Review: Developing soft skills in mariners

    mindfulness

    The new wave of Mindfulness: 7 Key trends

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    co2 carrier

    Europe’s first offshore CO₂ carrier to hit waters

    hydrogen

    BV joins European liquid hydrogen research program

    port of rotterdam

    Port of Rotterdam launches bid for reducing port emissions

    LNG

    US looks into updating LNG infrastructure

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    internet mobile phone

    Gard: Road safety lessons for mobile phone use onboard

    connectivity

    Pilbara Ports take steps to enhance connectivity for seafarers

    training simulators

    Companies shake hands for advanced training simulators

    seafarers gps

    NorthStandard: Key measures when the GPS fails

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    inspection

    Tokyo MoU Annual Report 2024

    malta flag

    Malta: New requirements for vessel registration and seaworthiness

    LPG tanker

    Bangladesh arrests LPG tanker following 2024 fire incident

    PSC training

    IMO conducts Port State Control training in Comoros

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    Baltic Exchange

    Baltic Exchange: Maritime market highlights 28 April – 2 May

    Syria

    CMA CGM invests $260 million in Syrian port development

    Odfjell: A global market-based measure with a carbon price is vital for industry’s energy efficiency

    GMF evaluates its impact regarding sustainability matters

    port of rotterdam

    Port of Rotterdam launches bid for reducing port emissions

  • Columns
    Achilles

    Achilles: Improving supply chain transparency can have a bottom line benefit

    port state control

    Linking ship to shore: Enabling direct communication between onboard crew with Port State Control

    eu shipping

    FuelEU maritime regulation and insights

    Trending Tags

    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Digitalization and innovation in smart shipping

by Jerome Floury
January 14, 2020
in Cyber Security, Opinions
BIMCO

Credit: Shutterstock

FacebookTwitterEmailLinkedin

During the second SAFETY4SEA Singapore Forum, Mr. Jerome Floury, Project Manager, Bureau Veritas Singapore, discussed cyber risks in smart and autonomous shipping, providing an overview of recent cyber-attacks in the maritime industry and the potential motives of hackers. He then shared the key pillars of a proper cyber resilience program and recommendations designed to help ships [and their managers and seafarers] maintain cyber resilience throughout their operational lives.

In qualifying cyber incidents, there are two principal types: The first is a cyber safety incident when systems, software and human interaction – as well lack of competency – combines with poorly managed systems and equipment protection. The second is a cyber security incident when an asset is targeted, voluntarily accessed by an unauthorized person with intrusive or criminal intent.

The following is an example of a cyber safety incident. In 2013, in the Gulf of Mexico: an offshore worker, having loaded media files at home on a thumb drive, brought the drive on board a drilling unit (a MODU) and used it, plugging the thumb drive into an onboard computer to download media files. The following day, when resuming work, malware that had been loaded during the download hit the MODU’s network and disabled the signal sent to the DP systems leading the unit to drift off position, causing an emergency shutdown of the well with serious and direct implications for operations.

The subsequent root cause analysis clearly identified a lack of awareness of the staff and, even though the incident happened in 2013, a recent survey still indicates that more than 41% of shipping company personnel place the responsibility of cyber security on the shoulders of the Master when, in fact, it needs to be shared by everyone in the organization.

RelatedNews

ILO: How digitalization and automation shape workplaces

FuelEU maritime regulation and insights

Meanwhile, the first cyber security incident worth noting is one we have all heard about – the incident in 2017 when Maersk was hit by ransomware. Ship safety was not impacted per se, but all paperwork related to cargo logistics was affected and prevented the release of containers in terminals. Maersk communicated openly about the attack and its impact and, in their estimation, they incurred a US$ 300 million loss as a consequence. They also had to flash more than 4,000 servers and nearly 50,000 computers while 2,500 applications needed to be reinstalled across their systems.

[smlsubform prepend=”GET THE SAFETY4SEA IN YOUR INBOX!” showname=false emailtxt=”” emailholder=”Enter your email address” showsubmit=true submittxt=”Submit” jsthanks=false thankyou=”Thank you for subscribing to our mailing list”]

Another cyber security incident was another ransomware attack against COSCO in July 2018. COSCO was quicker to respond than Maersk, probably because they benefited from the experience of the Maersk incident. They were hit by this ransomware in the Port of Long Beach and within two days the ransomware had spread to the UK, Turkey, Panama – and beyond. They had to shut down all their communication systems in all these countries and they had to run their operation using Google and Yahoo accounts.

These two hacks were definitely for profit. Both were ransomware, so the attacker had a financial objective when hitting these two companies. The following two events were not financial.

In 2018, malware targeted Schneider Electric safety instrumented systems. The impact was quite limited but the incident is worth noticing because the objective was not financial. The objective was to cause some damage in a manner related to terrorism.

The last one and most recent is that of the Stena Impero. The ship was detained by Iranian authorities for entering their territorial waters. It was assessed that the vessel had received a spoof GPS signal causing navigational error – the motive was not financial but political.

The above is just a review of a few incidents that are representative of what’s happening. DHL publishes a yearly ‘Resilience360’ report and, in the 2018 edition, they cite the US National Counterintelligence and Security Agency declaring 2017 as a watershed year in terms of cybersecurity incidents, citing an increase of 400% in the number of incidents reported and more than half of all organizations worldwide have, reportedly, been the targets of such attacks. It’s even grimmer than that in Asia where more than 70% of the industrial control systems in Southeast Asia are the targets of cyber-attacks every year.

So, what’s the reality for your ships? The design life of a ship is 25 years. The average age for vessel today is in the 10 to 15 years range. That puts the average ship and all its operating system in a design which is basically based on Windows NT – the support of which ceased in 2014. Meanwhile they are exposed to connections coming from a 2019 to 2020 environment: software, network connections, systems, platforms and so on.

And, even though everybody is interested in the cyber performance of the systems, with the objective of improving safety, reducing the environmental impact or improving the OPEX and the fleet optimization, the processes that are being used to achieve these are all definitely 2019 technology. Not those of 2014 or before. But they are being applied to ships and operating systems designed and built around 2010. So definitely the cyber performance that we see as a goal, and where the return on investment is expected, strongly relies and depends on cyber safety and cybersecurity. This may be overlooked when cyber security investment decisions are made.

If there is no immediate return on cyber security investment, one can seek support into the regulatory compliance. There are regulatory bodies issuing guidelines and recommendation in terms of cybersecurity, but as it is pretty obvious that cybersecurity is still a key concern.

What is the motivation for a hacker to penetrate a vessel system? Cyber-crime has become a real business model. It’s not only about ransomware but it’s also about crypto mining. Crypto mining alone has generated 2.5 billion dollar in revenue for hackers in the first half of 2018. The Iranian situation highlights also political reasons. Eco-terrorism can be also considered at a certain point – and lots of information is manipulated. Shipping does not always have a good role in that, as illustrated by the hoax on how the world’s 15 biggest ships create as much pollution as all the cars in the world that circulates the Internet since 2009 in one form or another.

Being able to detect-prevent or avoid intrusion is one thing but the vocabulary which is being used by IACS and by other bodies is now about resilience. It’s not only about being protected; it’s also about having a recovery plan and something in place in case something happens. And that’s a tricky game; the more you put protection in place, the more you become a trophy in the eyes of a potential intruder. So the more you protect the more you become at risk and that’s a new chicken-and-egg problem. So you have to be ready to recover when something happens. Because eventually something will happen.

IACS has issued recommendations to help ship owners and ship managers prevent cyber events. These recommendations cover the establishment of software inventory, management of software and system and grade, physical security of the local controls to having a local control when the systems are connected remotely and also having contingency plans onboard available to recover anything happening when the ship is out of reach for remote connections.

In order to help ship owners and ship operators comply with cyber industry requirements and best practice, BV has developed a set of cyber rules (NR659). By applying the first level of these rules, shipowners and operators qualify for a “Cyber Managed” class notation certifying that an initial cyber risk assessment has been performed; that mitigation measures have been implemented; relevant cybersecurity documentation (repository, policies, etc.) have been developed; and that staff have been trained to establish cyber policies. It’s basically a certification that cyber security and more broadly cyber resilience is properly managed onboard.

Above text is an edited version of Mr. Floury’s presentation during the 2019 SAFETY4SEA Singapore Forum.

You may view his video presentation herebelow

The views presented hereabove are only those of the author and not necessarily those of  SAFETY4SEA and are for information sharing and discussion purposes only.


About Jerome Floury, Project Manager, Digitalization and Innovation, Bureau Veritas

Digitalization and innovation in smart shippingJerome holds a Master in mechanics from the “universite de Poitiers (france)” followed by a Post-master degree in material science from “Universite technologique de Compiegne-Ecole d’architecture de Versailles” and eventually a Post-master degree in Naval architecture obtained from “Ecole d’architecture de Nantes”

Jerome joined the Bureau Veritas Singapore’ Offshore Centre in July 2011 after 8 years in the Head office’ technical direction and has since been assigned as project manager for various offshore projects in the South Asia zone.

Since 2015, Jerome is also the South Asia representative for Asset Integrity Management services, promoting and supporting the development of our Asset Integrity Management offer and projects all across Asia.

In addition the above, Jerome is also acting as Digitalisation & Innovation Manager for Marine & Offshore South Asia Zone, defining and driving the digital and innovation related initiatives, and eventually implementing the selected digital/innovation projects.

Digitalization and innovation in smart shippingDigitalization and innovation in smart shipping
Digitalization and innovation in smart shippingDigitalization and innovation in smart shipping
Tags: automationcyber securitydigitalizationSAFETY4SEAsmsmart
Previous Post

The situation of piracy and armed robbery against ships in Asia

Next Post

Criteria of the hull structure of a liquified gas carrier with independent tanks

Jerome Floury

Jerome Floury

Related News

biofuels
Opinions

B100 FAME-based biofuels: Key considerations

April 28, 2025
green decarbonization
Opinions

The future of maritime regulatory compliance

April 25, 2025
IAPH: Ports must evolve into sustainable energy supply hubs
Opinions

IAPH: Ports must evolve into sustainable energy supply hubs

April 22, 2025
DCSA
Smart

Port of Rotterdam adopts DCSA’s T&T Standard

April 22, 2025
Shortlisted nominees announced for the 2025 Crew Welfare Awards
Shipping

Shortlisted nominees announced for the 2025 Crew Welfare Awards

April 22, 2025
From safety performance to Human Capital ROI: Illusions vs insights
Opinions

From safety performance to Human Capital ROI: Illusions vs insights

April 16, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Explore more

No Result
View All Result
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Content Marketing
  • Contact

© 2025 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA

Manage your privacy
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Manage options
{title} {title} {title}
No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA