GTMaritime published a guide to highlight some of the problems that can occur using equipment and operating systems likely to be found on ships in operation.
As well as deliberate cyberattacks, the guide considers how even supposedly safe and routine matters such as a system update can create difficulties on board a vessel.
The question of automatic updating and its hazards is considered and also included in the guide is a section on the human element as this is the area where most failings can occur and where deliberate attackers most frequently target
System updates
The frequency of updates reflects the growing cyber threat that users face and should be recognised as such. Although intended to protect the machine from attack and to improve performance, the updates can sometimes contain bugs and can cause problems with applications that previously ran faultlessly. Usually this is due to a driver or application compatibility issue. Another issue is that downloading and installing the updates will cause the device to become unavailable for a period – often lengthy.
This last point can be annoying as it impacts workflow, but on a ship, it could even make essential systems suddenly unavailable. It is possible to turn off this automatic updating feature, but that in itself could mean that the system is no longer protected by the security updates introducing other vulnerabilities.
To avoid system availability issues but at the same time ensuring security updates are received, it may be an idea to disable the automatic update feature of the operating system and perform a manual update.
This manual update can be done when the ship is less likely to be compromised such as immediately after arrival in port. After performing this update, a check should be carried out on essential system availability as comprehensively as possible. Any issues should be reported to head office and to the equipment system maker so that the information can be disseminated to other ships in the fleet.
Chinks in the armour
The vast extent of today’s shipping software market can be judged by the number of organisations taking stands at the major exhibitions where for several years now whole halls have been devoted to digital technologies.
In addition to these commercial offerings there are many more apps developed by seafarers or maritime specialists that can be downloaded for use on apple and android devices that crew may use on board.
Just as with the main operating systems, these apps are likely to update on a regular basis and this can be done either automatically or manually once notification of an update has been transmitted.
This updating can be a source of vulnerability to cyber attacks and should be carefully monitored. The updating procedure can also create problems if interrupted – an ever present threat for ships where the internet connection may be fragile under some circumstances – and cause the application to cease operating or to malfunction.
When it comes to vulnerabilities of shipboard networks, one of the factors often overlooked are the various devices attached to or integrated within the network. These can be mice and touchpads, keyboards, monitors, speakers, microphones,
Human element
According to the Verizon 2022 Data Breach Investigations Report, 82% of data breaches involve a human element, like a user clicking a link in a phishing email. That is pretty damning for the humans involved, but it ignores the fact that of the many millions of cyberattacks made daily, the majority are unsuccessful due to human alertness.
Familiarisation should ensure that a new crew member is fully acquainted with the ship, the equipment that they will be required to use as part of their duties, and the ISM procedures that affect them. While the first two may be addressed albeit to a sometimes limited extent, familiarisation with procedures is often little more than a box ticking exercise as the crew member would have almost no chance to absorb the whole of the ISM system procedures in the short time allowed.
Another factor is that familiarity with equipment comes quite naturally to crew who would likely have encountered the same or very similar kit on numerous vessels. Familiarity with procedures is less easy to gain as the processes can be very different from ship to ship. It would be of great benefit to protect from cyberattacks against ships if operators worked together to adopt a common industry wide standard for procedures.
Crews and shore personnel need training in practising good digital hygiene and guidance on what to be alert for. This training can be a combination of discussion meetings or workshops on board at regular intervals and also some form of testing whereby harmless spoof messages are sent from shore that encourage recipients to click through on a link in the same way that a phishing email does. Crew who are repeatedly caught out by these messages can be identified and given further training and guidance.
EXPLORE MORE at gtmaritime’s cyber security guide
