Subscribe to our Mailing Lists (It's free!)
Friday, June 9, 2023
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    NTSB Investigation

    Lessons learned: Loss of redundancy in diving bell launch and recovery PLC system

    Lessons learned: Steam and water released from filter

    Lessons learned: Disposable vape self-ignition

    maritime mental health

    Seafarers Happiness Index 2023Q1: Seafarers are unsatisfied with onboard fitness and health benefits

    Cargo fires: An issue that needs to be tackled

    Cargo fires: An issue that needs to be tackled

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    Book Review: A role model for ship managers

    Book review: The politics of sustainability in the Arctic

    contemplation as a spiritual practice

    Contemplation: Directing the mind towards what’s important

    power of hug

    The power of hugging: How it affects our health

    Impostor Syndrome

    Mental Health Focus: How to deal with Impostor Syndrome

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    HHI wins AiP from KR for tank shape optimized for liquefied fuels

    HHI wins AiP from KR for tank shape optimized for liquefied fuels

    Four major parties to assess emissions throughout the life cycle of LNG carrier

    Four major parties to assess emissions throughout the life cycle of LNG carrier

    Port of Klaipeda and Proman shake hands on methanol bunkering

    Port of Klaipeda and Proman shake hands on methanol bunkering

    USA law

    U.S. Senators introduce legislation to eliminate in-port ship emissions

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Cyber security: What it means for the shipping industry

    Cyber security: What it means for the shipping industry

    DNV Maritime Cyber Priority 2023: Shipping faces 5 major cyber security challenges

    DNV Maritime Cyber Priority 2023: Shipping faces 5 major cyber security challenges

    New Mission to Seafarers app strengthens welfare support

    New Mission to Seafarers app strengthens welfare support

    ABS awards AIP to SHI for structural health monitoring system

    ABS awards AIP to SHI for structural health monitoring system

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
    AMSA bans second vessel in a week

    AMSA bans second vessel in a week

    Ship detentions in Paris MoU in February 2021

    AMSA bans bulk carrier Babuza Wisdom for 90 days

    tanker arrested in singapore

    AMSA convicts master and company after pilot ladder injury

    amsa planned maintenance fic

    OCIMF Annual Report 2023: Key amendments and additions under SIRE 2.0

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    baltic exchange

    Baltic Exchange: Maritime market highlights 5 – 9 June

    Port of Klaipeda and Proman shake hands on methanol bunkering

    Port of Klaipeda and Proman shake hands on methanol bunkering

    StenaRoRo’s ESG reporting making leaps due to Mercy Ships partnership

    StenaRoRo’s ESG reporting making leaps due to Mercy Ships partnership

    IWSA opens voting for “Wind Ship – the Future” poster design contest

    IWSA opens voting for “Wind Ship – the Future” poster design contest

  • Columns
    The tides are changing at Alang

    The tides are changing at Alang

    Ship recycling: A solution for plastic pollution and environmental protection

    Ship recycling: A solution for plastic pollution and environmental protection

    Back To The Future: How Rotor Sails are now a credible option to tackle climate challenge

    Back To The Future: How Rotor Sails are now a credible option to tackle climate challenge

    Trending Tags

    • Book Review
    • Career Paths
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Wellness Corner
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    NTSB Investigation

    Lessons learned: Loss of redundancy in diving bell launch and recovery PLC system

    Lessons learned: Steam and water released from filter

    Lessons learned: Disposable vape self-ignition

    maritime mental health

    Seafarers Happiness Index 2023Q1: Seafarers are unsatisfied with onboard fitness and health benefits

    Cargo fires: An issue that needs to be tackled

    Cargo fires: An issue that needs to be tackled

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    Book Review: A role model for ship managers

    Book review: The politics of sustainability in the Arctic

    contemplation as a spiritual practice

    Contemplation: Directing the mind towards what’s important

    power of hug

    The power of hugging: How it affects our health

    Impostor Syndrome

    Mental Health Focus: How to deal with Impostor Syndrome

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    HHI wins AiP from KR for tank shape optimized for liquefied fuels

    HHI wins AiP from KR for tank shape optimized for liquefied fuels

    Four major parties to assess emissions throughout the life cycle of LNG carrier

    Four major parties to assess emissions throughout the life cycle of LNG carrier

    Port of Klaipeda and Proman shake hands on methanol bunkering

    Port of Klaipeda and Proman shake hands on methanol bunkering

    USA law

    U.S. Senators introduce legislation to eliminate in-port ship emissions

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Cyber security: What it means for the shipping industry

    Cyber security: What it means for the shipping industry

    DNV Maritime Cyber Priority 2023: Shipping faces 5 major cyber security challenges

    DNV Maritime Cyber Priority 2023: Shipping faces 5 major cyber security challenges

    New Mission to Seafarers app strengthens welfare support

    New Mission to Seafarers app strengthens welfare support

    ABS awards AIP to SHI for structural health monitoring system

    ABS awards AIP to SHI for structural health monitoring system

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
    AMSA bans second vessel in a week

    AMSA bans second vessel in a week

    Ship detentions in Paris MoU in February 2021

    AMSA bans bulk carrier Babuza Wisdom for 90 days

    tanker arrested in singapore

    AMSA convicts master and company after pilot ladder injury

    amsa planned maintenance fic

    OCIMF Annual Report 2023: Key amendments and additions under SIRE 2.0

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    baltic exchange

    Baltic Exchange: Maritime market highlights 5 – 9 June

    Port of Klaipeda and Proman shake hands on methanol bunkering

    Port of Klaipeda and Proman shake hands on methanol bunkering

    StenaRoRo’s ESG reporting making leaps due to Mercy Ships partnership

    StenaRoRo’s ESG reporting making leaps due to Mercy Ships partnership

    IWSA opens voting for “Wind Ship – the Future” poster design contest

    IWSA opens voting for “Wind Ship – the Future” poster design contest

  • Columns
    The tides are changing at Alang

    The tides are changing at Alang

    Ship recycling: A solution for plastic pollution and environmental protection

    Ship recycling: A solution for plastic pollution and environmental protection

    Back To The Future: How Rotor Sails are now a credible option to tackle climate challenge

    Back To The Future: How Rotor Sails are now a credible option to tackle climate challenge

    Trending Tags

    • Book Review
    • Career Paths
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Wellness Corner
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Maritime industry publishes updated guidelines for cyber security on ships

by The Editorial Team
December 10, 2018
in Cyber Security
antivirus on vessels
FacebookTwitterEmailLinkedin

With cyber threats  constantly evolving, cyber related processes on board ships need to successfully provide protection against cyber attacks. For this reason, BIMCO along with several maritime industry organisations published the third version of the ‘Guidelines on Cyber Security onboard Ships’.

Cyber safety incidents can occur as the result of:

  • A cyber security incident, which affects the availability and integrity of OT, for example corruption of chart data held in an Electronic Chart Display and Information System (ECDIS);
  • A failure happening during software maintenance and patching;
  • Loss of or manipulation of external sensor data, critical for the operation of a ship. This includes but is not limited to Global Navigation Satellite Systems (GNSS).

To mitigate these dangers, the new guidelines are focusing on three new areas: Safety Management System, OT risks and supply chain dangers. Namely, they provide guidance to shipowners and operators on how to assess their operations and establish procedures to enhance cyber resilience on board their vessels.

Safety Management System

RelatedNews

Seafarers Happiness Index 2023Q1: Seafarers are unsatisfied with onboard fitness and health benefits

Cargo fires: An issue that needs to be tackled

This new edition provides more information to assist shipping companies conduct proper risk assessments and include measures in their safety management systems to protect ships from cyber-incidents.

Specifically, a new dedicated annex provides measures that all companies should consider implementing to address cyber risk management in an approved SMS.

According to the guidelines, a proper cyber risk management should:

  • Identify the roles and responsibilities of users, key personnel, and management both ashore and on board
  • Identify the systems, assets, data and capabilities, which if disrupted, could pose risks to the ship’s operations and safety
  • Implement technical and procedural measures to protect against a cyber incident and ensure continuity of operations
  • Implement activities to prepare for and respond to cyber incidents.

However, the report notes that this is not so easy, as criminals are getting more inventive as the time passes.

OT risks

A key expansion in the guidelines regards operational technology. Ships have more and more Operational technology (OT) which includes Information technology (IT) and which can be connected to the internet. However, the risks associated with OT are different from IT systems.

GET THE SAFETY4SEA IN YOUR INBOX!

But what are the differences between IT and OT systems. Generally, OT systems control the physical world and IT systems manage data. Traditionally OT and IT were different, but with the internet, OT and IT are coming closer. Disruption of the operation of OT systems may affect onboard personnel, cargo, damage to the marine environment, and impede the ship’s operation.

Namely, malfunctioning IT may lead to significant delay of a ship’s unloading or clearance, but with malfunctioning or inoperative OT there can be a real risk of harm to people, the ship or the marine environment.

On a ship, the job may be less focused on protecting data while protecting operational systems working in the real world has direct safety implications. If the ECDIS system or software controlling an engine are hit with malware, or if it breaks down due to lack of compatibility after an update of software, it can lead to dangerous situations

Dirk Fry, chair of BIMCO’s cyber security working group and Director of Columbia Ship Management Ltd, explains.

The guidelines also provide examples of actual incidents to present some real-world situations that shipowners and operators have faced.

On the upside, a Cyber Security Survey by BIMCO, Fairplay and ABS Advanced Solutions, the joint Industry Guidelines on Cyber Security Onboard Ships, indicated that the industry is more aware of the issue and has increased cyber risk management training. Nevertheless, improvements have to made.

Supply chain dangers

Another focus area is the risk of malware infecting the ship’s systems through the many parties associated with the operation of a ship and its systems.

Guides include evaluating the security of service providers, providing a minimum set of requirements to manage supply chain or third-party risks and ensuring that agreements on cyber risks are formal and written.

The guidelines also emphasize the need for ships to be able to disconnect quickly and effectively from shore-based networks, where required.

Protection and detection measures

As BIMCO notes, it is important to protect critical systems and data with multiple layers of protection measures, which take into account the role of personnel, procedures and technology.

In order to establish a decent protective wall, connected OT systems on board should require more than one technical and/or procedural protection measure. Perimeter defences, such as firewalls, are also vital for preventing unwelcomed entry into the systems, but this may not be enough. A combined defence is needed, which consists of the following:

  • Physical security of the ship in accordance with the ship security plan (SSP);
  • Protection of networks, including effective segmentation;
  • Intrusion detection;
  • Periodic vulnerability scanning and testing;
  • Software whitelisting;
  • Access and user controls;
  • Appropriate procedures regarding the use of removable media and password policies;
  • Personnel’s awareness of the risk and familiarity with appropriate procedures.

The following infographic presents ideal ways to carry out a decent cyber risk management approach:

Credit: BIMCO

For further advice on how to prevent cyber attacks, click the PDF herebelow

Tags: BIMCOcyber incidentscyber riskcyber securityInfographicreports

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

NTSB Investigation

Lessons learned: Loss of redundancy in diving bell launch and recovery PLC system

June 9, 2023
baltic exchange

Baltic Exchange: Maritime market highlights 5 – 9 June

June 9, 2023
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Contact

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Book Review
    • Career Paths
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Wellness Corner
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.