A little after BIMCO published the new guidelines to improve cyber security, secureworld provides further insight on how ships can be hacked. Namely, modern ships are floating computer networks and have more and more systems that can be compromised.
According to Bruce Sussman, SecureWorld’s MMJ (multi-media journalist), ships are increasingly connected to the internet and are becoming more technologically advanced. This situation increases the risk of cyber attacks.
For example, a new-build dry bulk ship was delayed from sailing for several days because its ECDIS was infected by a virus. The virus was quarantined and the ECDIS computers were restored, but the delay costed hundreds of thousands of dollars.
The fact is that ships are essentially becoming floating computer networks. The most characteristic example are cruise ships. On these ships Wi-Fi works most of the time, enabling the passengers to stay connected in the middle of the ocean. This too increases the chance of hackers connecting to the ship.
The new report by BIMCO aims to raise awareness on which systems are the most vulnerable and must be protected with onboard cyber-security. These are:
- Communications systems, from satellite connections to Wi-Fi networks to public address and alarm systems;
- Bridge systems, like GPS and other positioning and charting systems, and the Global Maritime Distress and Safety System;
- Propulsion and machinery power control systems, like the engine governor and integrated ship controls;
- Access control systems, like the closed circuit cameras, shipboard security alarms, and bridge navigation alarms;
- Passenger information systems, like financial and billing systems and electronic health records for those who visit the doctor;
- Passenger-facing networks, like public Wi-Fi and guest entertainment systems;
- Core infrastructure systems, like routers, switches, firewalls, intrusion prevention systems, and security event logging;
- Administrative systems, like crew tracking and personnel systems and crew-facing Wi-Fi or networks.
Moreover, the report notes that ships arrive at ports and receive customs forms and cargo documents from some places that have high cyber-security and others that may have no clue about it. This creates problems, Mr. Sussman says, explaining that:
A shipowner reported that the company’s business networks were infected with ransomware, apparently from an email attachment. The source of the ransomware was from two unwitting ship agents, in separate ports, and on separate occasions. Ships were also affected but the damage was limited to the business networks