Subscribe to our Mailing Lists (It's free!)
Wednesday, August 10, 2022
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    recaap isc

    ReCAAP ISC: Four incidents of armed robbery against ships in Asia

    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    monkeypox

    WHO: Monkeypox is a Public Health Emergency of International Concern

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

    combination vessel rotor sail

    Combination vessel to be retrofitted with rotor sail system

    oil spill Terrebonne Bay

    Oil spill in Terrebonne Bay after storage tank collapses

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    cyprus shipping

    Cyprus to accelerate digitalization for shipping

    hapag lloyd

    Hapag-Lloyd to track containers in real time

    avikus

    South Korean companies to use autonomous navigation technologies

    wan hai lines

    Wan Hai names three smart containerships

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    uk mca ships detentions

    Seven new foreign flagged ships detained in UK ports during July 2022

    indonesia coal exports ban

    Indonesia to impose more coal export bans

    black sea mou cic stcw

    Black Sea MoU announces PSC Concentrated Inspection Campaign on STCW

    amsa psc annual report 2021

    AMSA PSC Annual Report 2021

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    audits

    Amendment in standard for bodies providing audits and certification of information security management systems

    nautical institute

    Nautical Institute Singapore Conference 2022 reveals speaker line-up

    ports congestion

    FMC Commissioner: US ports congestion result of lack of accountability

    wood cargo ashore

    Watch: Wood cargo washed ashore after falling from cargo ship

  • Columns
    undewater noise

    Port of Vancouver: Slowing ships down supports healthier ecosystems

    human sustainability

    Wilhelmsen: Competence is vital for industry’s sustainability

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    recaap isc

    ReCAAP ISC: Four incidents of armed robbery against ships in Asia

    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    monkeypox

    WHO: Monkeypox is a Public Health Emergency of International Concern

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

    combination vessel rotor sail

    Combination vessel to be retrofitted with rotor sail system

    oil spill Terrebonne Bay

    Oil spill in Terrebonne Bay after storage tank collapses

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    cyprus shipping

    Cyprus to accelerate digitalization for shipping

    hapag lloyd

    Hapag-Lloyd to track containers in real time

    avikus

    South Korean companies to use autonomous navigation technologies

    wan hai lines

    Wan Hai names three smart containerships

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    uk mca ships detentions

    Seven new foreign flagged ships detained in UK ports during July 2022

    indonesia coal exports ban

    Indonesia to impose more coal export bans

    black sea mou cic stcw

    Black Sea MoU announces PSC Concentrated Inspection Campaign on STCW

    amsa psc annual report 2021

    AMSA PSC Annual Report 2021

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    audits

    Amendment in standard for bodies providing audits and certification of information security management systems

    nautical institute

    Nautical Institute Singapore Conference 2022 reveals speaker line-up

    ports congestion

    FMC Commissioner: US ports congestion result of lack of accountability

    wood cargo ashore

    Watch: Wood cargo washed ashore after falling from cargo ship

  • Columns
    undewater noise

    Port of Vancouver: Slowing ships down supports healthier ecosystems

    human sustainability

    Wilhelmsen: Competence is vital for industry’s sustainability

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

OWASP Top 10 IoT: Understanding cyber threat

by The Editorial Team
February 4, 2020
in Cyber Security, Shipping
Cyber Security Workbook for On Board Ship Use

Credit: Shutterstock

FacebookTwitterEmailLinkedin

In its February 2020 newsletter the Korean Register informs that that the goal of the OpenWeb Application Security Project (OWASP)’s  Things Internet Project is to help manufacturers, developers, and consumers further understand more accurately the security issues associated with the Internet of Things and further help users make wiser decisions in terms of security when building; distributing or evaluating IoT technology. Namely, in the infographic provided, OWASP informs about the ten vulnerabilities concerning the IoT.

 

Vulnerability 1: Easy passwords, inferred passwords or hardcoded passwords: OWASP informs that “using public authentication information or unchangeable authentication information that allows firmware or client software to be easily exposed to indiscriminate subpoena attacks, or to grant unauthorized access to distributed systems, including backdoors.”

RelatedNews

Amendment in standard for bodies providing audits and certification of information security management systems

Nautical Institute Singapore Conference 2022 reveals speaker line-up

Vulnerability 2: Insecure Network Services: “The unnecessary or unsafe networking service (especially the one exposed to the Internet) that undercuts the confidentiality, integrity/trust or availability of information or allows unauthorized remote control as it runs on the device itself.”

Vulnerability 3: Insecure Ecosystem Interface: “The unsafe web, back-end API, cloud or mobile interface of the device’s external ecosystem that allows for device or related components to be violated. Common problems include the absence of authentication/approval, the absence or weakness of encryption, and the absence of input/output filtering.”

Vulnerability 4: The absence of safe update mechanism: “The absence of a function to safely update your device. This includes a firmware verification member of the device, a member of a secure transmission method (not encrypted during transmission), a member of a rollback prevention mechanism, and a member of security change notification due to updates.”

Vulnerability 5: Use Unsafe or Out-of-Line Components: “Use software components/libraries that cause device infringement that are either unavailable or unsafe. This includes unsafe modifications of operating system platforms, and the use of thirdparty software or hardware components from the infringed supply chain.”

Vulnerability 6: Insufficient Privacy: “The user’s personal information is stored in the device or ecosystem and used unsafely, inappropriately, or without user permission.”

Vulnerability 7: Insecure Data Transfer and Storage: “The encryption or access control of sensitive data is not performed anywhere in the ecosystem, including storage, transmission or processing.”

Vulnerability 8: Absence of Device Management: “The absence of security support, including asset management, update management, safe disposal, system monitoring and response capabilities for devices deployed in production.”

Vulnerability 9: Unsafe default settings: “A device or system shipped in an unsafe default state, or a lack of function to more securely protect the system by restricting configuration modification by an operator.”

Vulnerability 10: The absence of physical protection: “No physical protection means, so potential attackers can acquire sensitive information to use for future remote attacks or take control of the device.”

Credit: OWASP Top Ten
Tags: cyber incidentscyber riskInfographicKorean RegisterKR

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

audits

Amendment in standard for bodies providing audits and certification of information security management systems

August 10, 2022
nautical institute

Nautical Institute Singapore Conference 2022 reveals speaker line-up

August 10, 2022
MARITIME EVENTS

RISK4SEA Facts

Did you know the record of the deficiencies for 2020 in General Cargo? 48 was the record number of deficiencies in one detention in Antwerpen, Belgium.

Learn more risk4sea.com

Explore

  • Safety
  • Green
  • Smart
  • Risk
  • Others
  • Events
  • Plus

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Contact

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Alerts
    • Accidents
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.