The public conversation regarding cybersecurity and the maritime industry is growing. Until recently, reports of known cyberattacks stayed largely under the radar and potential cyber exploitations were discussed in general terms. One could argue the Petya ransomware attack impacting Maersk in June was the tipping point. Instances of discovered cyber vulnerabilities within maritime systems and actual hacking events have become more prevalent. There have been many in the last few weeks so we wanted to share a few headlines.
Hackers take control of container ship’s navigation system
IHS Fairplay reported that in February, hackers took control of the navigation systems of a German- container vessel for 10 hours. The attack was carried out by “pirates” who gained full control of the vessel’s navigation system intending to steer it to an area where they could board and take over. The crew attempted to regain control of the navigation system but IT experts had to be brought in and software eventually installed to block outside influences on the ship’s IT systems.
Container stowage plans vulnerable to hacking
Security company Pen Test Partners has warned that container ship stowage plans can be hacked. The issue stems from the absence of security in a messaging system used to create ship loading and container stowage plans from the electronic messages exchanged between shipping lines, port authorities, terminals and ships. Hackers can deliberately manipulate the load plan.
Vulnerabilities found in ship communication system
IOActive has discovered two flaws in the AmosConnect 8 web platform, which ships use to monitor IT and navigation systems while also facilitating messaging, email, and web browsing for crewmembers. Compromising AmosConnect products would expose extensive operational and personal data, and could even undermine other critical systems on a ship meant to be isolated.
Shipbroker hit by cyber security breach
On November 29, the world’s largest shipbroker, Clarkson PLC, became the victim of a targeted hacking incident in which a single user account was used to gain unauthorized access to the company’s computer systems.
What can maritime organizations learn from these recent headlines? Here are a few key takeaways that Gnostech continually emphasizes:
- Patching all computers, servers, and network appliances is critical to protecting a company’s organizational network.
- Not all attacks can prevent your systems from being attacked or breached, but keeping systems patched increases your security posture.
- Limit user access to system administrator tools.
- Develop an incident response plan if a company is attacked and breached by malware.
- Create plans to ensure computers and other systems meet strict engineering configuration management compliance requirements.
- Supply Chain Risk Management (SCRM) and interconnectivity to IT infrastructure are critical risk management components.
Good cyber hygiene practices are everything, and these takeaways are based on sound engineering practices that Gnostech deploys everyday with its customers. Contact us today to see how we can help improve your security posture with the necessary technical and engineering safeguards.
About Gnostech Inc.:
Gnostech Inc. is an applied engineering and consulting company with expertise in information assurance and cybersecurity engineering, and major combat and space systems development and integration. For more information, visit www.gnostech.com or stay connected by following us on LinkedIn or @GnostechInc in Twitter.