π Protecting Vessels & Maritime Operations from Cyber Threats
Competent β’ Trusted β’ Experienced
The Growing Cyber Threat
1,800+
Vessels Targeted in First Half of 2024
60M
Monthly Cyber Attacks on Major Ports
31%
Maritime Professionals Reported Cyber Intrusion
80%
Incidents Start via USB Drives
Real-World Cyber Attack Examples
π’ Maersk - NotPetya Ransomware (2017)
Attack Type: Ransomware
What Happened: Global IT systems shut down within minutes. Unable to identify cargo. Ports worldwide reverted to manual, paper-based processes.
π° Financial Impact: $300 million in losses
β Port of Seattle (August 2024)
What Happened: Critical systems crippled including phone networks and email services.
β±οΈ Duration: 3 weeks of disruption
π Brunswick Corporation (June 2023)
What Happened: Cyberattack disrupted operations across the marine giant.
π° Financial Impact: $85 million | β±οΈ Duration: 9 days
Types of Maritime Cyber Threats
π£ Phishing & Social Engineering
Deceptive emails designed to trick crew into revealing information or downloading malware.
- Fake emails from port authorities
- Spoofed messages from ship owners
- Malicious attachments
- Credential harvesting
π Ransomware
Encrypts systems and demands payment to restore access.
- Disrupts navigation systems
- Locks cargo management
- Prevents communication
- Halts port operations
π‘ GPS Spoofing
Manipulates GPS signals to mislead navigation.
- Navigation to wrong coordinates
- Collision risks
- Unauthorized detours
- Entry into restricted waters
π¦ Malware via USB
80% of incidents start here!
- Unknown USB drives
- Infected software updates
- Compromised systems
- Supply chain attacks
Critical Vulnerable Ship Systems
π§ Navigation Systems
- ECDIS - Electronic Charts
- GPS/GNSS - Positioning
- ARPA - Radar Plotting
- RADAR Systems
Risk: Wrong course, collisions, grounding
π‘ Communication Systems
- VSAT - Satellite Communications
- AIS - Identification System
- GMDSS - Distress & Safety
- Email and Internet
Risk: Loss of communication, isolation
β‘ Propulsion & Power
- Engine Control Systems
- Power Management
- Steering Control
- Dynamic Positioning
Risk: Loss of propulsion, power blackout
π¦ Cargo Systems
- Cargo Management Systems
- Ballast Control
- Refrigeration Systems
- Tank Level Monitoring
Risk: Cargo damage, stability loss
IMO Cyber Risk Management Framework
Five Functional Elements
IMO Resolution MSC.428(98) - Required in SMS by January 1, 2021
1
IDENTIFY
Define roles and identify systems, assets, and data that could be threatened.
- Inventory all IT and OT systems
- Identify critical systems
- Assess potential threats
- Map system interconnections
2
PROTECT
Implement processes and measures to protect against incidents.
- Network segmentation (IT from OT)
- Access controls and authentication
- Regular software updates
- Firewall and security software
- USB and removable media controls
3
DETECT
Develop activities to detect cyber incidents timely.
- Continuous network monitoring
- Anomaly detection systems
- Log analysis and review
- Regular security audits
4
RESPOND
Take action when cyber incidents occur.
- Incident response plan
- Communication procedures
- Containment strategies
- Notification of authorities
5
RECOVER
Identify measures for backing up and restoring systems.
- System restoration procedures
- Data recovery from backups
- Lessons learned analysis
- Business continuity planning
Cybersecurity Prevention Best Practices
β Essential Prevention Measures for All Crew
π Password Security
- Use strong, unique passwords (12+ characters)
- Enable multi-factor authentication
- Never use default passwords
- Change passwords regularly
- Don't share credentials
πΎ USB & Removable Media
- NEVER insert unknown USB drives
- Scan all USB devices before use
- Use only company-approved devices
- Disable USB ports on critical systems
- 80% of incidents start with USB!
π§ Email Safety
- Verify sender before opening attachments
- Watch for phishing signs
- Don't click on unknown links
- Report suspicious emails immediately
- Use email filtering
π Network Security
- Segment networks (IT separate from OT)
- Use firewalls on all connections
- Disable unnecessary services
- Monitor network traffic
- Secure Wi-Fi networks
πΌ Physical Security
- Lock screens when away
- Secure server rooms
- Control bridge access
- Properly dispose of equipment
- Escort visitors
π Training & Awareness
- Regular cybersecurity training
- Simulated phishing exercises
- Incident response drills
- Stay informed about threats
- Promote security culture
Key Cybersecurity Messages
π― Critical Points to Remember
- β Cybersecurity is everyone's responsibility - not just IT
- β 80% of incidents start with USB drives - never use unknown USBs
- β Think before you click - verify emails and links
- β Passwords are your first defense - make them strong
- β Updates save ships - keep systems patched
- β Report immediately - early detection is critical
- β Train regularly - threats evolve constantly
- β It takes 140 days on average to detect an attack - stay vigilant
- β $300M lesson from Maersk - cybersecurity is critical
Regulatory Requirements
π IMO Requirements
- Resolution MSC.428(98)
- Cyber risks in SMS by Jan 1, 2021
- MSC-FAL.1/Circ.3/Rev.3
- Annual verification required
βοΈ IACS Requirements
- UR E26 - Operational aspects
- UR E27 - Onboard systems
- Mandatory from July 1, 2024
- Applies to 500+ GT vessels
πΊπΈ U.S. Coast Guard
- Cybersecurity plans by July 2027
- Designated Cybersecurity Officer
- Multi-factor authentication
- Regular penetration testing