Good cybersecurity ultimately comes down to three things: systematic software management; safeguards against electronic frequency attacks; and procedures for physical protection, explains Mike McNally in the latest addition to our growing series on YouTube, Vimeo and on the GTMaritime Partner Portal.
The root-cause of the much-cited incident on Maersk was poor software patching. It vividly showed how quickly malware can spread through a corporate network – even one secured with VPNs – once it has gained a single point of entry. Promising to keep systems up to date and making it happen in practice are two very different things.
The recent attack on the Port of San Diego brought systems to a standstill within a week. Recovery took months. While email remains the predominant entry point for malware, the San Diego incident was precipitated by a lapse in physical security. When service engineers bring their laptops aboard, are you certain about what they contain?
Electronic frequency attacks (EFAs) may sound like something out of a James Bond movie, but they can be as simple as GPS jamming. GPS spoofing – tricking a ship into believing it is somewhere that it is not – is a lot harder to pull off, but not entirely impossible. The same cannot be said for spoofing the onboard AIS by creating phantom ships and targets.
No ship can protect itself from all attacks but identifying and understanding vulnerabilities along with regular rehearsals of processes and procedures will put owners and operators in a much better position when the inevitable happens.
For this reason, taking a systematic approach to software management, making sure crew know how to respond to a real or suspected EFA, and putting in place robust procedures to minimise physical exposure are fundamental to shielding ships from cyber catastrophes.
Contact GTMaritime for information about cybersecurity here