Shipping is shrugging off its digital dinosaur image and embracing new technology in more and more areas of onboard ship operation. However, in doing so ship operators and crew need to grow their awareness of some of the problems that this can create.
In this article, the issue of Windows operating systems updating was explored but there are far more vulnerabilities for an internet connected ship or for any networks on board that may be stand alone.
An operating system is the foundation for any computer, but it alone does not make that device useful, that is the province of the various applications that are installed on the computer or the network.
Over the years many software developers have turned their attention to maritime related applications. These can range from ship management suites that integrate almost every aspect of ship management from stores, voyage performance, operational data, certificate management, crewing, medicine chest management and more to single applications for any one of those areas and more specialist apps for stowage and stability calculations, weather routeing, passage planning or voyage calculations.
The vast extent of today’s shipping software market can be judged by the number of organisations taking stands at the major exhibitions where for several years now whole halls have been devoted to digital technologies.
In addition to these commercial offerings there are many more apps developed by seafarers or maritime specialists that can be downloaded for use on apple and android devices that crew may use on board. Add to that the vessel tracking and shipping/maritime news and entertainment services and it becomes apparent that the number of apps running on board could easily run into dozens if not hundreds.
Just as with the main operating systems, these apps are likely to update on a regular basis and this can be done either automatically or manually once notification of an update has been transmitted. This updating can be a source of vulnerability to cyber attacks and should be carefully monitored. The updating procedure can also create problems if interrupted – an ever present threat for ships where the internet connection may be fragile under some circumstances – and cause the application to cease operating or to malfunction.
When it comes to vulnerabilities of shipboard networks, one of the factors often overlooked are the various devices attached to or integrated within the network. These can be mice and touchpads, keyboards, monitors, speakers, microphones, cameras, printers, bluetooth controllers and more. All of these require a driver to function correctly.
In the most fundamental sense, a driver is a software component that lets the operating system and a device communicate with each other. There are also drivers that work as intermediaries between software applications and the function driver that controls the device.
It is possible for these drivers to become corrupted so that a device ceases to function properly.
In the early days of computing, once a device was connected to a network the set-up software that came with it needed to be installed for the device to run. The devices were rarely upgradeable and if a driver became corrupted then it was only necessary to re-install the software from the disc that came with the device.
In some devices, the drivers were installed within the device and no additional software was needed. These so-called ‘plug and play’ devices were however limited to the state in which they were supplied. Today, it is very common for devices to be upgradeable by way of new firmware. Some devices require this to be done manually but others will communicate via the internet to check for updates on a regular basis.
Printers – generally the most innocuous of devices – often fall into this category. Most users’ concerns with printers are poor print quality and regular replacement of ink cartridges. Few would consider them as one of the main chinks in the armour of an onboard network. But they are.
This link to the online cyber security specialist Cybernews.com details how the organisation used the remote firmware updating of printers to raise awareness of this vulnerability. Cybernews makes the point that once cybercriminals get their hands on your printer, they can do all sorts of nasty things, including:
- Accessing copies of sensitive or confidential documents stored in your printer
- Sending unauthorised print jobs
- Launching DDoS attacks
- Making you subscribe to popular YouTube channels
Printer vulnerability was also discussed on another cyber security website. This article describes how a cyberattack was launched on 150,000 printers installed around the globe by a hacker called Stackoverflowin. The good news is that the hacker did it for fun and to spread awareness on how vulnerable internet connected printers are to cyber crooks. The printers concerned included models from all the major manufacturers.
Depending upon the ship operator, attaching peripheral devices might be limited to certain personnel ashore or onboard but in many shipping companies, little thought is given to the potential threat and how the onboard network is managed is left to the officers and crew to decide. In particular, adding a new printer costing around $50 would hardly warrant a company IT specialist to travel to the ship to link it to the network.
Getting back on track
Whatever the reason a computer network or elements of it has become unusable, restoring the system is the most urgent task. This process is known as recovery and typically requires a diagnosis of the problem, and then finding and implementing a solution.
If the operating system or critical files have become corrupted, recovery is usually achieved by reinstalling the operating system or perhaps using the system’s inbuilt recovery system. In windows this is called System Restore. Reinstalling the OS requires specialist skills and should not be attempted as the first option as it could mean that files on the system that might be recoverable and applications are deleted entirely.
System Restore will attempt to restore the system to its last stable state preserving most if not all files. It would be prudent for this type of operation to be included in a company Safety Management System and written instructions of how to carry it out be available in hard copy on the ship.
Protecting essential files – some logbooks are now allowed to be digital – should be done by way of regular back-ups. Ideally back up files should be recorded on a separate storage medium such as a second hard drive or external storage. If cloud storage is available on the company network or via a third party this will make the information more secure and recoverable.
Depending upon the OS of the onboard network, it may be possible for a third party to access the system and carry out the recovery process remotely. Third party assistance can also be useful in storing files and data away from the onboard network. An example of this is the GTReplicate service offered by GTMaritime.
GTReplicate provides the function to be able to automatically save files and data either onshore or integrated with something like Sharepoint. In the event of a system failure in the onboard network, it would be possible to retrieve the data and return it to the vessel.
If the failure is caused by a hardware malfunction such as a hard disk, CPU, or motherboard, then these will have to be replaced. Specialist help will be needed to do this unless someone on board has the appropriate training.