Insights | Hatteland Technology

Common cyber-security vulnerabilities in ships

Written by Hatteland Technology | Aug 16, 2022 @ 12:41

Despite growing awareness, ships remain at risk from cyber-attacks. Here’s a run-through of some of the most common vulnerabilities.

 

"According to our research, more than six in 10 industry professionals expect cyber-attacks to cause ship collisions (60%) and groundings (68%)
within the next few years.”

Quote from the DNV report
Maritime Cyber Security Priority 2023

 

The SMM Maritime Industry Report 2021 found that 84 percent of shipowners and ship operators consider cyber security important or very important.

Their concern is not without merit; global supply chains have become favored targets for cyber criminals, as evidenced by attacks on numerous shipping companies in recent times. A marine cyber risk consultancy reports of “one new incident per day on average” (2021).  

While it's encouraging to see the shipping industry gaining awareness on the issue, it appears there’s plenty of work ahead. Digitalization is transforming every part of the value chain, which—for all the good it promises—comes with challenges. According to one ethical hacker, it’s not unusual for vessels to be “wide open to cyber attack”.

So, what are the common weak spots?

In their excellent publication “The Guidelines on Cyber Security Onboard Ships” (sic) BIMCO lists some of the systems where you’re the most likely to have vulnerabilities.

Let’s look at what they are, and how you evaluate them.

 

"Often it’s easier (…) to hack the companies that operate in ports and airports
than it is to access an actual aircraft or vessel."


Source: CNBC.com


Vulnerable systems on board

Cargo- and loading management systems

Today, docking isn’t just done by rope. Loading, management, or control of cargo usually involves connecting the ship’s digital systems to ports, marine terminals and stevedors.

When connected to shore, your ship is more vulnerable to cyber incidents.

Per a CNBC article: "Often it’s easier (…) to hack the companies that operate in ports and airports than it is to access an actual aircraft or vessel."

Bridge systems

Digital, network navigation systems have revolutionized the ship’s bridge. But without robust defenses, they can be entryways for malicious actors.

Even if your bridge system is kept isolated from other networks, it can still be vulnerable. Software updates via removable media can pose a cyber-security threat, as they could give malware a way into your network.

Should the bridge system fall prey to a cyber attack, such as service denial or data manipulation, it can affect all systems associated with navigation. It's worth noting that outdated bridge operating systems—i.e. without malicious influence—can also debilitate the ship.

Propulsion- and machinery management

There are many benefits to controlling and monitoring machinery, propulsion and steering via digital systems. Just remember to account for cyber threats.

Vulnerability here will vary with the level of interaction with other systems, such as remote condition-based monitoring and/or navigation and communications equipment.

 

Access control systems

It’s common to use digital systems for access control, to ensure the physical security and safety of the ship and its cargo. Such systems, which include surveillance equipment, and shipboard security alarms, can be vulnerable to cyber incidents.

Passenger-servicing and -management systems


Passenger servicing and -management involve, to a larger and larger extent, digital devices like tablets, handheld scanners and so forth. Vulnerabilities in endpoints like these can jeopardize passenger data and/or connected systems.

Passenger-facing public networks

BIMCO recommends that networks connected to the internet, installed for the benefit of passengers, should be considered uncontrolled.

Vulnerability can be minimized by keeping such networks isolated from any safety critical system on board.

Administrative- and crew welfare systems

Onboard computer networks play a key role in administration of the ship and in maintaining the welfare of the crew.

When such networks are connected to the Internet (for crew access to the Internet and email), they should be considered uncontrolled and be kept isolated from any safety critical system on board.

Communication systems

Internet connectivity via satellite or other wireless communication makes the ship more vulnerable. BIMCO recommends that the service providers’ cyber defense mechanisms be “carefully considered but should not be solely relied upon to secure every shipboard system and data”. 

Those (shipboard) systems include “communication links to public authorities for transmission of required ship and cargo reporting information” as well as “shipboard capabilities to collect data from and interrogate devices and data loggers affixed to containers for onward transmission to designated recipients ashore”

BIMCO recommends strictly complying with applicable authentication and access control management requirements by local authorities.

How to find vulnerabilities

 

The reality is that an aeroplane or vessel,
like any digital system, can be hacked.

 David Emm, principal security researcher
at Kaspersky, to CNBC.

 

All the systems mentioned above are made up of various components that may have vulnerabilities and weaknesses. Thus, vulnerability assessments play an important role in your cyber-security efforts.

Per BIMCO’s guidelines, each system can be evaluated via probing questions. See the box below for examples.

Questions that can uncover vulnerabilities in a system

  • Is the system stand-alone or is it connected to other systems?
  • Is the system connected externally, either directly or via other systems?
  • Does the system have effective, built-in risk mitigation measures such as encryption?
  • Does the system require regular software updates?
  • Does operating the system involve connecting removable devices, for example to obtain diagnostic information?
  • Is the system easy to physically access?
Source: BIMCO

 

Where to go from here

Cyber crime is no doubt a serious threat, but remember: You're not powerless against it. Simply knowing where you might be vulnerable is a great start. In this article, we've addressed some of the most common weak points in a ship: 

 

  • Cargo- and loading management systems

  • Bridge systems

  • Propulsion- and machinery management

  • Access control systems

  • Passenger-servicing and -management systems

  • Passenger-facing public networks

  • Administrative- and crew welfare systems

  • Communication systems

 

If you're ready to learn more about cyber-security at sea, the complete BIMCO guidelines are helpful. DNV's Recommended Practice is also informative. And here’s our own piece on how to secure your industrial network.

Keep in mind these are general guidelines. Always consult with cyber-security professionals for matters specific to your company. 

Thanks for reading, and stay secure!

 

💡 Did you know?

The Moxa EDS4000 series of managed switches was the world’s first networking device to obtain the Industrial Cybersecurity certification IEC 62443-4-2. Read more about them here: 

5 pieces of IT hardware for the cyber-secure vessel

 

Recommended reading:

What 'type approved' means for maritime electronics
TEMPEST certified display solutions protects classified information
An introduction to computer networks on board ships
What is a smart ship?

 
View full post