Cyber security in the maritime sector
The threat to the maritime industry from cyber attacks has significantly increased over the last five years as ships have become more and more reliant on technology within day-to-day operations.
The importance of maritime security
Many systems that were once physically isolated, such as navigation and engine control have now become connected to the Internet, significantly increasing their exposure to attack. A situation in which a ship’s navigation system is remotely attacked over an insecure Internet connection, or an engine management system infected by malware could have serious consequences. At minimum, a day’s delay to cargo could cost operators vast sums of money; at worst, a navigational failure could cause an accident that could potentially place lives in danger.
We live in an increasingly connected world and operational technologies are no longer separated from corporate IT systems. This makes a hacker’s job a lot easier. It only takes one weakness to put the whole network at risk, which could impact production, reputation and ultimately the bottom line.
It is no different for the maritime sector. The weakest point in harbours, ships, tankers, ECDIS or oil rigs could lead to a breach of the entire network.
Control systems are becoming more complex and the expectation of remote access is on the rise. However, the technical competence of attackers is also increasing. Older, less secure control protocols are now connected to the Internet and attackers are becoming more interested in non-conventional IT and radio frequency technologies.
- The main office provides a gateway for hackers. Enabling them to gain access to electronic systems communicating with ships and rigs.
- Systems managing shipping ports will need protecting from cyber criminals or even attacks from nation states.
- Downtime or mechanical delay due to loss of critical systems impacts financially and operationally.
Ships & tankers
- Loss of control of key systems and controls could lead to major health and safety incidents.
- Attackers could interfere with the GPS signal to cause issues with the dynamic positioning.
- Wi-Fi connections for both corporate and non-corporate use could act as entry points for hackers.
Electronic Chart Display & Information System (ECDIS)
ECDIS brings many benefits and provides great assistance with navigation, but it also represents an increasing attack surface.
- ECDIS can be accessed through a USB stick, an online chart update, or through other electronic on-board systems.
- Incorrect chart data could put vessels at risk, as pirates may use a cyber attack in conjunction with a hijack attempt.
- Lack of security awareness is a threat. Employees could click on a malicious link, unwittingly executing malware, which ultimately could result in remote compromise of systems on the rig.
- Loss of critical operational systems on rigs could be financially devastating, or worse still, could cause fatalities.
- The threat of hacktivism is growing. Large DDoS attacks could cause critical systems to malfunction.
Maritime cyber protection
At NCC Group we offer a range of security solutions and have worked with experts from the Baltic and International Maritime Council (BIMCO) to develop a set of cyber security guidelines. These are now accepted as global best practice.
A review of your existing security controls is the first part of the strategic preparation.
We then present a detailed report, which highlights gaps between your policy, procedure, controls and that of the BIMCO best practice guide.
During our technical assessment we evaluate the security of on-board networks and systems to determine where vulnerabilities may exist that could be exploited by an attacker to gain access to data or threaten the safety of the ship.
We focus on safety-critical systems including ECDIS,GMDSS, GPS, engine & steering management and inventory control systems.
It is no longer sufficient for an organisation to rely on “if an attack occurs”, organisations have to work on the basis that “an attack will occur”, and prepare accordingly.
NCC Group’s Incident Response service provides you with all the components you need to effectively handle and respond to a breach.
Our team has the experience and capability to deal with any cyber emergency incident, from state sponsored attacks through to less sophisticated attacks that still bypass traditional network defences.
Read more about NCC Group's marine expertise
- Presentation: Marine Cyber Security: Threats and Opportunities
- Research Insights Volume 4 - Sector Focus: Maritime Sector
- Blog: Guidance Through Dangerous Waters: Guidelines for Cyber Security Onboard Ships
- Whitepaper: Preparing for Cyber Battleships – Electronic Chart Display and Information System Security
- Presentation: Threats and vulnerabilities within the Maritime and shipping sectors
- Blog: Batten down the hatches: Cyber threats facing maritime DP operations