SlideShare a Scribd company logo

Maritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία

Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD
Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD

Maritime Cyber Security Κυβερνοασφάλεια και Ναυτιλία

Technology
1 of 159
Παπαδάκης Κων/νος Αναλυτής Επιχειρήσεων Κυβερνοχώρου και Σύμβουλος Κυβεροάμυνας-Κυβερνοασφάλειας Papadakis Konstantinos Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant Cyber Security Consultant “Maritime Cyber Security and Risk Management” “… If cybercrime was a country, it would have the 13th highest GDP in the world… “Κυβερνοασφάλεια και Ναυτιλία”
Περιεχόμενα ☺ Facts-Opinions ☺ Statistics ☺ Threats ☺ Cyber VS Shipping ☺ Problems ☺ Vulnerabilities ☺ Threats-Incidents ☺ Standard-Guidelines ☺ Risk Management ☺ Conclusions Temet Nosce
☺ Facts-Opinions ☺ Statistics ☺ Threats
Opinions Temet Nosce Facts-Opinions PART 1 Cyber Security
The Cyberization of Risk-Everything is connected Law 1: Everything that is connected to the Internet can be hacked Law 2: Everything is being connected to the Internet Law 3: Everything else follows from the first two laws The impact of a cyber event can cascade and across an organization, reinforcing the magnitude of its impact Temet Nosce
Opinions Temet Nosce
Opinions * https://www.gnostech.com/maritime-blog/petya-maersk-one-year-later/ “…the maritime industry needs to be better equipped to face the next cyberattack, whether globally, like Petya, or specifically targeted at individual organizations. To do so, maritime organizations must implement the proper security and access control measures to ensure sensitive data does not end up in the wrong hands leading to system and network compromise. Additionally, when attacked, maritime and port organizations must be prepared to respond to cyber-attacks and have contingency plans in place to minimize the disruption to operations and commerce …” Lars Jenson Sea Intelligence Consulting “…weak security is endemic in the shipping industry, noting that some 44% of carriers show signs of low levels of cybersecurity related to very basic elements, such as patching. Temet Nosce
Opinions Temet Nosce Statistics PART 1 Cyber Security
Statistics: Cyber Attacks (Impact-Likehood) https://www.climatealliance.org.au/blog/2018/global-risks-landscape-global-risks-report-2018-wef Temet Nosce
Statistics: Rising Cyber Dependency https://knowledge.unccd.int/publications/global-risks-report-2018 Rising Cyber Dependency Temet Nosce
Opinions Temet Nosce Threats PART 1 Cyber Security
General Cyber Threat Trends Threats are increasing ➢ Hacking tools are widely available and simpler to use ➢ The potential impact of cyber attacks continues to grow Hacker motivations are changing ➢ No longer egocentric ➢ Shift to professional cyber criminals (money motivated) Certain common factors enable threat actor success ➢ Economy of organized cybercrime ➢ Inter-connected systems ➢ Organizational failure to implement cyber hygiene Temet Nosce
Attackers come in many guises … Disruption Espionage Financial Insiders Outsiders Hacktivists Nation states Criminal organizations Terrorists Hackers and Amateurs Criminal aims Disgruntled employees Unintentional Temet Nosce
Cyber Security in a nutshell – a continuous approach! What to Protect? Ship, platform organization people What to protect against? Terrorists, cyber crime, … How to protect? People, Processes and Technology Assets Threats Protective measures Vulnerability and Risk assessment modeling Detection, testing, monitoring, review Acceptable risk? Temet Nosce
It is not only about software and technology PROCESS • Management systems • Governance frameworks • Policies and procedures • Vendor/Third party contract follow up • Audit regimes TECHNOLOGY • System design, design review • Software configurations • Inspection/verification • Testing ✓ Functional testing ✓ Vulnerability scanning ✓ Penetration test PEOPLE • Training and awareness • Professional skills and qualifications • Written procedures • Authorizations • Physical security Temet Nosce
☺ Cyber VS Shipping ☺ Problems ☺ Vulnerabilities ☺ Threats-Incidents
Opinions Temet Nosce Cyber & Shipping PART 2 Cyber Security in Shipping Industry
Safety in shipping today heavily depends on cyber systems Temet Nosce
Cyber risks are present and migrating to the OT world Temet Nosce
Cyber risks are present and migrating to the OT world Temet Nosce
Is cybercrime really a big problem? The UK government is investing £1.9 billion in cyber-security over the next five years The global cost of cybercrime will reach $2 trillion by 2019 Of 383 organisations asked who suffered at least one data breach in 2016, the average cost per breach was $4 million In 2017 the International Data Group (IDG) detected 38% more cyber-security incidents than the year before Temet Nosce 48% of data security breaches are caused by acts of malicious intent. Human error or system failure account for the rest.
Impact on the Maritime Supply Chain Temet Nosce Hacking into on-line services – including cargo and consignment tracking systems. Phishing and links to malware & false web sites. Infection via removable media – flash drives. Fraudulent Web set up (disclosure of information/reputational damage).
Impact on the Maritime Supply Chain Temet Nosce Hacking into navigational systems (ECDIS). AIS/GPS Spoofing. Impersonation Fraud Average cost of a cyber fraud at $120K per attack/incident. ➢ Interception and redirection of cash to master funds. ➢ Creating false invoices and accounting details for services such as annual lifeboat certification
Threat Environment Cybersecurity - Intentional exploitation ➢ External bad actor ➢ Internal bad actor Cybersafety - Accidental corruption ➢ Accidental corruption ➢ Software or configuration errors IT Attack Methods OT Protocols System Knowledge Require set of Skills Temet Nosce
Opinions Temet Nosce Problems PART 2 Cyber Security in Shipping Industry
Keep in mind….. Vessel Digitization IT vs OT Temet Nosce
Vessel Digitization Temet Nosce 6
Transforming the shipping industry-Entering the digitization era Computerized systems will transform the shipping industry Smart–autonomous or even automated ships Temet Nosce
From Digital Ship to the Autonomous Ship Smart ships don’t represent a ‘stand-alone’ technology. Short to Medium Term From the Digital Ship to the Intelligent Ship: The exploitation of big data acquisition, communications and analytics to introduce intelligent, real-time and proactive decision-making in the design, operation and maintenance of ships Medium to Long Term From the Intelligent Ship to the Autonomous Ship: The exploitation of sensors and robotics technology to replace human operators, leading to semiautonomous ships (e.g., engine-room crewless ships) or fully autonomous ships (remote controlled) They are a manifestation and exploitation of integrated, networked technologies (e.g. sensors, robotics, big data, advanced materials, and communications) Digital Ship Intelligent Ship Autonomous Ship Temet Nosce
Common Challenges in Shipping Competitive Imperatives ➢ Executives must accept a certain level of cyber attack risk Pervasive cybersecurity implication ➢ Cyber risk touches every business function across a shipping company ➢ Adoption of risk-based strategies Difficult to quantify Cyber Risk ➢ No single quantitative metric (value at risk) for cyber security ➢ Harder to communicate the urgency to ship owners. Difficult change behavior * McKinsey & Co, Why SENIOR Leaders are the front Line AGAINST Cyber Attacks Temet Nosce
How cyber aware is the shipping industry? Urgency for action becoming gradually understood ➢ Why…????? ☺ No apparent ship-related cyber attacks ☺ No mandatory framework from related shipping organizations ☺ Other regulations affect maritime stakeholders (GDPR, NIS) * McKinsey & Co, Why SENIOR Leaders are the front Line AGAINST Cyber Attacks Priority Understand how these affect the industry in order to minimize cost Cyber security as Return of Investment-ROI Temet Nosce
Crew Connectivity Report 2018 * Chatham House Report Crew Connectivity Temet Nosce
Crew Connectivity Report 2018 * Chatham House Report Internet access in selected sectors Temet Nosce
Crew Connectivity Report 2018 * Chatham House Report Responsibility Temet Nosce
Crew Connectivity Report 2018 * Chatham House Report Training Requirements Temet Nosce
Events: IMO’s Facilitation Committee - 40th Session, Meeting April 4th - 8th 2016 The Facilitation Committee is expected to identify the facilitation aspects with regards to protecting the maritime transport network from cyber threats, with a view to developing voluntary maritime cybersecurity guidelines, including best practices. Cyber Security Temet Nosce
Internet of Things Cyber Risk Insight: Mobile Computing …Easy access to the internet onboard ships is a key requirement if young people are to be attracted into the seafaring profession, according to speakers at a World Maritime Day IMO symposium on maritime education and training... ILO MLC 2006, Title 3 Amendments List the requirements for recreational facility amenities that include but are not limited to some or all of the following: PC equipment Communication facilities, including email and internet access… Temet Nosce
Opinions Temet Nosce Information Technology (IT) VS Operational Technology (OT)
What is “Cybersecurity”? Cyber Security is NOT: ➢ Information Technology (IT) ➢ Compliance (ISO, ISM Code,…etc) ➢ Silver Bullet Solution Cyber Security IS: ➢ Sustained Risk Management Activity-function, designed to provide a standard of care. ➢ Cultural Change and business transformation. ➢ Mission and business of protecting the entire enterprise. ➢ Nod between User AND Corporate Awareness (All of you!!!!) Temet Nosce
Maritime Industry Snapshot Mixture of corporate & local cybersecurity governance Varying levels of automation Humans-in-the-loop in key processes Dependence on vendors Emerging cybersecurity cultures Increased demand for business & control network integration Temet Nosce
Information Technology (IT) Spectrum of technologies for information processing, including software, hardware, communications technologies and related services. Transaction Processing Systems Decision Support Systems Executive Info Systems Management Information Systems Temet Nosce
Operational Technology (OT) Hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes, and events in the enterprise Temet Nosce
IT vs and OT Information Technology (IT) Store & process information Operational Technology (OT) Manage physical devices & processes Temet Nosce
Different Consequences of System Exploitation Operational Technology (OT) Consequences Information Technology (IT) Consequences Financial Impacts Physical Impacts Temet Nosce
Opposite System Priorities Confidentiality Preserving authorized restrictions Integrity Performing its intended functions Availability Ensuring timely & reliable access Highest Information Technology (IT) System Priorities Operational Technology (OT) Lowest Highest Lowest Temet Nosce
IT/OT Convergence Traditionally, IT & OT networks have operated independently New technologies enable better control, enhanced monitoring, & cost savings Data analytics to increase process efficiency, reliability, & lifespan Temet Nosce
IT/OT Convergence Temet Nosce
IT/OT Convergence Temet Nosce
Trends in OT Systems Use of new technologies Increased automation Increased connectivity (IoT) Greater complexity Remote access Big data & data analytics Temet Nosce
Common OT System Vulnerabilities Immature cybersecurity governance over OT Remote and direct access to OT systems by vendors Use of old and inherently insecure technology Unsecured physical ports Temet Nosce
Trends in Physical Security Systems Migration to digital technology Use of wireless equipment Lack of cybersecurity expertise Division of cyber & physical security Outsourcing of security systems Temet Nosce
Threats to Physical Security Systems Causing system outages Gathering sensitive data Creating fake identities Creating false situational awareness Neutralizing alarms Temet Nosce
Common Physical Security Systems Vulnerabilities Non-segmentation of business & security networks Direct physical access to equipment Exploitation of wireless devices connections Sharing camera feeds with 3rd parties Uncontrolled remote access by security vendors Temet Nosce
Opinions Temet Nosce Vulnerabilities PART 2 Cyber Security in Shipping Industry
Are Ships Vulnerable? Temet Nosce
So What’s Vulnerable? Supervisory Control & Data Acquisition (SCADA) equipment and Industrial Control Systems (ICS) for loading/unloading of bulk/containerized cargo Cargo / Terminal Management Systems Domain Awareness / Navigational Systems - RADAR, AIS, VTS/VTMS Any Business Software Application: ➢ email, financial, human resources, finance, logistics, business operations, etc. - Think “ERP”. Any Operating Systems (e.g. Microsoft, Linux) Security Systems - CCTV, Access Control Mobility devices and platforms - RFID Communications Systems Employees (insiders) Temet Nosce
Are Ships Vulnerable? Temet Nosce
Ship cyber Systems Temet Nosce EAS-Εngine Automation System AEMC Autonomous Engine Monitoring and Control System EDL-Engine Data Logger ACCER Autonomous Control of the Engine Room Κύριες μηχανές-Συστήματα υποστήριξής Βοηθητικές μηχανές Συστήματα πρόωσης και καθοδήγησης Συστήματα ελέγχου των δεξαμενών EH Emergency Handling Συστήματα γενικού συναγερμού Συναγερμός πυρκαγιάς Συναγερμός ανθρώπου στη θάλασσα Συναγερμός ακυβέρνητου πλοίου Συναγερμός ανίχνευσης CO2 Πλημμύρα του δωματίου μηχανών Πλημμύρα του χώρου φορτίων EES Engine Efficient System MIS Maintenance Interaction System BAS-Bridge Automation System Navigation Systems AIS-Automatic Identification System ECDIS-Electronic Chart Display and Information Systems VDR-Voyage Data Recorder GPS ASS-Advanced Sensor Systems Ραντάρ του πλοίου Κάμερες ασφάλειας και παρακολούθησης Συστήματα παρακολούθηση του περιβάλλοντος ASC-Autonomous ship Controller GMDSS-Global Maritime Distress and Safety System Συστήματα επικοινωνίας (VHF-HF-MF) NAVTEX-COSPAS-SARSAT-INMARSAT Πομποί SART και ραδιοφάροι EPIRB CCR-Cargo Management/Cargo Control Room Συστήματα ελέγχου/ένδειξης επιπέδου Συστήματα Απομακρυσμένου ελέγχου βαλβίδων Valve Remote Control System-VRCS Σύστημα έρματος-Συναγερμού για εισροή υδάτων Water Intrusion Detection System-WIDS Συστήματα ελέγχου εισόδου Electronic Personnel on Board-POB Systems Bridge Navigational Watch Alarm System-BNWAS Shipboard Security Alarm Systems-SSAS Συστήματα παρακολούθησης-CCTV PSMS-Passenger Management System Property Management System-PMS Medical Records Ship passenger/seafarer boarding access systems Συστήματα υποστήριξης της συνολικής υποδομής SCC-Shore Control Center RMSS Remote Manoeuvring Support System HMI-Human Machine Interface
Interconnections-Dependencies….. EAS Engine Automation System BAS Bridge Automation System SCC Shore Control Center AEMC Autonomous Engine Monitoring and Control EES Engine Efficient System EDL-Engine Data Logger ACCER-Autonomous Control of the Engine Room EH-Emergency Handling MIS Maintenance Interaction System NAV Navigation Systems AIC-Automatic Identification System ECDIS-Electronic Chart Display and Info Systems ASS-Advanced Sensor Systems (1) VDR- Voyage Data Recorder GPS ASC Autonomous ship Controller GMDSS-Global Maritime Distress and Safety System CCR-Cargo Management/Cargo Control Room (1) Συστήματα Έλεγχου Εισόδου PSMS-Passenger Management System RMSS Remote Maneuvering Support System HMI Human Machine Interface Temet Nosce
Vessel Digitization Temet Nosce 6
Electronic Chart Display & Information System (ECDIS) ECDIS Systems ➢ Geographic information systems ➢ International Maritime Organization compliant ➢ Alternative / compliant to paper nautical charts ➢ Can be interfaced with NavText and AIS ➢ July 2018 –Mandatory for all vessels in international voyages. Temet Nosce
Electronic Chart Display & Information System (ECDIS) Attacking ECDIS Systems ➢ ECDIS systems are in essence desktop PCs ➢ With physical access a malicious person could use the USB slot to: ☻ Load incorrect/outdated maps ☻ Access the underlying operating system ☻ Spread malware/ransomware USB Flash Temet Nosce
Electronic Chart Display & Information System (ECDIS) Attacking ECDIS Systems ➢ As with any other PC, ECDIS systems can be tampered with ➢ A number of these systems run with administrative rights and no password protection. Temet Nosce
Vessel Digitization Temet Nosce 6
Automatic Identification System (AIS) AIS Systems ➢ Automatic tracking system for identifying and locating vessels ➢ 2002 – First mandate for vessels over 300GT to be equipped with a Class A type AIS transceiver. ➢ AIS information supplements marine radar, which continues to be the primary method of collision avoidance for water transport. ➢ Aid in accident investigation and in search and rescue operations. ➢ The information is also sent to providers such as: ☺ Maritimetraffic.com, Vesselfinder.com or Aishub.net. ➢ Transmit in the Marine bands: ☺ Channel A 161.975 MHz (87B) ☺ Channel B 162.025 MHz (88B) Temet Nosce
Automatic Identification System (AIS) AIS Systems Messages ➢ AIS can send up to 27 types of messages ☺ Message 18 Sent between anywhere 30 seconds and 3 minutes to report the vessels position. ☺ Message 14 Safety related broadcast used in emergencies Temet Nosce
Automatic Identification System (AIS)→Attacks Landscape Hackers download the data of an existing ship, changing some of the parameters and submitting it to the AIS service. Ship Hijacking Replay Attacks Hackers capture and store AIS data and replay spoofed messages in specific timeframes Man-in-the-water Because of maritime laws and best practices, everyone needs to address this type of an alert. Fake CPA Hackers create a fake CPA (closest point of approach) alert. Arbitrary weather forecast Hackers impersonate actual issuers of weather forecast such as the port authority and arbitrarily change the weather forecast delivered to ships. AIS Spoofing Hackers can send specially crafted messages that could mimic the location of an existing vessel, or even create a fake vessel and place it on its own virtual course. Temet Nosce
Automatic Identification System (AIS)→ AIS Systems Attacks AIS Systems Attacks ➢ Even via RF the hackers have 4 attack vectors ☻ AIS Gateway ☻ Vessel Traffic Service ☻ Vessels ☻ Offshore * A Security Evaluation of AIS Automated Identification Systems Marco Balduzzi, Alessandro Pasta, Kyle Wilhoit/ Temet Nosce
Automatic Identification System (AIS)→ Example Temet Nosce
Automatic Identification System (AIS)→ Verified Attacks AIS Systems Verified Attacks Modification of all ship details ☻ Position-Course-Cargo-Flagged country-Speed-Name-MMSI Creation of fake vessels ☻ having an vessel with nuclear cargo show up off the coast of the US Create and modify Aid to Navigations (AToN) entries, ☻ Buoys and Lighthouses Research has been published in 2013 ☻ Since then there was not an improvement on the protocol ☻ ITU Radio Communication Sector (ITU-R)-Developers of the AIS standard and the protocol specification have acknowledged the problem Temet Nosce
Opinions Temet Nosce Incidents PART 2 Cyber Security in Shipping Industry
Incidents….. Temet Nosce
Incident trends and regulation development Drilling rig infected with malware Pirate Cyber Attack GPS jamming /spoofing Hacking of cargo tracking system U.S. Port hacker attack Bulk carrier SWB shuts down – ransomware Major shipping company infected by ransomware “Prepare for the unknown” 2010 2011 2012 2013 2014 2016 2017 2018 ISO 27001/27002 IEC 62443 January BIMCO Cyber security guideline IMO Guidelines on cyber security onboard ships July NIS directive September DNVGL RP-0496 July IMO Guidelines on maritime cyber risk Management January DNVGL Cyber security Type Approval May EU GDPR May DNVGL Class notation Temet Nosce
Cyber risks are present and migrating to the OT world Temet Nosce
Cybercrime time line Temet Nosce 2011–IRISL Services hacked causing damage to rates/loading schedules/delivery schedules/location of boxes (some never traced). 2011-2013–Port of Antwerp–drug cartel illicit drugs and contraband seized $365 million/firearms seized $1.5 million (led to MSC v. Glencore International AG [CA]) 2012–Australia illicit drugs and contraband seized $365 million/firearms seized $1.5 million (led to MSC v. Glencore International AG [CA])
Cybercrime time line Temet Nosce 2012–2014–Danish port authority Email virus led to full shut down and ultimately infected government systems. 2014-Semi Sub Gulf of Mexico destabilised 19 days to make seaworthy and return to operation. (Similar attacks to other rigs off Africa). 2016–N.Korea? 280 vessels forced to return to port following problems with navigation systems
Cybercrime time line Temet Nosce 2017-Black Sea 20 ships in Black Sea AIS/GPS spoofed – 32km inland of actual posi- tion. 2018-COSCO COSCO hit by a cyber attack affecting the carriers ability to commu- nicate with vessels, customers and marine terminals.
High-Profile Cyber Events Against IT & OT Systems Temet Nosce
IRISL (Islamic Republic of Iran Shipping Lines→ Hack (2011) Servers were compromised Logistics systems crashed Entire fleet of 172 vessels was compromised False information input into systems: ➢ Compromised manifests ➢ Falsification of rates ➢ Containers ‘cloaked’ ➢ Delivery dates ➢ Client / Vendor Data Major Business Interruption!!!!!!!! Temet Nosce
Port of Antwerp:2011-2013 Cyber-enabled cargo theft Drug traffickers recruited hackers to breach IT systems. Controlled the movement and location of containers over a 2-year period from June 2011 Drugs were hidden in containers among legitimate cargo Enabled traffickers to steal the cargo before the legitimate owners arrived Hacking technique involved physical access to computer networks and installation of snooping devices Impact: cargo theft * https://www.bbc.com/news/world-europe-24539417 Temet Nosce
Maersk : Ransomware attack-June 2017 Petya ransomware attack. (…modified with a leaked NSA exploit…) No data breach or loss to third-parties” occurred Impact: the company would lose up to $300 million in revenues * https://www.gnostech.com/maritime-blog/petya-maersk-one-year-later/ Maersk operations were certainly impacted Shut down infected networks Three container-related businesses were taken offline Maersk reinstall its entire infrastructure 4,000 new servers, 45,000 new PCs, 2,500 apps In 10 days Temet Nosce
Maersk : Ransomware attack-June 2017 * https://www.gnostech.com/maritime-blog/petya-maersk-one-year-later/ Maersk chairman Jim Haggeman Snabe “…Imagine a company where you have a ship that comes into a port every 15 minutes and for 10 days and you have no IT. It’s almost impossible to even imagine…” “…Maersk drew important lessons from the incident, including the pitfalls of management being “naive” about cybersecurity…” “…This was a very significant wake up call for AP Moeller Maersk. We could say a very expensive one… Yet I argue that it was a very important wake-up call…” Temet Nosce
The Incident Temet Nosce At 04:00 12 August 2018 the head office of the "Amazing Cruise Company" – based in Nassau Bahamas received the following distress call from the master of their cruise vessel MV Wonders: "Mayday Mayday Mayday - this is MV Wonders communi- cating on all channels. We are under suspected piracy attack. Please advise” The following radio traffic then ensued: “MV Wonders, MV Wonders - this is operations Nassau - please advise current position, speed and nature of attack” “Operations – we are currently in position Lat 12 degrees 25 minutes North, Long 043 degrees 53 minutes East, we have increased speed to 18 knots and are taking avoidance manoeuvres” “MV Wonder MV Wonders - your position is noted, we are instigating immediate emergency response and notifying US Naval/Nato - please advise nature of attack”
The Incident Temet Nosce “Three vessels approaching at speed, two to starboard one to port - vessels appear to be heavily armed. Suspected RPG” Sound of large explosion “They have fired RPG–repeat RPG-contact starboard midships” The following radio traffic then ensued: “MV Wonders MV Wonders - please advise scope of damage, any casualties ? We are in contact with US Naval authorities” “MV Wonders MV Wonders - please respond”. “MV Wonders MV Wonders this is operations Nassau - please update position/situation” No further radio traffic is received from the vessel. The cruise company immediately activate their emergency response plan which includes notification both to the FBI and US naval authorities. The position of the vessel as notified in the previous message is communicated. This is also verified by remote access to the ships electronic systems.
The Ship’s Electronic Systems Temet Nosce
The Ship’s Electronic Systems Temet Nosce
The Ship’s Electronic Systems Temet Nosce Despite all attempts to re-establish contact with the vessel no response is received. Fortunately a US naval frigate is in the vicinity of the reported attack and proceeds with all speed to attend. Upon arrival the US naval frigate advises that there is no sign of the vessel. The frigate launches helicopters to search the area.. After a one-hour search operating on a GEOREF search pattern the vessel is located. Tactical response, which by now includes specialist Navy Seal teams, are dispatched to the actual location
The Ship’s Electronic Systems Temet Nosce On attendance it becomes immediately apparent that the motive for the attack is terrorist based. Six key members of the crew and a further six passengers have been ritually executed in the vessels main auditorium. Passengers have been forced to watch the executions. A check of passenger and crew members shows nine crew and 25 passengers (including some children) missing. Reports from crew members advise that immediately following the attack a number of passengers and crew members were forced into the launches and taken on board a helicopter which had landed on the vessel during the attack. A DVD left playing on the vessels public address system advises that the attack has been carried out by a terrorist coalition in retaliation for the continued atrocities of the West.
The Ship’s Electronic Systems Temet Nosce
The Ship’s Electronic Systems Temet Nosce
The Ship’s Electronic Systems Temet Nosce
The Ship’s Electronic Systems Temet Nosce The scenario that we have just described may seem far-fetched but;. The New York Times in 1978 reported how the FBI had arrested four individuals who had planned to seize a cruise vessel based on the Rod Serling novel, “Assault on the Queen" and the subsequent film of the same title starring Frank Sinatra. In 2017 a cargo ship travelling from Cyprus to Djibouti lost control of her navigation system for 10 hours preventing the captain from manoeuvring with the intention of steering the vessel into a territory where it could be easily boarded by pirates and robbed. A source later commented that "the entire IT system of the vessel was completely hacked”. Giles Hunnisett (Master Mariner and consultant with Waves Group) – “what I am looking at more and more is a more widespread problem. ECDIS could have 20,000 vessels, all of them updated by a few companies. Imagine a bug getting into 1,000 ships all at the same time. They would not be able to leave or enter ports or if they were at sea establish exactly where they were. The consequence would be a huge business interruption. The more people I see the more I hear that they are surprised it hasn't happened yet. Meanwhile, on board, we know the danger, but we cannot do anything about it”.
Opinions Temet Nosce Threats PART 2 Cyber Security in Shipping Industry
The Greatest Cyber Threat to us All: Data Integrity “Integrity. Cyber operations include an increased emphasis on changing or manipulating data to compromise its integrity to affect decision making, reduce trust in systems, or cause adverse physical effects.” Threat actions include: ➢ Posting disinformation on websites ➢ Altering of online media as a means to influence public discourse and sentiment ➢ Modify stored data ➢ Transmit false data ➢ Track and/or manipulate the flow of information Temet Nosce
USCG Maritime Cyber Bulletin -28 December 2015 Business Email Compromise is a global scam with subjects and victims in many countries. The FBI received victim complaints from more than 45 countries between 2013 - 2014: Statistics: ➢ Total U.S. victims: 1,198 ➢ Total U.S. dollar loss: $179,755,367.08 ➢ Total non-U.S. victims: 928 ➢ Total non-U.S. dollar loss: $35,217,136 ➢ Combined victims: 2,126 ➢ Combined dollar loss: $214,972,503 Temet Nosce
The “Whale” Attack: Targeting Key Executives As of April 2016: ➢ USD $2.3 billion in losses since 2013. ➢ 270% increase since January 2015 ➢ 79 Countries have been affected. * https://krebsonsecurity.com/2016/04/fbi-2-3-billion-lost-to-ceo-email-scams/ Temet Nosce
Some common threat scenarios for ship and crew Social engineering/phishing Removable media/external hardware Mixing isolated and open networks Tampering with ECDIS, navigation systems Ransomware (malware) Denial of Service (DoS/DDoS) Data filtration/data theft Unintentional working accident not following procedures Bad intentions planned Temet Nosce
Opinions Temet Nosce Threats-Scenarios PART 2 Cyber Security in Shipping Industry
Threat scenario #1 Temet Nosce
Threat scenario #2 Temet Nosce
Threat scenario #3 Temet Nosce
Threat scenario #4 Temet Nosce
Threat scenario #5 Temet Nosce
Threat scenario #6 Temet Nosce
Threat scenario #7 Temet Nosce
Best practices:How to avoid cyber mishaps onboard your ship/in your company Think before you click! Research the facts behind e-mails and their attachments! Make sure external drives and USBs are clean! Be aware when third parties enter your systems or data! Protect your passwords! Never connect personal items to the ship critical systems. Never use external wi-fi for company emails or downloads unless protected by VPN! Learn how to install and use two step authentication. Learn how backup and restore is done onboard your ship. Always report errors and mistakes. Educate yourself on cyber risks and how it affects your ship, your colleagues and you personally! Temet Nosce
Opinions Temet Nosce Vulnerabilities PART 2 Cyber Security in Shipping Industry
Vulnerabilities Examples Unknown System Components Vulnerabilities ➢ Chief had never opened cabinet containing PLC for rudder hydraulics Internal bad actor Countermeasures ➢ Document the connections and identities of the rudder function ➢ Include in change management program Uncontrolled Vendor Access Vulnerabilities ➢ Uncontrolled laptop ➢ Uncontrolled connection to Internet ➢ Undocumented software change management procedure Countermeasures ➢ Change management process ➢ Access policies Temet Nosce
Vulnerabilities Examples Improper Segmentation Vulnerabilities ➢ 1st Engineer requests printer for alarm system from IT ➢ IT technician connects alarm system to “ship” network ➢ Ship network has direct paths to internet (e.g., port 80, 443) Countermeasures ➢ Segment safety-critical systems from IT Networks Uncontrolled Physical Ports Vulnerabilities ➢ Open physical ports on control system equipment Countermeasures ➢ Block unused/infrequently used USB/RJ- 45 ports using port blockers/silicone Temet Nosce
Consequences Temet Nosce
Challenges to Achieve Significant Consequences Exploitation requires expertise in multiple disciplines OT networks are generally compartmentalized from IT networks Highly engineered systems with multiple layers of safeguards Human-in-the-loop with manual overrides Generally manual vs. automated valves to the atmosphere Temet Nosce
☺ Standards-Guidelines ☺ Risk Management ☺ Benefits ☺ Conclusions
Standards-Guidelines PART 3 Cyber Risk Management
Standards ISO/IEC 27001 CIS 20 Critical Controls (v6) NIST SP 800.53 R4 NIST CSF BIMCO Guidelines on Cyber Security OnBoard Ships (v.2) ISPS Code ISM Code OCIMF TMSA 3 Foundational Cyber Risk Mgmt. Best Practices Maritime Risk Mgmt. Best Practices Maritime Cybersecurity Capability Maturity Temet Nosce
IMO-International Maritime Organization Maritime cyber risk refers to a measure of the extent to which a technology asset is threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a conse- quence of information or systems being corrupted, lost or compromised. Interim Guidelines on Maritime Cyber Risk Management Temet Nosce
ISM Code “Assess all identified risk to its ships, personnel and the environment and establish appropriate safe guards.” International Safety Management (ISM) Code Section 1.2.2.2 Temet Nosce
Guidelines: Recent Guidelines Issued 2017 The Guidelines on Cyber Security OnBoard Ships Version 2 BIMCO, CLIA, ICS, INTERCARGO, INTERTANKO, OCIMF and IUMI 2017 The Application of Cybersecurity Principles to marine and offshore Operations Volume: CyberSecurity ABS 2017 Code of Practice Cyber Security for Ships UK Department of Transport-IET 2016 Cyber Security Awareness A.M.M.I.T.E.C. Temet Nosce
Risks PART 3 Cyber Risk Management
Specific risks and their consequences to the shipping industry Temet Nosce GNSS Jamming and AIS spoofing Issues with AIS. No authentication protocols. Jamming devices cost as little as $100 AIS/GPS spoofing can be achieved with a $100 VHF set Estimated 250,000 cell towers in Russia are equipped with GNSS jamming devices. GPS jamming trial – Flambrough Head – showed effect was to create incorrect data on ECDIS, AIS and Radar – all systems ! Easy ability to impersonate targets (ships). Unencrypted messaging. Jammers have radius of over 30km. 2017 Report – 5 day loss of GNSS would cost UK £149 million July 2018 NATO issued requests for reports of instances of GPS or AIS interference in the Mediterranean, noting that in the past few months several electronic interferences had been detected.
Specific risks and their consequences to the shipping industry Temet Nosce Unseaworthiness the ship ‘must have that degree of fitness which an ordinary careful and prudent owner would require his vessel to have at the commencement of her voyage having regard to all the probable circumstances of it’ F.C. Bradley & Sons -v- Federal Steam Navigation (1926) 24 L1.L.Rep. 446 – definition of seaworthiness “fit to meet and undergo the perils of sea and other incidental risks to which of necessity she must be exposed in the course of a voyage” Kopitoff-v-Wilson (1876) 1 QBD 377 “requires the crew to be adequately trained” EURASIAN DREAM” [2002] 1 Lloyd’s Rep. 719 “requires ports to implement security protocols but are not designed with cyber attacks in mind” ISPS/(US) MTSA 2002
Specific risks and their consequences to the shipping industry Temet Nosce Unseaworthiness (cont.) If she has that degree of fitness which the ordinary careful owner would require his vessel to have at the commencement of the voyage having regard to all the probable consequences of it. Would a prudent owner have required it should be made good before sending to sea had he known of it? A ship is seaworthy: Extends beyond physical fitness to (i) sufficient, efficient and compe-tent crew (ii) adequate and sufficient systems on board to address matters which may arise during the voyage. By reference to the state of knowledge in the industry at the time Luke Parsons QC & Julian Clark concluded, “in the absence of being able to show positive steps taken in line with implementation of cyber risk mana- gement systems and protocols an owner will face an up hill struggle in establishing seaworthiness”
Specific risks and their consequences to the shipping industry Temet Nosce Malware – Not Petya Port of LA, Clarksons and Maersk – most high profile. Estimated $300 million loss; Clarksons – 6% drop in share value Maersk: Congestion in over 80 ports; Replaced 4,000 servers, 45,000 PC’s and 2,500 applications; Networked fleet successfully isolated. COSCO attack - full financial implication presently unclear
Specific risks and their consequences to the shipping industry Temet Nosce Hacking and beyond Change of manifests – illicit goods trade (Port of Antwerp), to mis-description (CHC/Liquefaction risk/Sanctions avoidance – SA Red Acorn). Business disruption and reputational damage. A new route to industrial espionage. Potential to disrupt a Blockchain ?
Cyber and litigation risk Temet Nosce The Washington DC scandal No longer just tipex on the log books Needle in the haystack approach to discovery GDPR (25 May 2018) E20 million of 4% of global turn over whichever greater GDPR and new Regulation will enforce cyber hygiene. USA implementing legislation to penalise companies for inappropriate data handling and storage. ICCA/New York City Bar/CPR Institute working group on cyber security for International Arbitration: No longer just tipex on the log books Protection of digital information in arbitration; Identifying and protecting the weak link; Powers to order cyber security measures; Framework for adopting cyber security measures during the process. Why ? High value, high stakes, sensitive and potentially damaging information access.
Corporate Exposure – Are you ready to deal with a cyber attack? Temet Nosce A data breach plan with step-by-step actions The Washington DC scandal Procedures to regularly rehearse the plan with all staff A designated person responsible for handling any breach Regular updates concerning the plan to ensure all senior staff are fully familiar with it Prepared notification messages to 3rd parties and suppliers In the UK gathering of evidence for the Information Commissioner to show how the breach has been handled. Similar information gathering for any international regulatory authority. Regular cooperation with any cyber insurance provider for guidance and in order to ensure maintenance of cover Pre-prepared statements to customers advising how the firm will deal with any damage A no tolerance party to ransom demands
Corporate Exposure – Are you ready to deal with a cyber attack? Temet Nosce Identify where the demand or ransomware originated and how this entered the system And when an attack takes place: Isolate all infected devices (immediately take them off-line) Assess how many and which devices have been affected Restore lost data from backups Advise customers if their data has been compromised Once the attack is under control - prepare a "lessons to be learned" review.
Cyber Risk Model Functions. Software that control machines on assets Connections. Nature and number of digital interfaces(e.g., physical ports, network connections) indicating cybersecurity complexity Identities. Humans or machines that send or receive data by means of the digital interfaces Temet Nosce
Cyber Risk Management Begins at the Top-It’s a Boardroom Challenge ➢ Managing Directors, CEOs & Board Members are accountable for organization’s Cyber Security. ➢ Cyber Risk Management must be owned by leadership rather than be relegated to an “IT” challenge Cyber Risk affects an organization’s: ➢ Balance Sheet/Profit & Loss. ➢ Legal Exposure. ➢ Operational Effectiveness. ➢ Customers. ➢ Vendors. ➢ Partners. ➢ Employees. Temet Nosce
“Cyber Risk” what do we mean? Cyber risk signifies more than data breaches… ➢ Seaworthiness ➢ Client and employee information ➢ Commercial confidential information / assets ➢ Money (Profit and Loss) ➢ Reputation Game Changers… ➢ Stuxnet and Shamoon ☺ Proved that physical events can be triggered through cyber means ➢ Sony ☺ Targeted employees, damaging systems and reputations, and divulged corporate secrets and trade information Temet Nosce
Why Should We Manage Cyber Risk in the Maritime Domain? Every port authority and terminal operator operating in the world economy creates, utilizes, stores, manages, and exchanges digital data, along with financial information, via internal and external networks. Ports sustain 90% of the global economy ➢ 4,764 Ports in 196 countries ➢ 68,000+ vessels by 2023 * www.mits-forum.org Recurring Industry Themes: • Multimodal connectivity • Increase efficiency of operations • Increase capacity for small port infrastructure • Passenger traffic Temet Nosce
Cyber Risk Management Business Leaders Unanswered Questions: ➢ What do we invest in first ? ➢ How much do we need to budget ? ➢ What are our priorities when comes to Cyber Security ? ➢ How can we measure the effectiveness of our investments ? ➢ Are our investments sustainable ? Temet Nosce
What can we do ? Organize our Company: ➢ Cyber Security Assessment ➢ Table Top Exercises (TTX) ➢ Threat Assessments ➢ Cyber Risk Management Planning ➢ Executive Awareness Training ➢ Tools ➢ Cyber Threat Intelligence Support Temet Nosce
The Cyber Risk Reduction Curve Temet Nosce
Driving Risk Reduction Cyber Risk Reduction Curve ➢ Investing in the right combination of technology and insurance maximizes risk reduction ☺ 1. Technology Risk Reduction ☺ 2. Insurance Risk Reduction * Axio Temet Nosce
Benefits PART 3 Cyber Risk Management
Benefits Benefits: ➢ Strengthen cybersecurity capabilities ➢ Institute consistent evaluation and benchmarking of cybersecurity capabilities ➢ Share knowledge and best practices ➢ Enable prioritized resource allocation ➢ Inform cybersecurity investments ➢ Drive continuous improvement Temet Nosce
Cybersecurity Resources Cybersecurity Framework Foundational reference model & common framework providing set of cybersecurity activities, outcomes, and informative references Identify Protect Detect Respond Recover Structure for cyber risk management & system components Technical, administrative, & physical protections Monitoring to discover when system is compromised Initial actions to limit the consequences of a cyber event Follow-up actions to restore full functionality & operations Temet Nosce
How to get started Choose standard(s) to guide program development Perform assessment of current program against standard(s) Analyze risks and identified gaps Prioritize actions to address gaps and develop plans Temet Nosce
Guide for choosing standards Temet Nosce
Cybersecurity Maturity Time Temet Nosce
Driving Continuous Improvements and Setting the Stage for Long-Term IMO Compliance Launch Strategy Software Perform Baseline Evaluation and Identify Gaps Review Recommendations and Set Target Profile Prioritize Implementations and Plan Updates to SMS Allocate Appropriate Resources & Implement Improvements Investment Planning Resource Allocation Mitigation Activities Begin SMS Updates Sustain Investments & Resources Mitigation Activities Continue Finalize SMS Updates 2nd Year 3nd Year Establishing a Sustainable Cyber Risk Management Program Temet Nosce
Gain Awareness & Train! Training Programm: ➢ Executive Leadership Briefings. ➢ Workforce training spanning multiple cyber maturity dimensions (e.g. spearphishing, passwords, social media,etc.). ➢ Consider web-based training awareness tools for baseline and refre- sher training. ➢ In-house Cyber TTX combined with ISPS Code requirements. ➢ Technical Staff Training Global organizations can rapidly deliver and sustain cybersecurity and cyber risk awareness training across the enterprise. Temet Nosce
Insurance Considerations→ Insurance Risk First Party Damages (Tangible & Financial) ➢ Response Costs - Forensics, Notifications. ➢ Legal expenses: advice and defense ➢ Revenue losses due to network or computer outages ➢ Restoration costs related to reconstitution of lost data ➢ Ransomware: Cyber extortion ➢ IP Loss: values of stolen property ➢ Mechanical compromise / breakdown ➢ Destruction of equipment or property ➢ Lost revenue due to physical damages ➢ Bodily injury to employees Scenarios Insider threat; Network Disruption; Network breach; Malware attack (e.g. on SCADA); Ransomware Third Party Damages (Tangible & Financial) ➢ Financial recovery due to consequential loss of revenue ➢ Restoration activity expenses ➢ Legal expenses: advice and defense ➢ Credit monitoring costs ➢ Physical damage / destruction of equipment and /or property ➢ Environmental cleanup ➢ Bodily injury to others ➢ Regulatory fines Scenarios Insider threat; Network Disruption; Network breach; Malware attack (e.g. on SCADA); Temet Nosce
Don’t Panic → It’s not all so Bad…. Reliance on crew ➢ Sufficient and continuous training on Cyber Security ➢ Development of a Cyber Security Policy Reliance on manual controls ➢ Crew-Paper Charts-Radar Vessels must be treated as any other network ➢ Security Audits ➢ Penetration Testing ➢ Physical Security Assessments Incident Response ➢ Development of Contingency Plans ➢ Stress Tests Temet Nosce
Effective Cyber Program → key characteristics Being SECURE means having risk prioritized controls to defend critical assets against known and emerging threats. Being VIGILANT means having threat intelligence and situational awareness to anticipate and identify harmful behavior. Being RESILIENT means being prepared and having the ability to recover from cyber incidents and minimize their impact. Temet Nosce
Key characteristics → Cyber risk is not an uncontrollable phenomenon Maritime Industry is based on IT solutions The progress of information technologies will definitely proceed Complex risk-scenarios which currently seem to be difficult to be solved. Balance people, processes and technology Information security is not just about computer security. Invest in all core elements of information security: physical, human and cyber. Act as you have already been hacked Breaches occur at all organizations Mix of processes for prevention, detection and response to keep cyber-risk below a level Temet Nosce
Re-Thinking Maritime Cyber Resiliency in a “Cyberized” World Maritime Industry is now in a digitization era Balance people, processes and technology Assume your business has already been attacked, infiltrated and compromised Understand that there is no “magic bullet” Develop a New Approach: ☺ Take a top-down approach ☺ Implement an enterprise cyber risk management strategy Temet Nosce
Conclusions PART 3 Cyber Risk Management
Re-Thinking Maritime Cyber Resiliency in a “Cyberized” World Are we focused on the right things? Understand how value is created in your organization Where your critical assets are..? How they are vulnerable to key threats..? Practice defense-in-depth.. Do we have the right talent? Quality over Quantity Not enough talent to do everything in-house Strategic approach to sourcing decisions Are the security teams focused on the real business areas. Temet Nosce
Re-Thinking Maritime Cyber Resiliency in a “Cyberized” World We proactive or reactive? Retrofitting for security is very expensive Build it upfront in your management processes, applications, and infrastructure. Are we adapting to change? Regularize → Policy reviews, assessments, and rehearsals of crisis response processes Establish a culture of perpetual adaptation to the threat and risk landscape. Temet Nosce
In conclusion Temet Nosce What cyber risks do you identify to ECDIS, AIS and other systems, shipboard and other- wise? All of these systems are exposed to infiltration and cyber attack. The scope of the risk is significant and comes from a range of sources and for a range of motives. Hackers are attracted to shipping as it represents a challenge to their range of expertise and yet can be perceived by them as less of a life threatening threat for them to interfere with. ✓ Destabilization of an oil platform which not only lead to $100,000’s of shut down costs but raised a significant risk of a major incident on the level of Piper Alpha. Cyber terrorists and hacktivists – here significant financial disruption and potential loss of life may well be their aim.
In conclusion Temet Nosce What are the best ways for owners and crews to protect against cyber risks? Take the risk very seriously.In fact make it number one on your risk list.. Guidance and procedures must originate at Board level – not left to the IT department or even those routinely dealing with ISPS. There must then be in place a rigorous training regime. ✓ Not just how to prevent an attack and identify risk but what steps to take as soon as it becomes clear an attack is underway Cyber avoidance risk barriers need to be implemented at every level of the business – not just across the vessels rail but in the owning office. ✓ for example, security checks and monitoring of all staff (however junior) that could gain access to electronic systems Quick and effective response can save millions of dollars and more importantly business reputation and potential loss of life.
In conclusion Temet Nosce Can technology always solve technology? What is the human, systemic and societal element? If you are asking “is it simply a matter of developing better fire walls etc.?” the answer is no. Again this is why a response and culture from the top of the company down needs to be developed. ✓ All owners, operators and those engaged in the logistics chain are now involved (like it or not) in a chess game with that hooded figure we often see in cyber risk power points and presentations. ✓ It’s a matter of constantly trying to think 5 moves ahead – how is my business at risk, what could someone gain by attacking my business, do I have the response plans in place to deal with an attack ? How much of a problem do you see cyber security as being in the short and long term? It is the single largest threat facing international shipping today.
In conclusion Temet Nosce How can we make ships and mariners safe from cyber threats? It is unlikely that you will ever be able to eradicate the risk completely. Greater training, knowledge and development of cyber emergency response plans are our best form of defense. ✓ Shipping Companies need to work in close co-operation with the experts in the field (both legal, risk avoidance and technological) to develop and implement effective systems and regularly run full emergency drills. Using the Ghost Busters analogy “Who you gonna call ?” What are the financial risks and solutions? It is the single largest threat facing international shipping today. I think I have probably dealt with solutions above. ✓ As to financial – HUGE – look at the recent publicised examples and remember we are only seeing the tip of the ice berg in what is actually being reported compared to the number and significance of the attacks taking place.
Incidents Temet Nosce
1. PPT:Maritime Cyber Risk-C.Kapalidis_HudsonAnalytix 2. PPT:Maritime CyberSecurity-A.Cynthia_HudsonAnalytix 3. PPT:DNVGL_Cyber Security Awareness in the Maritime Industry 4. PPT:ABS_Maritime Cybersecurity Awareness_Mowrer 5. Thesis_Peiraias_Kavalieratos_Cyber-attacks to cyber-enabled ship 6. PPT:Deloitte_Cyber Security in the shipping industry 7. Hill Dickinson_Cyber Crime in the Shipping Industry Βιβλιογραφία-Υλικό Temet Nosce Για τη δημιουργία αυτής της παρουσίασης δανείστηκα υλικό από της παρακάτω πηγές:
Know Thyself
Know Thyself
Maritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία

Recommended

Maritime Labour Convention (MLC 2006)
Maritime Labour Convention (MLC 2006)Maritime Labour Convention (MLC 2006)
Maritime Labour Convention (MLC 2006)Yasser B. A. Farag
 
DEEP sea
DEEP seaDEEP sea
DEEP seaafai2546
 
Fire prevention and Fire Fighting(FPFF)
Fire prevention and Fire Fighting(FPFF)Fire prevention and Fire Fighting(FPFF)
Fire prevention and Fire Fighting(FPFF)nmahi96
 
Green sea turtle
Green sea turtleGreen sea turtle
Green sea turtlejessicamclinn
 
Sea cucumber Reproductive biology and Aquaculture
Sea cucumber Reproductive biology and AquacultureSea cucumber Reproductive biology and Aquaculture
Sea cucumber Reproductive biology and AquacultureB. BHASKAR
 
Bridge resources management lrg
Bridge resources management lrgBridge resources management lrg
Bridge resources management lrgLance Grindley
 
MARPOL 73/78
MARPOL 73/78MARPOL 73/78
MARPOL 73/78Ajith Albi
 
ISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdf
ISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdfISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdf
ISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdfAustinAgbolo
 

Recommended

Maritime Labour Convention (MLC 2006)
Maritime Labour Convention (MLC 2006)Maritime Labour Convention (MLC 2006)
Maritime Labour Convention (MLC 2006)Yasser B. A. Farag
 
DEEP sea
DEEP seaDEEP sea
DEEP seaafai2546
 
Fire prevention and Fire Fighting(FPFF)
Fire prevention and Fire Fighting(FPFF)Fire prevention and Fire Fighting(FPFF)
Fire prevention and Fire Fighting(FPFF)nmahi96
 
Green sea turtle
Green sea turtleGreen sea turtle
Green sea turtlejessicamclinn
 
Sea cucumber Reproductive biology and Aquaculture
Sea cucumber Reproductive biology and AquacultureSea cucumber Reproductive biology and Aquaculture
Sea cucumber Reproductive biology and AquacultureB. BHASKAR
 
Bridge resources management lrg
Bridge resources management lrgBridge resources management lrg
Bridge resources management lrgLance Grindley
 
MARPOL 73/78
MARPOL 73/78MARPOL 73/78
MARPOL 73/78Ajith Albi
 
ISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdf
ISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdfISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdf
ISM_CODE_SHIPBOARD_TRAINING_FAMILIARIZAT.pdfAustinAgbolo
 
Fire Drill
Fire DrillFire Drill
Fire DrillCapt. Persobi Waldemar
 
ISM CODE
ISM CODE ISM CODE
ISM CODE Kamal Vashisht
 
An Introduction to Maritime Search and Rescue
An Introduction to Maritime Search and RescueAn Introduction to Maritime Search and Rescue
An Introduction to Maritime Search and RescueVR Marine Technologies
 
Estuaries-Where River meets the sea.
Estuaries-Where River meets the sea.Estuaries-Where River meets the sea.
Estuaries-Where River meets the sea.Kunal Sinha
 
Sources and effects of oil pollution in marine environment
Sources and effects of oil pollution in marine environmentSources and effects of oil pollution in marine environment
Sources and effects of oil pollution in marine environmentPramoda Raj
 
Pollution prevention systems
Pollution prevention systemsPollution prevention systems
Pollution prevention systemsYasser B. A. Farag
 
Personal Survival Techniques(PST)
Personal Survival Techniques(PST)Personal Survival Techniques(PST)
Personal Survival Techniques(PST)nmahi96
 
Personal Survival and Social Responsibilities(PSSR)
Personal Survival and Social Responsibilities(PSSR)Personal Survival and Social Responsibilities(PSSR)
Personal Survival and Social Responsibilities(PSSR)nmahi96
 
Coral reef presentation
Coral reef presentationCoral reef presentation
Coral reef presentationMuhammad Sajjad
 
ISM Code
ISM CodeISM Code
ISM CodeYasser B. A. Farag
 
Threats to marine biodiversity
Threats to marine biodiversity Threats to marine biodiversity
Threats to marine biodiversity Salmashaik26
 
Timber deck code
Timber deck codeTimber deck code
Timber deck codeMaanas Gopinath
 
ESCORT TUG GIRTING ASSESSMENT
ESCORT TUG GIRTING ASSESSMENTESCORT TUG GIRTING ASSESSMENT
ESCORT TUG GIRTING ASSESSMENTLearnmarine
 
Lights and shapes lrg
Lights and shapes lrgLights and shapes lrg
Lights and shapes lrgLance Grindley
 
Man Over Board Drill
Man Over Board DrillMan Over Board Drill
Man Over Board DrillCapt. Persobi Waldemar
 
Coral reefs
Coral reefsCoral reefs
Coral reefsLoretta Roberson
 
Crude oil washing system
Crude oil washing systemCrude oil washing system
Crude oil washing systemCoolrich Engineering (M) Sdn Bhd
 
Management of change.
Management of change.Management of change.
Management of change.Capt Ashok Menon
 
Mollusc
MolluscMollusc
MolluscShah Naseer
 
Estuaries
EstuariesEstuaries
EstuariesVane Rivera
 
Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax Cybersec
 

More Related Content

What's hot

An Introduction to Maritime Search and Rescue
An Introduction to Maritime Search and RescueAn Introduction to Maritime Search and Rescue
An Introduction to Maritime Search and RescueVR Marine Technologies
 
Estuaries-Where River meets the sea.
Estuaries-Where River meets the sea.Estuaries-Where River meets the sea.
Estuaries-Where River meets the sea.Kunal Sinha
 
Sources and effects of oil pollution in marine environment
Sources and effects of oil pollution in marine environmentSources and effects of oil pollution in marine environment
Sources and effects of oil pollution in marine environmentPramoda Raj
 
Personal Survival Techniques(PST)
Personal Survival Techniques(PST)Personal Survival Techniques(PST)
Personal Survival Techniques(PST)nmahi96
 
Personal Survival and Social Responsibilities(PSSR)
Personal Survival and Social Responsibilities(PSSR)Personal Survival and Social Responsibilities(PSSR)
Personal Survival and Social Responsibilities(PSSR)nmahi96
 
Threats to marine biodiversity
Threats to marine biodiversity Threats to marine biodiversity
Threats to marine biodiversity Salmashaik26
 
ESCORT TUG GIRTING ASSESSMENT
ESCORT TUG GIRTING ASSESSMENTESCORT TUG GIRTING ASSESSMENT
ESCORT TUG GIRTING ASSESSMENTLearnmarine
 

What's hot (20)

Fire Drill
Fire DrillFire Drill
Fire Drill
 
ISM CODE
ISM CODE ISM CODE
ISM CODE
 
An Introduction to Maritime Search and Rescue
An Introduction to Maritime Search and RescueAn Introduction to Maritime Search and Rescue
An Introduction to Maritime Search and Rescue
 
Estuaries-Where River meets the sea.
Estuaries-Where River meets the sea.Estuaries-Where River meets the sea.
Estuaries-Where River meets the sea.
 
Sources and effects of oil pollution in marine environment
Sources and effects of oil pollution in marine environmentSources and effects of oil pollution in marine environment
Sources and effects of oil pollution in marine environment
 
Pollution prevention systems
Pollution prevention systemsPollution prevention systems
Pollution prevention systems
 
Personal Survival Techniques(PST)
Personal Survival Techniques(PST)Personal Survival Techniques(PST)
Personal Survival Techniques(PST)
 
Personal Survival and Social Responsibilities(PSSR)
Personal Survival and Social Responsibilities(PSSR)Personal Survival and Social Responsibilities(PSSR)
Personal Survival and Social Responsibilities(PSSR)
 
Coral reef presentation
Coral reef presentationCoral reef presentation
Coral reef presentation
 
ISM Code
ISM CodeISM Code
ISM Code
 
Threats to marine biodiversity
Threats to marine biodiversity Threats to marine biodiversity
Threats to marine biodiversity
 
Timber deck code
Timber deck codeTimber deck code
Timber deck code
 
ESCORT TUG GIRTING ASSESSMENT
ESCORT TUG GIRTING ASSESSMENTESCORT TUG GIRTING ASSESSMENT
ESCORT TUG GIRTING ASSESSMENT
 
Lights and shapes lrg
Lights and shapes lrgLights and shapes lrg
Lights and shapes lrg
 
Man Over Board Drill
Man Over Board DrillMan Over Board Drill
Man Over Board Drill
 
Coral reefs
Coral reefsCoral reefs
Coral reefs
 
Crude oil washing system
Crude oil washing systemCrude oil washing system
Crude oil washing system
 
Management of change.
Management of change.Management of change.
Management of change.
 
Mollusc
MolluscMollusc
Mollusc
 
Estuaries
EstuariesEstuaries
Estuaries
 

Similar to Maritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία

Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax Cybersec
 
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....zayadeen2003
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaRahul Neel Mani
 
Cyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxCyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxSharifulShishir
 
Cyber Sec Project Proposal
Cyber Sec Project ProposalCyber Sec Project Proposal
Cyber Sec Project ProposalChris Young
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...Stefano Maria De' Rossi
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyShiva Bissessar
 
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...ijtsrd
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
Gunnebo Global Customer Magazine
Gunnebo Global Customer MagazineGunnebo Global Customer Magazine
Gunnebo Global Customer MagazineGunnebo UK
 
BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsGareth Niblett
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Business Finland
 

Similar to Maritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία (20)

Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthy
 
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdfGramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
Gramax-Cybersec-Role of Cybersecurity in Maritime A high-risk sector.pdf
 
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
Board-toolkit-Introduction-to-cyber-security-for-board-members-briefing-pack....
 
ΕΛΙΣΜΕ MSAG 20181107 Φώτης Σοφρώνης ‘Cyber Security στο Θαλάσσιο Περιβάλλον’
ΕΛΙΣΜΕ MSAG 20181107 Φώτης Σοφρώνης ‘Cyber Security στο Θαλάσσιο Περιβάλλον’ΕΛΙΣΜΕ MSAG 20181107 Φώτης Σοφρώνης ‘Cyber Security στο Θαλάσσιο Περιβάλλον’
ΕΛΙΣΜΕ MSAG 20181107 Φώτης Σοφρώνης ‘Cyber Security στο Θαλάσσιο Περιβάλλον’
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
 
C018131821
C018131821C018131821
C018131821
 
Cyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptxCyber Security – Indian Perspective.pptx
Cyber Security – Indian Perspective.pptx
 
Cyber Sec Project Proposal
Cyber Sec Project ProposalCyber Sec Project Proposal
Cyber Sec Project Proposal
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
presCyberNISC2015
presCyberNISC2015presCyberNISC2015
presCyberNISC2015
 
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
An Analytical Study on Attacks and Threats in Cyber Security and its Evolving...
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)
 
Global 2-2016-en
Global 2-2016-enGlobal 2-2016-en
Global 2-2016-en
 
Gunnebo Global Customer Magazine
Gunnebo Global Customer MagazineGunnebo Global Customer Magazine
Gunnebo Global Customer Magazine
 
BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest Threats
 
Cyber-Attack.pptx
Cyber-Attack.pptxCyber-Attack.pptx
Cyber-Attack.pptx
 
Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...Cyber security and critical information infrastructure protection from a sout...
Cyber security and critical information infrastructure protection from a sout...
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 

More from Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD

More from Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD (20)

Russia Ukraine war Cyberspace operations (2022-2024)
Russia Ukraine war Cyberspace operations (2022-2024)Russia Ukraine war Cyberspace operations (2022-2024)
Russia Ukraine war Cyberspace operations (2022-2024)
 
Russia Ukraine Conflict_Cyberspace Operations_2021_2023.pdf
Russia Ukraine Conflict_Cyberspace Operations_2021_2023.pdfRussia Ukraine Conflict_Cyberspace Operations_2021_2023.pdf
Russia Ukraine Conflict_Cyberspace Operations_2021_2023.pdf
 
Mitigation of cyber threats 1a.pdf
Mitigation of cyber threats 1a.pdfMitigation of cyber threats 1a.pdf
Mitigation of cyber threats 1a.pdf
 
CYBER KILL CHAIN Table
CYBER KILL CHAIN TableCYBER KILL CHAIN Table
CYBER KILL CHAIN Table
 
Logismika Parakolouthisis.docx
Logismika Parakolouthisis.docxLogismika Parakolouthisis.docx
Logismika Parakolouthisis.docx
 
Surveillance Software.docx
Surveillance Software.docxSurveillance Software.docx
Surveillance Software.docx
 
Ρωσία εναντίον Εσθονίας:ο πρώτος κυβερνοπόλεμος (2007)
Ρωσία εναντίον Εσθονίας:ο πρώτος κυβερνοπόλεμος (2007)Ρωσία εναντίον Εσθονίας:ο πρώτος κυβερνοπόλεμος (2007)
Ρωσία εναντίον Εσθονίας:ο πρώτος κυβερνοπόλεμος (2007)
 
Russia vs Estonia_First Cyber War (2007)
Russia vs Estonia_First Cyber War (2007)Russia vs Estonia_First Cyber War (2007)
Russia vs Estonia_First Cyber War (2007)
 
ΚΥΒΕΡΝΟΠΟΛΕΜΟΣ
ΚΥΒΕΡΝΟΠΟΛΕΜΟΣΚΥΒΕΡΝΟΠΟΛΕΜΟΣ
ΚΥΒΕΡΝΟΠΟΛΕΜΟΣ
 
Cyber War
Cyber WarCyber War
Cyber War
 
Κυβερνοχώρος: Νέο πεδίο αντιπαραθέσεων
Κυβερνοχώρος: Νέο πεδίο αντιπαραθέσεωνΚυβερνοχώρος: Νέο πεδίο αντιπαραθέσεων
Κυβερνοχώρος: Νέο πεδίο αντιπαραθέσεων
 
Cyberspace_New Operational Domain
Cyberspace_New Operational DomainCyberspace_New Operational Domain
Cyberspace_New Operational Domain
 
Πληροφοριακός Πόλεμος-Information Warfare
Πληροφοριακός Πόλεμος-Information WarfareΠληροφοριακός Πόλεμος-Information Warfare
Πληροφοριακός Πόλεμος-Information Warfare
 
Information Warfare
Information WarfareInformation Warfare
Information Warfare
 
Corporate Cyber Security
Corporate Cyber SecurityCorporate Cyber Security
Corporate Cyber Security
 
Russia Georgia 2008 Conflict-Information Operations, Cyberwarfare
Russia Georgia 2008 Conflict-Information Operations, CyberwarfareRussia Georgia 2008 Conflict-Information Operations, Cyberwarfare
Russia Georgia 2008 Conflict-Information Operations, Cyberwarfare
 
Cyber risks for enterprises-Vacations Time
Cyber risks for enterprises-Vacations TimeCyber risks for enterprises-Vacations Time
Cyber risks for enterprises-Vacations Time
 
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...
ISMS-Information Security Management System-Σύστημα Διαχείρισης Πληροφοριακής...
 
Κυβερνοπόλεμος-Επιχειρήσεις Κυβερνοχώρου-Cyber War-Cyber Warfare
Κυβερνοπόλεμος-Επιχειρήσεις Κυβερνοχώρου-Cyber War-Cyber WarfareΚυβερνοπόλεμος-Επιχειρήσεις Κυβερνοχώρου-Cyber War-Cyber Warfare
Κυβερνοπόλεμος-Επιχειρήσεις Κυβερνοχώρου-Cyber War-Cyber Warfare
 
Οδηγός Προστασίας από την Ηλεκτρονική Εξαπάτηση-Phihing Guide
Οδηγός Προστασίας από την Ηλεκτρονική Εξαπάτηση-Phihing GuideΟδηγός Προστασίας από την Ηλεκτρονική Εξαπάτηση-Phihing Guide
Οδηγός Προστασίας από την Ηλεκτρονική Εξαπάτηση-Phihing Guide
 

Recently uploaded

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Maritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία

  • 1. Παπαδάκης Κων/νος Αναλυτής Επιχειρήσεων Κυβερνοχώρου και Σύμβουλος Κυβεροάμυνας-Κυβερνοασφάλειας Papadakis Konstantinos Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant Cyber Security Consultant “Maritime Cyber Security and Risk Management” “… If cybercrime was a country, it would have the 13th highest GDP in the world… “Κυβερνοασφάλεια και Ναυτιλία”
  • 2. Περιεχόμενα ☺ Facts-Opinions ☺ Statistics ☺ Threats ☺ Cyber VS Shipping ☺ Problems ☺ Vulnerabilities ☺ Threats-Incidents ☺ Standard-Guidelines ☺ Risk Management ☺ Conclusions Temet Nosce
  • 5. The Cyberization of Risk-Everything is connected Law 1: Everything that is connected to the Internet can be hacked Law 2: Everything is being connected to the Internet Law 3: Everything else follows from the first two laws The impact of a cyber event can cascade and across an organization, reinforcing the magnitude of its impact Temet Nosce
  • 7. Opinions * https://www.gnostech.com/maritime-blog/petya-maersk-one-year-later/ “…the maritime industry needs to be better equipped to face the next cyberattack, whether globally, like Petya, or specifically targeted at individual organizations. To do so, maritime organizations must implement the proper security and access control measures to ensure sensitive data does not end up in the wrong hands leading to system and network compromise. Additionally, when attacked, maritime and port organizations must be prepared to respond to cyber-attacks and have contingency plans in place to minimize the disruption to operations and commerce …” Lars Jenson Sea Intelligence Consulting “…weak security is endemic in the shipping industry, noting that some 44% of carriers show signs of low levels of cybersecurity related to very basic elements, such as patching. Temet Nosce
  • 9. Statistics: Cyber Attacks (Impact-Likehood) https://www.climatealliance.org.au/blog/2018/global-risks-landscape-global-risks-report-2018-wef Temet Nosce
  • 10. Statistics: Rising Cyber Dependency https://knowledge.unccd.int/publications/global-risks-report-2018 Rising Cyber Dependency Temet Nosce
  • 12. General Cyber Threat Trends Threats are increasing ➢ Hacking tools are widely available and simpler to use ➢ The potential impact of cyber attacks continues to grow Hacker motivations are changing ➢ No longer egocentric ➢ Shift to professional cyber criminals (money motivated) Certain common factors enable threat actor success ➢ Economy of organized cybercrime ➢ Inter-connected systems ➢ Organizational failure to implement cyber hygiene Temet Nosce
  • 13. Attackers come in many guises … Disruption Espionage Financial Insiders Outsiders Hacktivists Nation states Criminal organizations Terrorists Hackers and Amateurs Criminal aims Disgruntled employees Unintentional Temet Nosce
  • 14. Cyber Security in a nutshell – a continuous approach! What to Protect? Ship, platform organization people What to protect against? Terrorists, cyber crime, … How to protect? People, Processes and Technology Assets Threats Protective measures Vulnerability and Risk assessment modeling Detection, testing, monitoring, review Acceptable risk? Temet Nosce
  • 15. It is not only about software and technology PROCESS • Management systems • Governance frameworks • Policies and procedures • Vendor/Third party contract follow up • Audit regimes TECHNOLOGY • System design, design review • Software configurations • Inspection/verification • Testing ✓ Functional testing ✓ Vulnerability scanning ✓ Penetration test PEOPLE • Training and awareness • Professional skills and qualifications • Written procedures • Authorizations • Physical security Temet Nosce
  • 16. ☺ Cyber VS Shipping ☺ Problems ☺ Vulnerabilities ☺ Threats-Incidents
  • 17. Opinions Temet Nosce Cyber & Shipping PART 2 Cyber Security in Shipping Industry
  • 18. Safety in shipping today heavily depends on cyber systems Temet Nosce
  • 19. Cyber risks are present and migrating to the OT world Temet Nosce
  • 20. Cyber risks are present and migrating to the OT world Temet Nosce
  • 21. Is cybercrime really a big problem? The UK government is investing £1.9 billion in cyber-security over the next five years The global cost of cybercrime will reach $2 trillion by 2019 Of 383 organisations asked who suffered at least one data breach in 2016, the average cost per breach was $4 million In 2017 the International Data Group (IDG) detected 38% more cyber-security incidents than the year before Temet Nosce 48% of data security breaches are caused by acts of malicious intent. Human error or system failure account for the rest.
  • 22. Impact on the Maritime Supply Chain Temet Nosce Hacking into on-line services – including cargo and consignment tracking systems. Phishing and links to malware & false web sites. Infection via removable media – flash drives. Fraudulent Web set up (disclosure of information/reputational damage).
  • 23. Impact on the Maritime Supply Chain Temet Nosce Hacking into navigational systems (ECDIS). AIS/GPS Spoofing. Impersonation Fraud Average cost of a cyber fraud at $120K per attack/incident. ➢ Interception and redirection of cash to master funds. ➢ Creating false invoices and accounting details for services such as annual lifeboat certification
  • 24. Threat Environment Cybersecurity - Intentional exploitation ➢ External bad actor ➢ Internal bad actor Cybersafety - Accidental corruption ➢ Accidental corruption ➢ Software or configuration errors IT Attack Methods OT Protocols System Knowledge Require set of Skills Temet Nosce
  • 25. Opinions Temet Nosce Problems PART 2 Cyber Security in Shipping Industry
  • 26. Keep in mind….. Vessel Digitization IT vs OT Temet Nosce
  • 28. Transforming the shipping industry-Entering the digitization era Computerized systems will transform the shipping industry Smart–autonomous or even automated ships Temet Nosce
  • 29. From Digital Ship to the Autonomous Ship Smart ships don’t represent a ‘stand-alone’ technology. Short to Medium Term From the Digital Ship to the Intelligent Ship: The exploitation of big data acquisition, communications and analytics to introduce intelligent, real-time and proactive decision-making in the design, operation and maintenance of ships Medium to Long Term From the Intelligent Ship to the Autonomous Ship: The exploitation of sensors and robotics technology to replace human operators, leading to semiautonomous ships (e.g., engine-room crewless ships) or fully autonomous ships (remote controlled) They are a manifestation and exploitation of integrated, networked technologies (e.g. sensors, robotics, big data, advanced materials, and communications) Digital Ship Intelligent Ship Autonomous Ship Temet Nosce
  • 30. Common Challenges in Shipping Competitive Imperatives ➢ Executives must accept a certain level of cyber attack risk Pervasive cybersecurity implication ➢ Cyber risk touches every business function across a shipping company ➢ Adoption of risk-based strategies Difficult to quantify Cyber Risk ➢ No single quantitative metric (value at risk) for cyber security ➢ Harder to communicate the urgency to ship owners. Difficult change behavior * McKinsey & Co, Why SENIOR Leaders are the front Line AGAINST Cyber Attacks Temet Nosce
  • 31. How cyber aware is the shipping industry? Urgency for action becoming gradually understood ➢ Why…????? ☺ No apparent ship-related cyber attacks ☺ No mandatory framework from related shipping organizations ☺ Other regulations affect maritime stakeholders (GDPR, NIS) * McKinsey & Co, Why SENIOR Leaders are the front Line AGAINST Cyber Attacks Priority Understand how these affect the industry in order to minimize cost Cyber security as Return of Investment-ROI Temet Nosce
  • 32. Crew Connectivity Report 2018 * Chatham House Report Crew Connectivity Temet Nosce
  • 33. Crew Connectivity Report 2018 * Chatham House Report Internet access in selected sectors Temet Nosce
  • 34. Crew Connectivity Report 2018 * Chatham House Report Responsibility Temet Nosce
  • 35. Crew Connectivity Report 2018 * Chatham House Report Training Requirements Temet Nosce
  • 36. Events: IMO’s Facilitation Committee - 40th Session, Meeting April 4th - 8th 2016 The Facilitation Committee is expected to identify the facilitation aspects with regards to protecting the maritime transport network from cyber threats, with a view to developing voluntary maritime cybersecurity guidelines, including best practices. Cyber Security Temet Nosce
  • 37. Internet of Things Cyber Risk Insight: Mobile Computing …Easy access to the internet onboard ships is a key requirement if young people are to be attracted into the seafaring profession, according to speakers at a World Maritime Day IMO symposium on maritime education and training... ILO MLC 2006, Title 3 Amendments List the requirements for recreational facility amenities that include but are not limited to some or all of the following: PC equipment Communication facilities, including email and internet access… Temet Nosce
  • 38. Opinions Temet Nosce Information Technology (IT) VS Operational Technology (OT)
  • 39. What is “Cybersecurity”? Cyber Security is NOT: ➢ Information Technology (IT) ➢ Compliance (ISO, ISM Code,…etc) ➢ Silver Bullet Solution Cyber Security IS: ➢ Sustained Risk Management Activity-function, designed to provide a standard of care. ➢ Cultural Change and business transformation. ➢ Mission and business of protecting the entire enterprise. ➢ Nod between User AND Corporate Awareness (All of you!!!!) Temet Nosce
  • 40. Maritime Industry Snapshot Mixture of corporate & local cybersecurity governance Varying levels of automation Humans-in-the-loop in key processes Dependence on vendors Emerging cybersecurity cultures Increased demand for business & control network integration Temet Nosce
  • 41. Information Technology (IT) Spectrum of technologies for information processing, including software, hardware, communications technologies and related services. Transaction Processing Systems Decision Support Systems Executive Info Systems Management Information Systems Temet Nosce
  • 42. Operational Technology (OT) Hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes, and events in the enterprise Temet Nosce
  • 43. IT vs and OT Information Technology (IT) Store & process information Operational Technology (OT) Manage physical devices & processes Temet Nosce
  • 44. Different Consequences of System Exploitation Operational Technology (OT) Consequences Information Technology (IT) Consequences Financial Impacts Physical Impacts Temet Nosce
  • 45. Opposite System Priorities Confidentiality Preserving authorized restrictions Integrity Performing its intended functions Availability Ensuring timely & reliable access Highest Information Technology (IT) System Priorities Operational Technology (OT) Lowest Highest Lowest Temet Nosce
  • 46. IT/OT Convergence Traditionally, IT & OT networks have operated independently New technologies enable better control, enhanced monitoring, & cost savings Data analytics to increase process efficiency, reliability, & lifespan Temet Nosce
  • 49. Trends in OT Systems Use of new technologies Increased automation Increased connectivity (IoT) Greater complexity Remote access Big data & data analytics Temet Nosce
  • 50. Common OT System Vulnerabilities Immature cybersecurity governance over OT Remote and direct access to OT systems by vendors Use of old and inherently insecure technology Unsecured physical ports Temet Nosce
  • 51. Trends in Physical Security Systems Migration to digital technology Use of wireless equipment Lack of cybersecurity expertise Division of cyber & physical security Outsourcing of security systems Temet Nosce
  • 52. Threats to Physical Security Systems Causing system outages Gathering sensitive data Creating fake identities Creating false situational awareness Neutralizing alarms Temet Nosce
  • 53. Common Physical Security Systems Vulnerabilities Non-segmentation of business & security networks Direct physical access to equipment Exploitation of wireless devices connections Sharing camera feeds with 3rd parties Uncontrolled remote access by security vendors Temet Nosce
  • 54. Opinions Temet Nosce Vulnerabilities PART 2 Cyber Security in Shipping Industry
  • 56. So What’s Vulnerable? Supervisory Control & Data Acquisition (SCADA) equipment and Industrial Control Systems (ICS) for loading/unloading of bulk/containerized cargo Cargo / Terminal Management Systems Domain Awareness / Navigational Systems - RADAR, AIS, VTS/VTMS Any Business Software Application: ➢ email, financial, human resources, finance, logistics, business operations, etc. - Think “ERP”. Any Operating Systems (e.g. Microsoft, Linux) Security Systems - CCTV, Access Control Mobility devices and platforms - RFID Communications Systems Employees (insiders) Temet Nosce
  • 58. Ship cyber Systems Temet Nosce EAS-Εngine Automation System AEMC Autonomous Engine Monitoring and Control System EDL-Engine Data Logger ACCER Autonomous Control of the Engine Room Κύριες μηχανές-Συστήματα υποστήριξής Βοηθητικές μηχανές Συστήματα πρόωσης και καθοδήγησης Συστήματα ελέγχου των δεξαμενών EH Emergency Handling Συστήματα γενικού συναγερμού Συναγερμός πυρκαγιάς Συναγερμός ανθρώπου στη θάλασσα Συναγερμός ακυβέρνητου πλοίου Συναγερμός ανίχνευσης CO2 Πλημμύρα του δωματίου μηχανών Πλημμύρα του χώρου φορτίων EES Engine Efficient System MIS Maintenance Interaction System BAS-Bridge Automation System Navigation Systems AIS-Automatic Identification System ECDIS-Electronic Chart Display and Information Systems VDR-Voyage Data Recorder GPS ASS-Advanced Sensor Systems Ραντάρ του πλοίου Κάμερες ασφάλειας και παρακολούθησης Συστήματα παρακολούθηση του περιβάλλοντος ASC-Autonomous ship Controller GMDSS-Global Maritime Distress and Safety System Συστήματα επικοινωνίας (VHF-HF-MF) NAVTEX-COSPAS-SARSAT-INMARSAT Πομποί SART και ραδιοφάροι EPIRB CCR-Cargo Management/Cargo Control Room Συστήματα ελέγχου/ένδειξης επιπέδου Συστήματα Απομακρυσμένου ελέγχου βαλβίδων Valve Remote Control System-VRCS Σύστημα έρματος-Συναγερμού για εισροή υδάτων Water Intrusion Detection System-WIDS Συστήματα ελέγχου εισόδου Electronic Personnel on Board-POB Systems Bridge Navigational Watch Alarm System-BNWAS Shipboard Security Alarm Systems-SSAS Συστήματα παρακολούθησης-CCTV PSMS-Passenger Management System Property Management System-PMS Medical Records Ship passenger/seafarer boarding access systems Συστήματα υποστήριξης της συνολικής υποδομής SCC-Shore Control Center RMSS Remote Manoeuvring Support System HMI-Human Machine Interface
  • 59. Interconnections-Dependencies….. EAS Engine Automation System BAS Bridge Automation System SCC Shore Control Center AEMC Autonomous Engine Monitoring and Control EES Engine Efficient System EDL-Engine Data Logger ACCER-Autonomous Control of the Engine Room EH-Emergency Handling MIS Maintenance Interaction System NAV Navigation Systems AIC-Automatic Identification System ECDIS-Electronic Chart Display and Info Systems ASS-Advanced Sensor Systems (1) VDR- Voyage Data Recorder GPS ASC Autonomous ship Controller GMDSS-Global Maritime Distress and Safety System CCR-Cargo Management/Cargo Control Room (1) Συστήματα Έλεγχου Εισόδου PSMS-Passenger Management System RMSS Remote Maneuvering Support System HMI Human Machine Interface Temet Nosce
  • 61. Electronic Chart Display & Information System (ECDIS) ECDIS Systems ➢ Geographic information systems ➢ International Maritime Organization compliant ➢ Alternative / compliant to paper nautical charts ➢ Can be interfaced with NavText and AIS ➢ July 2018 –Mandatory for all vessels in international voyages. Temet Nosce
  • 62. Electronic Chart Display & Information System (ECDIS) Attacking ECDIS Systems ➢ ECDIS systems are in essence desktop PCs ➢ With physical access a malicious person could use the USB slot to: ☻ Load incorrect/outdated maps ☻ Access the underlying operating system ☻ Spread malware/ransomware USB Flash Temet Nosce
  • 63. Electronic Chart Display & Information System (ECDIS) Attacking ECDIS Systems ➢ As with any other PC, ECDIS systems can be tampered with ➢ A number of these systems run with administrative rights and no password protection. Temet Nosce
  • 65. Automatic Identification System (AIS) AIS Systems ➢ Automatic tracking system for identifying and locating vessels ➢ 2002 – First mandate for vessels over 300GT to be equipped with a Class A type AIS transceiver. ➢ AIS information supplements marine radar, which continues to be the primary method of collision avoidance for water transport. ➢ Aid in accident investigation and in search and rescue operations. ➢ The information is also sent to providers such as: ☺ Maritimetraffic.com, Vesselfinder.com or Aishub.net. ➢ Transmit in the Marine bands: ☺ Channel A 161.975 MHz (87B) ☺ Channel B 162.025 MHz (88B) Temet Nosce
  • 66. Automatic Identification System (AIS) AIS Systems Messages ➢ AIS can send up to 27 types of messages ☺ Message 18 Sent between anywhere 30 seconds and 3 minutes to report the vessels position. ☺ Message 14 Safety related broadcast used in emergencies Temet Nosce
  • 67. Automatic Identification System (AIS)→Attacks Landscape Hackers download the data of an existing ship, changing some of the parameters and submitting it to the AIS service. Ship Hijacking Replay Attacks Hackers capture and store AIS data and replay spoofed messages in specific timeframes Man-in-the-water Because of maritime laws and best practices, everyone needs to address this type of an alert. Fake CPA Hackers create a fake CPA (closest point of approach) alert. Arbitrary weather forecast Hackers impersonate actual issuers of weather forecast such as the port authority and arbitrarily change the weather forecast delivered to ships. AIS Spoofing Hackers can send specially crafted messages that could mimic the location of an existing vessel, or even create a fake vessel and place it on its own virtual course. Temet Nosce
  • 68. Automatic Identification System (AIS)→ AIS Systems Attacks AIS Systems Attacks ➢ Even via RF the hackers have 4 attack vectors ☻ AIS Gateway ☻ Vessel Traffic Service ☻ Vessels ☻ Offshore * A Security Evaluation of AIS Automated Identification Systems Marco Balduzzi, Alessandro Pasta, Kyle Wilhoit/ Temet Nosce
  • 69. Automatic Identification System (AIS)→ Example Temet Nosce
  • 70. Automatic Identification System (AIS)→ Verified Attacks AIS Systems Verified Attacks Modification of all ship details ☻ Position-Course-Cargo-Flagged country-Speed-Name-MMSI Creation of fake vessels ☻ having an vessel with nuclear cargo show up off the coast of the US Create and modify Aid to Navigations (AToN) entries, ☻ Buoys and Lighthouses Research has been published in 2013 ☻ Since then there was not an improvement on the protocol ☻ ITU Radio Communication Sector (ITU-R)-Developers of the AIS standard and the protocol specification have acknowledged the problem Temet Nosce
  • 71. Opinions Temet Nosce Incidents PART 2 Cyber Security in Shipping Industry
  • 73. Incident trends and regulation development Drilling rig infected with malware Pirate Cyber Attack GPS jamming /spoofing Hacking of cargo tracking system U.S. Port hacker attack Bulk carrier SWB shuts down – ransomware Major shipping company infected by ransomware “Prepare for the unknown” 2010 2011 2012 2013 2014 2016 2017 2018 ISO 27001/27002 IEC 62443 January BIMCO Cyber security guideline IMO Guidelines on cyber security onboard ships July NIS directive September DNVGL RP-0496 July IMO Guidelines on maritime cyber risk Management January DNVGL Cyber security Type Approval May EU GDPR May DNVGL Class notation Temet Nosce
  • 74. Cyber risks are present and migrating to the OT world Temet Nosce
  • 75. Cybercrime time line Temet Nosce 2011–IRISL Services hacked causing damage to rates/loading schedules/delivery schedules/location of boxes (some never traced). 2011-2013–Port of Antwerp–drug cartel illicit drugs and contraband seized $365 million/firearms seized $1.5 million (led to MSC v. Glencore International AG [CA]) 2012–Australia illicit drugs and contraband seized $365 million/firearms seized $1.5 million (led to MSC v. Glencore International AG [CA])
  • 76. Cybercrime time line Temet Nosce 2012–2014–Danish port authority Email virus led to full shut down and ultimately infected government systems. 2014-Semi Sub Gulf of Mexico destabilised 19 days to make seaworthy and return to operation. (Similar attacks to other rigs off Africa). 2016–N.Korea? 280 vessels forced to return to port following problems with navigation systems
  • 77. Cybercrime time line Temet Nosce 2017-Black Sea 20 ships in Black Sea AIS/GPS spoofed – 32km inland of actual posi- tion. 2018-COSCO COSCO hit by a cyber attack affecting the carriers ability to commu- nicate with vessels, customers and marine terminals.
  • 78. High-Profile Cyber Events Against IT & OT Systems Temet Nosce
  • 79. IRISL (Islamic Republic of Iran Shipping Lines→ Hack (2011) Servers were compromised Logistics systems crashed Entire fleet of 172 vessels was compromised False information input into systems: ➢ Compromised manifests ➢ Falsification of rates ➢ Containers ‘cloaked’ ➢ Delivery dates ➢ Client / Vendor Data Major Business Interruption!!!!!!!! Temet Nosce
  • 80. Port of Antwerp:2011-2013 Cyber-enabled cargo theft Drug traffickers recruited hackers to breach IT systems. Controlled the movement and location of containers over a 2-year period from June 2011 Drugs were hidden in containers among legitimate cargo Enabled traffickers to steal the cargo before the legitimate owners arrived Hacking technique involved physical access to computer networks and installation of snooping devices Impact: cargo theft * https://www.bbc.com/news/world-europe-24539417 Temet Nosce
  • 81. Maersk : Ransomware attack-June 2017 Petya ransomware attack. (…modified with a leaked NSA exploit…) No data breach or loss to third-parties” occurred Impact: the company would lose up to $300 million in revenues * https://www.gnostech.com/maritime-blog/petya-maersk-one-year-later/ Maersk operations were certainly impacted Shut down infected networks Three container-related businesses were taken offline Maersk reinstall its entire infrastructure 4,000 new servers, 45,000 new PCs, 2,500 apps In 10 days Temet Nosce
  • 82. Maersk : Ransomware attack-June 2017 * https://www.gnostech.com/maritime-blog/petya-maersk-one-year-later/ Maersk chairman Jim Haggeman Snabe “…Imagine a company where you have a ship that comes into a port every 15 minutes and for 10 days and you have no IT. It’s almost impossible to even imagine…” “…Maersk drew important lessons from the incident, including the pitfalls of management being “naive” about cybersecurity…” “…This was a very significant wake up call for AP Moeller Maersk. We could say a very expensive one… Yet I argue that it was a very important wake-up call…” Temet Nosce
  • 83. The Incident Temet Nosce At 04:00 12 August 2018 the head office of the "Amazing Cruise Company" – based in Nassau Bahamas received the following distress call from the master of their cruise vessel MV Wonders: "Mayday Mayday Mayday - this is MV Wonders communi- cating on all channels. We are under suspected piracy attack. Please advise” The following radio traffic then ensued: “MV Wonders, MV Wonders - this is operations Nassau - please advise current position, speed and nature of attack” “Operations – we are currently in position Lat 12 degrees 25 minutes North, Long 043 degrees 53 minutes East, we have increased speed to 18 knots and are taking avoidance manoeuvres” “MV Wonder MV Wonders - your position is noted, we are instigating immediate emergency response and notifying US Naval/Nato - please advise nature of attack”
  • 84. The Incident Temet Nosce “Three vessels approaching at speed, two to starboard one to port - vessels appear to be heavily armed. Suspected RPG” Sound of large explosion “They have fired RPG–repeat RPG-contact starboard midships” The following radio traffic then ensued: “MV Wonders MV Wonders - please advise scope of damage, any casualties ? We are in contact with US Naval authorities” “MV Wonders MV Wonders - please respond”. “MV Wonders MV Wonders this is operations Nassau - please update position/situation” No further radio traffic is received from the vessel. The cruise company immediately activate their emergency response plan which includes notification both to the FBI and US naval authorities. The position of the vessel as notified in the previous message is communicated. This is also verified by remote access to the ships electronic systems.
  • 85. The Ship’s Electronic Systems Temet Nosce
  • 86. The Ship’s Electronic Systems Temet Nosce
  • 87. The Ship’s Electronic Systems Temet Nosce Despite all attempts to re-establish contact with the vessel no response is received. Fortunately a US naval frigate is in the vicinity of the reported attack and proceeds with all speed to attend. Upon arrival the US naval frigate advises that there is no sign of the vessel. The frigate launches helicopters to search the area.. After a one-hour search operating on a GEOREF search pattern the vessel is located. Tactical response, which by now includes specialist Navy Seal teams, are dispatched to the actual location
  • 88. The Ship’s Electronic Systems Temet Nosce On attendance it becomes immediately apparent that the motive for the attack is terrorist based. Six key members of the crew and a further six passengers have been ritually executed in the vessels main auditorium. Passengers have been forced to watch the executions. A check of passenger and crew members shows nine crew and 25 passengers (including some children) missing. Reports from crew members advise that immediately following the attack a number of passengers and crew members were forced into the launches and taken on board a helicopter which had landed on the vessel during the attack. A DVD left playing on the vessels public address system advises that the attack has been carried out by a terrorist coalition in retaliation for the continued atrocities of the West.
  • 89. The Ship’s Electronic Systems Temet Nosce
  • 90. The Ship’s Electronic Systems Temet Nosce
  • 91. The Ship’s Electronic Systems Temet Nosce
  • 92. The Ship’s Electronic Systems Temet Nosce The scenario that we have just described may seem far-fetched but;. The New York Times in 1978 reported how the FBI had arrested four individuals who had planned to seize a cruise vessel based on the Rod Serling novel, “Assault on the Queen" and the subsequent film of the same title starring Frank Sinatra. In 2017 a cargo ship travelling from Cyprus to Djibouti lost control of her navigation system for 10 hours preventing the captain from manoeuvring with the intention of steering the vessel into a territory where it could be easily boarded by pirates and robbed. A source later commented that "the entire IT system of the vessel was completely hacked”. Giles Hunnisett (Master Mariner and consultant with Waves Group) – “what I am looking at more and more is a more widespread problem. ECDIS could have 20,000 vessels, all of them updated by a few companies. Imagine a bug getting into 1,000 ships all at the same time. They would not be able to leave or enter ports or if they were at sea establish exactly where they were. The consequence would be a huge business interruption. The more people I see the more I hear that they are surprised it hasn't happened yet. Meanwhile, on board, we know the danger, but we cannot do anything about it”.
  • 93. Opinions Temet Nosce Threats PART 2 Cyber Security in Shipping Industry
  • 94. The Greatest Cyber Threat to us All: Data Integrity “Integrity. Cyber operations include an increased emphasis on changing or manipulating data to compromise its integrity to affect decision making, reduce trust in systems, or cause adverse physical effects.” Threat actions include: ➢ Posting disinformation on websites ➢ Altering of online media as a means to influence public discourse and sentiment ➢ Modify stored data ➢ Transmit false data ➢ Track and/or manipulate the flow of information Temet Nosce
  • 95. USCG Maritime Cyber Bulletin -28 December 2015 Business Email Compromise is a global scam with subjects and victims in many countries. The FBI received victim complaints from more than 45 countries between 2013 - 2014: Statistics: ➢ Total U.S. victims: 1,198 ➢ Total U.S. dollar loss: $179,755,367.08 ➢ Total non-U.S. victims: 928 ➢ Total non-U.S. dollar loss: $35,217,136 ➢ Combined victims: 2,126 ➢ Combined dollar loss: $214,972,503 Temet Nosce
  • 96. The “Whale” Attack: Targeting Key Executives As of April 2016: ➢ USD $2.3 billion in losses since 2013. ➢ 270% increase since January 2015 ➢ 79 Countries have been affected. * https://krebsonsecurity.com/2016/04/fbi-2-3-billion-lost-to-ceo-email-scams/ Temet Nosce
  • 97. Some common threat scenarios for ship and crew Social engineering/phishing Removable media/external hardware Mixing isolated and open networks Tampering with ECDIS, navigation systems Ransomware (malware) Denial of Service (DoS/DDoS) Data filtration/data theft Unintentional working accident not following procedures Bad intentions planned Temet Nosce
  • 106. Best practices:How to avoid cyber mishaps onboard your ship/in your company Think before you click! Research the facts behind e-mails and their attachments! Make sure external drives and USBs are clean! Be aware when third parties enter your systems or data! Protect your passwords! Never connect personal items to the ship critical systems. Never use external wi-fi for company emails or downloads unless protected by VPN! Learn how to install and use two step authentication. Learn how backup and restore is done onboard your ship. Always report errors and mistakes. Educate yourself on cyber risks and how it affects your ship, your colleagues and you personally! Temet Nosce
  • 107. Opinions Temet Nosce Vulnerabilities PART 2 Cyber Security in Shipping Industry
  • 108. Vulnerabilities Examples Unknown System Components Vulnerabilities ➢ Chief had never opened cabinet containing PLC for rudder hydraulics Internal bad actor Countermeasures ➢ Document the connections and identities of the rudder function ➢ Include in change management program Uncontrolled Vendor Access Vulnerabilities ➢ Uncontrolled laptop ➢ Uncontrolled connection to Internet ➢ Undocumented software change management procedure Countermeasures ➢ Change management process ➢ Access policies Temet Nosce
  • 109. Vulnerabilities Examples Improper Segmentation Vulnerabilities ➢ 1st Engineer requests printer for alarm system from IT ➢ IT technician connects alarm system to “ship” network ➢ Ship network has direct paths to internet (e.g., port 80, 443) Countermeasures ➢ Segment safety-critical systems from IT Networks Uncontrolled Physical Ports Vulnerabilities ➢ Open physical ports on control system equipment Countermeasures ➢ Block unused/infrequently used USB/RJ- 45 ports using port blockers/silicone Temet Nosce
  • 111. Challenges to Achieve Significant Consequences Exploitation requires expertise in multiple disciplines OT networks are generally compartmentalized from IT networks Highly engineered systems with multiple layers of safeguards Human-in-the-loop with manual overrides Generally manual vs. automated valves to the atmosphere Temet Nosce
  • 112. ☺ Standards-Guidelines ☺ Risk Management ☺ Benefits ☺ Conclusions
  • 114. Standards ISO/IEC 27001 CIS 20 Critical Controls (v6) NIST SP 800.53 R4 NIST CSF BIMCO Guidelines on Cyber Security OnBoard Ships (v.2) ISPS Code ISM Code OCIMF TMSA 3 Foundational Cyber Risk Mgmt. Best Practices Maritime Risk Mgmt. Best Practices Maritime Cybersecurity Capability Maturity Temet Nosce
  • 115. IMO-International Maritime Organization Maritime cyber risk refers to a measure of the extent to which a technology asset is threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a conse- quence of information or systems being corrupted, lost or compromised. Interim Guidelines on Maritime Cyber Risk Management Temet Nosce
  • 116. ISM Code “Assess all identified risk to its ships, personnel and the environment and establish appropriate safe guards.” International Safety Management (ISM) Code Section 1.2.2.2 Temet Nosce
  • 117. Guidelines: Recent Guidelines Issued 2017 The Guidelines on Cyber Security OnBoard Ships Version 2 BIMCO, CLIA, ICS, INTERCARGO, INTERTANKO, OCIMF and IUMI 2017 The Application of Cybersecurity Principles to marine and offshore Operations Volume: CyberSecurity ABS 2017 Code of Practice Cyber Security for Ships UK Department of Transport-IET 2016 Cyber Security Awareness A.M.M.I.T.E.C. Temet Nosce
  • 119. Specific risks and their consequences to the shipping industry Temet Nosce GNSS Jamming and AIS spoofing Issues with AIS. No authentication protocols. Jamming devices cost as little as $100 AIS/GPS spoofing can be achieved with a $100 VHF set Estimated 250,000 cell towers in Russia are equipped with GNSS jamming devices. GPS jamming trial – Flambrough Head – showed effect was to create incorrect data on ECDIS, AIS and Radar – all systems ! Easy ability to impersonate targets (ships). Unencrypted messaging. Jammers have radius of over 30km. 2017 Report – 5 day loss of GNSS would cost UK £149 million July 2018 NATO issued requests for reports of instances of GPS or AIS interference in the Mediterranean, noting that in the past few months several electronic interferences had been detected.
  • 120. Specific risks and their consequences to the shipping industry Temet Nosce Unseaworthiness the ship ‘must have that degree of fitness which an ordinary careful and prudent owner would require his vessel to have at the commencement of her voyage having regard to all the probable circumstances of it’ F.C. Bradley & Sons -v- Federal Steam Navigation (1926) 24 L1.L.Rep. 446 – definition of seaworthiness “fit to meet and undergo the perils of sea and other incidental risks to which of necessity she must be exposed in the course of a voyage” Kopitoff-v-Wilson (1876) 1 QBD 377 “requires the crew to be adequately trained” EURASIAN DREAM” [2002] 1 Lloyd’s Rep. 719 “requires ports to implement security protocols but are not designed with cyber attacks in mind” ISPS/(US) MTSA 2002
  • 121. Specific risks and their consequences to the shipping industry Temet Nosce Unseaworthiness (cont.) If she has that degree of fitness which the ordinary careful owner would require his vessel to have at the commencement of the voyage having regard to all the probable consequences of it. Would a prudent owner have required it should be made good before sending to sea had he known of it? A ship is seaworthy: Extends beyond physical fitness to (i) sufficient, efficient and compe-tent crew (ii) adequate and sufficient systems on board to address matters which may arise during the voyage. By reference to the state of knowledge in the industry at the time Luke Parsons QC & Julian Clark concluded, “in the absence of being able to show positive steps taken in line with implementation of cyber risk mana- gement systems and protocols an owner will face an up hill struggle in establishing seaworthiness”
  • 122. Specific risks and their consequences to the shipping industry Temet Nosce Malware – Not Petya Port of LA, Clarksons and Maersk – most high profile. Estimated $300 million loss; Clarksons – 6% drop in share value Maersk: Congestion in over 80 ports; Replaced 4,000 servers, 45,000 PC’s and 2,500 applications; Networked fleet successfully isolated. COSCO attack - full financial implication presently unclear
  • 123. Specific risks and their consequences to the shipping industry Temet Nosce Hacking and beyond Change of manifests – illicit goods trade (Port of Antwerp), to mis-description (CHC/Liquefaction risk/Sanctions avoidance – SA Red Acorn). Business disruption and reputational damage. A new route to industrial espionage. Potential to disrupt a Blockchain ?
  • 124. Cyber and litigation risk Temet Nosce The Washington DC scandal No longer just tipex on the log books Needle in the haystack approach to discovery GDPR (25 May 2018) E20 million of 4% of global turn over whichever greater GDPR and new Regulation will enforce cyber hygiene. USA implementing legislation to penalise companies for inappropriate data handling and storage. ICCA/New York City Bar/CPR Institute working group on cyber security for International Arbitration: No longer just tipex on the log books Protection of digital information in arbitration; Identifying and protecting the weak link; Powers to order cyber security measures; Framework for adopting cyber security measures during the process. Why ? High value, high stakes, sensitive and potentially damaging information access.
  • 125. Corporate Exposure – Are you ready to deal with a cyber attack? Temet Nosce A data breach plan with step-by-step actions The Washington DC scandal Procedures to regularly rehearse the plan with all staff A designated person responsible for handling any breach Regular updates concerning the plan to ensure all senior staff are fully familiar with it Prepared notification messages to 3rd parties and suppliers In the UK gathering of evidence for the Information Commissioner to show how the breach has been handled. Similar information gathering for any international regulatory authority. Regular cooperation with any cyber insurance provider for guidance and in order to ensure maintenance of cover Pre-prepared statements to customers advising how the firm will deal with any damage A no tolerance party to ransom demands
  • 126. Corporate Exposure – Are you ready to deal with a cyber attack? Temet Nosce Identify where the demand or ransomware originated and how this entered the system And when an attack takes place: Isolate all infected devices (immediately take them off-line) Assess how many and which devices have been affected Restore lost data from backups Advise customers if their data has been compromised Once the attack is under control - prepare a "lessons to be learned" review.
  • 127. Cyber Risk Model Functions. Software that control machines on assets Connections. Nature and number of digital interfaces(e.g., physical ports, network connections) indicating cybersecurity complexity Identities. Humans or machines that send or receive data by means of the digital interfaces Temet Nosce
  • 128. Cyber Risk Management Begins at the Top-It’s a Boardroom Challenge ➢ Managing Directors, CEOs & Board Members are accountable for organization’s Cyber Security. ➢ Cyber Risk Management must be owned by leadership rather than be relegated to an “IT” challenge Cyber Risk affects an organization’s: ➢ Balance Sheet/Profit & Loss. ➢ Legal Exposure. ➢ Operational Effectiveness. ➢ Customers. ➢ Vendors. ➢ Partners. ➢ Employees. Temet Nosce
  • 129. “Cyber Risk” what do we mean? Cyber risk signifies more than data breaches… ➢ Seaworthiness ➢ Client and employee information ➢ Commercial confidential information / assets ➢ Money (Profit and Loss) ➢ Reputation Game Changers… ➢ Stuxnet and Shamoon ☺ Proved that physical events can be triggered through cyber means ➢ Sony ☺ Targeted employees, damaging systems and reputations, and divulged corporate secrets and trade information Temet Nosce
  • 130. Why Should We Manage Cyber Risk in the Maritime Domain? Every port authority and terminal operator operating in the world economy creates, utilizes, stores, manages, and exchanges digital data, along with financial information, via internal and external networks. Ports sustain 90% of the global economy ➢ 4,764 Ports in 196 countries ➢ 68,000+ vessels by 2023 * www.mits-forum.org Recurring Industry Themes: • Multimodal connectivity • Increase efficiency of operations • Increase capacity for small port infrastructure • Passenger traffic Temet Nosce
  • 131. Cyber Risk Management Business Leaders Unanswered Questions: ➢ What do we invest in first ? ➢ How much do we need to budget ? ➢ What are our priorities when comes to Cyber Security ? ➢ How can we measure the effectiveness of our investments ? ➢ Are our investments sustainable ? Temet Nosce
  • 132. What can we do ? Organize our Company: ➢ Cyber Security Assessment ➢ Table Top Exercises (TTX) ➢ Threat Assessments ➢ Cyber Risk Management Planning ➢ Executive Awareness Training ➢ Tools ➢ Cyber Threat Intelligence Support Temet Nosce
  • 133. The Cyber Risk Reduction Curve Temet Nosce
  • 134. Driving Risk Reduction Cyber Risk Reduction Curve ➢ Investing in the right combination of technology and insurance maximizes risk reduction ☺ 1. Technology Risk Reduction ☺ 2. Insurance Risk Reduction * Axio Temet Nosce
  • 136. Benefits Benefits: ➢ Strengthen cybersecurity capabilities ➢ Institute consistent evaluation and benchmarking of cybersecurity capabilities ➢ Share knowledge and best practices ➢ Enable prioritized resource allocation ➢ Inform cybersecurity investments ➢ Drive continuous improvement Temet Nosce
  • 137. Cybersecurity Resources Cybersecurity Framework Foundational reference model & common framework providing set of cybersecurity activities, outcomes, and informative references Identify Protect Detect Respond Recover Structure for cyber risk management & system components Technical, administrative, & physical protections Monitoring to discover when system is compromised Initial actions to limit the consequences of a cyber event Follow-up actions to restore full functionality & operations Temet Nosce
  • 138. How to get started Choose standard(s) to guide program development Perform assessment of current program against standard(s) Analyze risks and identified gaps Prioritize actions to address gaps and develop plans Temet Nosce
  • 139. Guide for choosing standards Temet Nosce
  • 141. Driving Continuous Improvements and Setting the Stage for Long-Term IMO Compliance Launch Strategy Software Perform Baseline Evaluation and Identify Gaps Review Recommendations and Set Target Profile Prioritize Implementations and Plan Updates to SMS Allocate Appropriate Resources & Implement Improvements Investment Planning Resource Allocation Mitigation Activities Begin SMS Updates Sustain Investments & Resources Mitigation Activities Continue Finalize SMS Updates 2nd Year 3nd Year Establishing a Sustainable Cyber Risk Management Program Temet Nosce
  • 142. Gain Awareness & Train! Training Programm: ➢ Executive Leadership Briefings. ➢ Workforce training spanning multiple cyber maturity dimensions (e.g. spearphishing, passwords, social media,etc.). ➢ Consider web-based training awareness tools for baseline and refre- sher training. ➢ In-house Cyber TTX combined with ISPS Code requirements. ➢ Technical Staff Training Global organizations can rapidly deliver and sustain cybersecurity and cyber risk awareness training across the enterprise. Temet Nosce
  • 143. Insurance Considerations→ Insurance Risk First Party Damages (Tangible & Financial) ➢ Response Costs - Forensics, Notifications. ➢ Legal expenses: advice and defense ➢ Revenue losses due to network or computer outages ➢ Restoration costs related to reconstitution of lost data ➢ Ransomware: Cyber extortion ➢ IP Loss: values of stolen property ➢ Mechanical compromise / breakdown ➢ Destruction of equipment or property ➢ Lost revenue due to physical damages ➢ Bodily injury to employees Scenarios Insider threat; Network Disruption; Network breach; Malware attack (e.g. on SCADA); Ransomware Third Party Damages (Tangible & Financial) ➢ Financial recovery due to consequential loss of revenue ➢ Restoration activity expenses ➢ Legal expenses: advice and defense ➢ Credit monitoring costs ➢ Physical damage / destruction of equipment and /or property ➢ Environmental cleanup ➢ Bodily injury to others ➢ Regulatory fines Scenarios Insider threat; Network Disruption; Network breach; Malware attack (e.g. on SCADA); Temet Nosce
  • 144. Don’t Panic → It’s not all so Bad…. Reliance on crew ➢ Sufficient and continuous training on Cyber Security ➢ Development of a Cyber Security Policy Reliance on manual controls ➢ Crew-Paper Charts-Radar Vessels must be treated as any other network ➢ Security Audits ➢ Penetration Testing ➢ Physical Security Assessments Incident Response ➢ Development of Contingency Plans ➢ Stress Tests Temet Nosce
  • 145. Effective Cyber Program → key characteristics Being SECURE means having risk prioritized controls to defend critical assets against known and emerging threats. Being VIGILANT means having threat intelligence and situational awareness to anticipate and identify harmful behavior. Being RESILIENT means being prepared and having the ability to recover from cyber incidents and minimize their impact. Temet Nosce
  • 146. Key characteristics → Cyber risk is not an uncontrollable phenomenon Maritime Industry is based on IT solutions The progress of information technologies will definitely proceed Complex risk-scenarios which currently seem to be difficult to be solved. Balance people, processes and technology Information security is not just about computer security. Invest in all core elements of information security: physical, human and cyber. Act as you have already been hacked Breaches occur at all organizations Mix of processes for prevention, detection and response to keep cyber-risk below a level Temet Nosce
  • 147. Re-Thinking Maritime Cyber Resiliency in a “Cyberized” World Maritime Industry is now in a digitization era Balance people, processes and technology Assume your business has already been attacked, infiltrated and compromised Understand that there is no “magic bullet” Develop a New Approach: ☺ Take a top-down approach ☺ Implement an enterprise cyber risk management strategy Temet Nosce
  • 149. Re-Thinking Maritime Cyber Resiliency in a “Cyberized” World Are we focused on the right things? Understand how value is created in your organization Where your critical assets are..? How they are vulnerable to key threats..? Practice defense-in-depth.. Do we have the right talent? Quality over Quantity Not enough talent to do everything in-house Strategic approach to sourcing decisions Are the security teams focused on the real business areas. Temet Nosce
  • 150. Re-Thinking Maritime Cyber Resiliency in a “Cyberized” World We proactive or reactive? Retrofitting for security is very expensive Build it upfront in your management processes, applications, and infrastructure. Are we adapting to change? Regularize → Policy reviews, assessments, and rehearsals of crisis response processes Establish a culture of perpetual adaptation to the threat and risk landscape. Temet Nosce
  • 151. In conclusion Temet Nosce What cyber risks do you identify to ECDIS, AIS and other systems, shipboard and other- wise? All of these systems are exposed to infiltration and cyber attack. The scope of the risk is significant and comes from a range of sources and for a range of motives. Hackers are attracted to shipping as it represents a challenge to their range of expertise and yet can be perceived by them as less of a life threatening threat for them to interfere with. ✓ Destabilization of an oil platform which not only lead to $100,000’s of shut down costs but raised a significant risk of a major incident on the level of Piper Alpha. Cyber terrorists and hacktivists – here significant financial disruption and potential loss of life may well be their aim.
  • 152. In conclusion Temet Nosce What are the best ways for owners and crews to protect against cyber risks? Take the risk very seriously.In fact make it number one on your risk list.. Guidance and procedures must originate at Board level – not left to the IT department or even those routinely dealing with ISPS. There must then be in place a rigorous training regime. ✓ Not just how to prevent an attack and identify risk but what steps to take as soon as it becomes clear an attack is underway Cyber avoidance risk barriers need to be implemented at every level of the business – not just across the vessels rail but in the owning office. ✓ for example, security checks and monitoring of all staff (however junior) that could gain access to electronic systems Quick and effective response can save millions of dollars and more importantly business reputation and potential loss of life.
  • 153. In conclusion Temet Nosce Can technology always solve technology? What is the human, systemic and societal element? If you are asking “is it simply a matter of developing better fire walls etc.?” the answer is no. Again this is why a response and culture from the top of the company down needs to be developed. ✓ All owners, operators and those engaged in the logistics chain are now involved (like it or not) in a chess game with that hooded figure we often see in cyber risk power points and presentations. ✓ It’s a matter of constantly trying to think 5 moves ahead – how is my business at risk, what could someone gain by attacking my business, do I have the response plans in place to deal with an attack ? How much of a problem do you see cyber security as being in the short and long term? It is the single largest threat facing international shipping today.
  • 154. In conclusion Temet Nosce How can we make ships and mariners safe from cyber threats? It is unlikely that you will ever be able to eradicate the risk completely. Greater training, knowledge and development of cyber emergency response plans are our best form of defense. ✓ Shipping Companies need to work in close co-operation with the experts in the field (both legal, risk avoidance and technological) to develop and implement effective systems and regularly run full emergency drills. Using the Ghost Busters analogy “Who you gonna call ?” What are the financial risks and solutions? It is the single largest threat facing international shipping today. I think I have probably dealt with solutions above. ✓ As to financial – HUGE – look at the recent publicised examples and remember we are only seeing the tip of the ice berg in what is actually being reported compared to the number and significance of the attacks taking place.
  • 156. 1. PPT:Maritime Cyber Risk-C.Kapalidis_HudsonAnalytix 2. PPT:Maritime CyberSecurity-A.Cynthia_HudsonAnalytix 3. PPT:DNVGL_Cyber Security Awareness in the Maritime Industry 4. PPT:ABS_Maritime Cybersecurity Awareness_Mowrer 5. Thesis_Peiraias_Kavalieratos_Cyber-attacks to cyber-enabled ship 6. PPT:Deloitte_Cyber Security in the shipping industry 7. Hill Dickinson_Cyber Crime in the Shipping Industry Βιβλιογραφία-Υλικό Temet Nosce Για τη δημιουργία αυτής της παρουσίασης δανείστηκα υλικό από της παρακάτω πηγές: