Maritime Cyber Security: Survival at Sea

By CDR Emil A. Muccin, USMS
Wednesday, July 18, 2012

What do we think of when we hear “Survival at Sea”? 
It usually brings up visions of a ship in a perilous situation confronting some extraordinary circumstances that might be life or death.  We are now faced with an even more harrowing scenario- broaching of maritime information including specific details that might encompass company proprietary data as well as details of vessel schedules and particulars.  Many of you have heard of recent cyber-attacks including Stuxnet that deliberately disrupted critical automation systems and the just released Flame computer virus disguised as a Microsoft-built program that has caused problems for Iran’s computer networks.  These cyber-attacks speak to the need for safe and secure information systems aboard maritime vessels and the requirements for a robust cyber defense system.  Counter terrorism experts indicate that future attacks are inevitable and that the US maybe in harm’s way of collateral damage if this is picked up by unfriendly adversaries.
Most people do not realize that a majority of activities in the maritime field rely on sophisticated electronic and communication systems, and that puts them in an extremely vulnerable position and exposes them to hacking similar to nuclear plants and other areas of national infrastructures.
A recent 2011 European Union (EU) Report on Maritime Cyber Security indicates that maritime cyber security awareness is currently low to non-existent.  This report covers many of the challenges facing mariners in the 21st century and highlights trends as well as examines current initiatives while offering recommendations to address these risks.  In the global world of 2012 this report proposes maritime cyber security as an important and timely next move in the global arena of Information and Communication Technology (ICT) infrastructure protection efforts.
Based on the high complexity of ICT aboard maritime vessels it is paramount to adequately support and maintain a proper maritime cyber defense system.  One of the basic concepts should be a design methodology that incorporates security in all major maritime ICT components.
Current maritime security principally deals with physical security and it now needs to be expanded to encompass cyber security and defense.
Much of the cruise industry currently has IT department onboard vessels and the new changes in the 2010 STCW Manila Amendments have even introduced an Electro Technical Officer (ETO) designation with approved training and Certificate of Competency (COC).  On board cruise and passenger vessels an ETO is immensely important as they have huge electrical requirements and unmanned technology handling them.  An ETO can be seen as a higher version of an electrical officer.  Some areas that an ETO is responsible for include radio communications, electronic navigation equipment, telephone and satellite communications and engine room electrical equipment. 
The 2010 STCW Manila Amendments have now been in force since January 1st, 2012 and although there is no specific requirement for the carrying of an ETO, IMO has created the position with core competencies and minimum mandatory requirements.  It is plausible to believe that future STCW Amendments will make this a mandatory position on certain type and size vessels.  Prudent vessel owners and operators would be wise to fully embrace this position and commence integrating it into their crew complement.
It is interesting to note that over 50% of international trade takes place via maritime shipping and within the European Union (EU) over 40% is via maritime commerce.  With these staggering numbers it should become readily apparent that the ICT infrastructure and backbone needs to be made more secure and tamper proof.  Measures that can be deployed include developing a holistic approach to cyber based risk management, building a framework for cyber incident response, enhancing information sharing to improve incident response capabilities and improving cyber security across all infrastructures.  Much of this can be framed around proper training for all crew members as well as implementing the ETO position and ensuring and performing systems audits on all equipment and systems to verify they have the latest security and software updates.
At sea some simple items that can be done to be more cyber secure and vigilant include whenever updating ECDIS charts to verify the source, request encrypted data and digital electronic signatures.  These are simple steps that can help alleviate someone maliciously sending you incorrect navigational data that could easily put your ship in jeopardy or peril for example by moving one buoy out of position in a channel.
Would it be beneficial for the maritime community to get together and form a maritime cyber security team that could establish strategy, policy and guidelines that would be beneficial in securing and protecting the maritime sector?  In today’s world now is the time to make this preventive move and on an individual basis all shipping companies should be self-evaluating their operations and infrastructure to ensure they are fully compliant with the latest security and protection systems to avoid future threats..


CDR Muccin, USMS is an Assistant Professor in Nautical Science/Marine Transportation at the United States Merchant Marine Academy.  The views here are her/his own and not those of the Academy, the Maritime Administration or any other branch of the United States government.


(Source: Maritime Reporter & Engineering News, July 2012 - www.marinelink.com)

Maritime Today


The Maritime Industry's original and most viewed E-News Service

Maritime Reporter April 2016 Digital Edition
FREE Maritime Reporter Subscription
Latest Maritime News    rss feeds

Technology

Lerwick Harbor sees Seasonal Boost

The opening of the offshore season in northern waters has seen specialist oil industry vessels return to Lerwick Harbor during April to support subsea development projects.

ExxonMobil 1Q Profits Plunge 63%

Highlights   * Earnings of $1.8 billion decreased 63 percent from the first quarter of 2015.   * Earnings per share were $0.43 assuming dilution.   * Cash

KICT Welcomes MSC MEL 1 Service First Call

MSC Lana Voy-JA618R made its inaugural call at Karachi International Container Terminal (KICT), marking the launch of a new Middle East Loop 1 (MEL 1) Service.

Legal

Blacklisted Tanker Returns to Libya's Zawiya Port

A tanker that Libya's rival eastern government had been using to try to export oil in defiance of the Western-backed administration in Tripoli returned to the country on Saturday,

Lerwick Harbor sees Seasonal Boost

The opening of the offshore season in northern waters has seen specialist oil industry vessels return to Lerwick Harbor during April to support subsea development projects.

Drug Interception at Red Hook Container Terminal

Approximately 121 pounds of heroin and eight pounds of cocaine were discovered in a shipping container of vegetables that was moving from Ecuador to Miami, Fla.

Shipbuilding

Symphony Sun’ Launched in Leer

On Friday the 29th of April, Nb. 420 was launched in Leer. She was christened ‘Symphony Sun’ and is the fourth vessel in a series of 6 that will be delivered to Symphony Shipping.

SCHOTTEL Debuts EcoPeller with High-torque Gears

Propulsion and steering systems manufacturer SCHOTTEL has unveiled its new EcoPeller (SRE), which it said offers improved efficiency and robustness. Playing a

Fincantieri Delivers Carnival Vista

Carnival Vista, the new flagship of the fleet of Carnival Cruise Line, brand of the Carnival Group, was delivered today at Fincantieri’s shipyard in Monfalcone.

Education/Training

Ocean Economy Set to Double in Size by 2030

The world’s oceans must be managed well to ensure the potential of an “ocean economy” that was worth US $ 1.5 trillion in 2010.   "Calculations based on the

First Female Deputy Harbor Master at Port of Durban

One of the first three women in Africa to obtain a Marine Pilot open license in 2011, Pinky Zungu has again made history with her appointment as Transnet National

CMA CGM at the Heart of Paris Art Installation

Worldwide shipping group CMA CGM  announced that it is the main partner of the Monumenta 2016 art exhibition in Paris.    CMA CGM has decided to be at the heart of the creation of the masterpiece,

Maritime Security

Canadian Navy Frigate Refit Program Completed

Seaspan joined Harjit S. Sajjan, Canada’s Minister of National Defense, at an official ceremony today to celebrate the completion of the Halifax-Class Modernization/Frigate

Drug Interception at Red Hook Container Terminal

Approximately 121 pounds of heroin and eight pounds of cocaine were discovered in a shipping container of vegetables that was moving from Ecuador to Miami, Fla.

How France Sank Japan's Sub Dream

Ousting of Japan ally PM Abbott opened door to rivals; Tokyo slow to respond to new competitive process. In 2014, a blossoming friendship between Australian

Maritime Safety

Italian Ship Rescues 26 Migrants off Libya

An Italian merchant ship rescued 26 migrants off the coast of Libya in rough seas and others were feared missing, the Coast Guard said on Saturday. The Coast

ACR to Debut Pathfinder PRO SART at OTC

An important addition to any commercial vessel’s survival gear kit, the Pathfinder PRO SART is introduced by ACR Electronics, Inc. at this year’s OTC. The new search

Panama Canal Dismisses ITF Claims

The Panama Canal has dismisses claims by the International Transport Workers’ Federation (ITF) that questions industry standards and the operation of the Expanded Panama Canal’s new locks.

 
 
Maritime Contracts Maritime Security Maritime Standards Naval Architecture Offshore Oil Pipelines Port Authority Ship Electronics Shipbuilding / Vessel Construction Winch
rss | archive | history | articles | privacy | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.1435 sec (7 req/sec)