Sailing the cyber security waves

Ships have experienced a digital transformation in recent years. New technologies are helping them navigate the waters and ensure that everyone on board experiences the connectivity and convenience they expect. However, this increased volume of data has made ships an appealing target for criminal hackers.

What are the challenges specific to ships?

The days of ships navigating the waters with just a compass, chart and sextant for support are long gone. Ships are now more complex than the average organisation, and face a number of additional challenges.

Ships usually have an IP or Ethernet network for business systems, email and Internet usage, and a serial network for the operational technology, which controls vital functions such as steering, engine control and navigation data.

However, despite these on-board systems being vital to operations, cyber security isn’t quite as robust as it needs to be, leaving ships vulnerable to attack.

How can a ship be hacked?

At the most basic level, a ship’s Wi-Fi system(s) makes it easy for malware to be downloaded. Crew also regularly use USB devices to transfer data between systems on board. The devices may be used for both personal and professional purposes, and are often unencrypted, as are the files stored on them.

If a device was infected with a malicious file, all a criminal hacker would need to do to gain access from the IP network to the serial network would be to find the bridging points where a network device deals with both systems. This could be something like the synthetic radar, or voyage data recorder.

Serial data communications usually follow a standard communications protocol for linking computers and peripheral devices to allow data exchange, e.g. Recommended Standards such as RS-232, RS-422 or RS-485. Once on the serial network, an attacker can intercept and alter communications relatively easily, making changes that are almost imperceptible to an unsuspecting crew.

When the wrong people gain control

If a ship loses control of its systems, the passengers, crew and cargo face very real dangers. Cyber attacks can have physical repercussions. According to the UK Department for Transport’s Code of Practice for ships, a cyber attack can result in:

  • Physical harm to passengers, personnel, systems, cargo and the ship itself;
  • Loss of sensitive information, including personal and commercially sensitive data;
  • Disruptions caused by the ship no longer functioning or sailing as intended; and
  • Criminal activity, including kidnap, piracy, fraud and theft.

Staying safe

The motives for an attack aren’t always sinister, but the maritime industry needs to acknowledge the cyber security risks ships face and take steps to counter the threats. This could include:

  • Staff training;
  • Limiting user privileges;
  • Keeping systems up to date;
  • Implementing encryption methodologies; and
  • Using third-party ransomware protection.

They should also consider implementing an ISO 27001 ISMS (information security management system) to ensure that information security is managed in line with international best practice and business objectives.

The development of autonomous shipping and the rise of superyachts among the world’s super rich mean sea-faring vessels are likely to become even more appealing to cyber criminals. A life on the ocean wave is definitely not for the faint-hearted, and organisations must prepare to face the challenges head on.

More information

Our team of experts is available to answer your questions. Email or call +44 (0)333 800 7000 for more information.