Last week's maritime trend news October 27, 2022 - November 2, 2022
|
|
|
Maritime Cybersecurity News by DSLABcompany |
|
|
Recent Cybersecurity Incident Summary |
|
|
|
At the same time, the war in Ukraine and wider geopolitical tensions are a major concern as hostilities could spill over into cyber space and cause targeted attacks against companies, infrastructure or supply chains. The insurer’s annual review of the cyber risk landscape also highlights the emerging threats posed by the growing reliance on cloud services, an evolving third-party liability landscape that means higher compensation and penalties, as well as the impact of a shortage of cyber security professionals. Such potential vulnerabilities mean that today a company’s cyber security resilience is scrutinized by more parties than ever before, including global investors, meaning many firms now rank it as their major environmental, social, and governance (ESG) risk concern, the report notes.
|
|
|
|
The U.S. Navy this month highlighted the values the service is using to shape its cyberspace investments and improve its day-to-day digital posture, including what one official described as the ability to “fight hurt.” The Cyberspace Superiority Vision, announced Oct. 28, contains three tenets: secure, survive and strike. The pillars, according to the documents, are “fundamental to maintaining maritime dominance” and ensuring Navy and Marine Corps operations proceed smoothly across increasingly cyber-contested environments. The right cyber investments are critical, officials say, as the U.S. positions itself for a fight against technologically advanced opponents such as China and Russia after decades of focusing on counterterrorism and less-equipped forces in the Middle East. |
|
|
|
The U.S. Coast Guard is warning that U.S. ports and marine terminals remain exposed to cyber attacks on a number of different fronts. The Coast Guard wants industry to become more invested in cyber security: “We’re looking for basic cyber hygiene and seeing whether those elements are addressed. We are encouraging industry to reach out to organizations such as the National Institute of Standards and Technology (NIST) or the like to develop those facility security plans… Our marine inspectors from a vessel security plan standpoint, are assessing to what degree basic cyber hygiene is being adhered to on those vessels that have a safety management plan in place and should be addressing those basic elements.” |
|
|
|
In particular, speaking on the Standard Club’s Alongside podcast, Daniel Ng, the CEO of CyberOwl, a firm that supports the maritime industry manage cyber risks and compliance, explained that the vast majority of attacks come from small ransomware. Rather than being large, James Bond-style shutdowns of computer equipment that grind vessels to a halt, Ng explained that the risks facing the maritime industry from cyber-attacks are typically quite small from criminals ‘trying to make a quick buck from a shipping company’. So far, no attack has led to the collision of a vessel or grounding due to loss of control, but that doesn’t mean concerns are any less on the radar for shipping owners. While cyber-attacks don’t tend to lead to tragedy, they can significantly impact income and revenue stream from delays arising from a cyber-attack. A means through which owners, operators, shipowners, charterers and traders can protect themselves through Strike & Delay cyber cover protects. One example of serious disruption occurred in February when CyberOwl were particularly vigilant due to the increasingly unstable international situation. |
|
|
|
Advanced cyber security solutions that protect onboard operational technology can go beyond protection and actually enhance a ship’s safety systems, argues Julian Clark from Ince. It no longer takes a nation state to bring down a company; it can be done easily enough by a teenager with an internet connection. Coding software is increasingly efficient and accessible, and as in the 2008 recession, people with coding skills are turning to hacking for income. The threat level and sophistication of hackers increases every day, and according to a Naval Dome report, the number of cyber-attacks has increased by 400% since February 2020. The number of attacks on operational technology (OT) has increased by 900% in recent years. OT monitors events, processes and devices. This creates an opportunity for a hacker to “take active control” over vital processes with potential life threatening consequences. See for example the Colonial Pipe Line and Florida Water Treatment Plant attack, Such attacks underline the need to combine essential cyber security with increased vessel safety as a matter of routine management, not just to prevent or mitigate an attack. |
|
|
|
China Classification Society (CCS) has established a digitalization rules system, to keep up with the development of ship digitalization, and ensure safety. Ship digitalization rules system Considering the application scenarios such as inspection, testing and verification of digital technologies in ships and offshore facilities, the digitalization rules system shall at least contain the following aspects: Ship equipment and system digitalization: Propose technical requirements in multiple levels such as basic universality, spatial organization, virtual-real inter-operation and system application, for the physical entity, digital system and virtual space corresponding to ship equipment and system digitalization. Testing and verification: Establish applicable technical requirements and rules focusing on test rules, indicators and cases of digital system. Safety guarantee: Establish specific technical requirements in various aspects such as physical safety, functional safety, data security, information security, and network security corresponding to safety guarantee during the digitalization procedure of ships and their system. |
|
|
info@dslabcompany.com
Samsung IT Harrington Tower 716, Geumcheon-Gu Digital-Ro 9 Gil, Seoul(08511) |
|
|
|
