Cybersecurity Onboard

The management of computer systems onboard ships has not traditionally been seen as the highest of priorities. However, with ever greater computerisation of aids to navigation, cargo loading calculations, control of machinery and the day-to-day administration of the vessel, ships are now reliant on computer systems.

Cybersecurity is therefore as, if not more, important onboard as in our offices ashore. Explaining this to those who are less familiar with, or even resistant to, technology can prove to be a challenge. Even our colleagues with a reasonable grasp of cyberthreats struggle to grasp the extent of the protection required and the hardware, software and procedural set-up needed to ensure cybersecurity. IT colleagues who have often been working diligently in unknown and unvisited parts of the office have suddenly been drawn in from the periphery and thrust into the frontline of technical ship management, placing new demands on the technical budget, which, of course, never attracts a welcome eye.

Cybersecurity is important because of its potential effect on our crew, our ships, our cargoes, the environment and our company. Cybersecurity is about the protection of information technology (IT), operational technology (OT), our information and our data from unauthorised access, manipulation and disruption. Cyber incidents can arise from a very wide range of sources: it may be the result of corruption of chart data held in an Electronic Chart Display and Information System (ECDIS), or an unintended system failure occurring during software maintenance and patch- ing, or through the use of an infected USB drive during maintenance. An incident could also be caused by the loss or manipulation of external sensor data, critical for the operation of a ship. This includes interruptions or disruptions to global navigation satellite systems (GNSS), of which the Global Positioning System (GPS) is the most frequently used. One of the greatest threats comes from our own people, when staff either ashore or onboard interact with “phishing” emails, which could lead to the loss of sensitive data and the introduction of malware into shipboard systems.

There is simply nowhere to hide with cybersecurity. Hacking and phishing attacks are becoming ever more frequent and the IT industry already has firms that specialise in helping companies deal with so-called ransomware attacks. In a ransomware attack, cybercriminals seize control of a company’s operating system and demand a ransom to allow access to the programs and data which are essential for the day-to-day operation of the company. It is the IT equivalent of Somali piracy, but with far greater sophistication, higher potential costs (and profits) and no geographical restrictions – and armed guards will not fix the problem. Whilst good cybersecurity systems will provide an element of protection, they are not a one-time fix, but rather an ongoing commitment to maintain protection, enhance awareness, and update equipment safely onboard.

To those onboard our ships, it may look as if we have only just started our cybersecurity implementation in the past year, but the truth is that work has been going on for at least the last three years, performing gap analysis ashore and onboard. Starting the onboard implementation of our Cyber Security Plans in the past year during the pandemic when travel onboard was almost completely restricted has thrown up unexpected and substantial additional obstacles. Not only has it been very difficult to physically deliver and install our new cybersecurity and planned maintenance systems, but we have also had problems conducting the necessary familiarisations with our crews. This has forced us to seek solutions that provide maximum protection with minimum human engagement.

Cybersecurity is not just an inconvenient issue that we can address as a checkbox exercise with the purchase of a few replacement PCs, an update of software licences and some anti-virus for the year of 2021. Achieving real, credible cybersecurity means changing the way we interact with IT and OT onboard, and requires us all to understand not only what our cybersecurity policies are, but also the implications of getting it wrong.

There is an old saying that “worse things happen at sea”; for those of us supporting our ships from ashore it is worth remembering that this is not just about losing a few emails or other administrative inconveniences, it is about the lives and the safety of our seafarers. This is everybody’s business, and we need everyone to understand the fundamental importance of protecting our computer systems and the integrity of our data. Please play your part in ensuring the cybersecurity of us all.

Stephen Fyfe, Fleet Director