News Keeping you up to date
1st August 2017

Cyber Security Threats To The Maritime Industry: Planning, Precautions and Procedures

At Satcom Global we are committed to working with our customers to offer an end to end satellite communications solution they can trust and rely on. The threat of cyber breaches to any industry with IT at its core, is becoming more prevalent and we are even starting to see high profile cases of cyber security issues within the maritime industry hit the news. Satcom Global are closely monitoring the evolving threats and ensuring that our customers receive appropriate advice. With that in mind, we also want to share some high-level tips and suggestions that customers can adopt to make improvements to their vessel network security quite quickly.

 

Introduce a Cyber Security Policy

Security incidents happen every day around the world, so we recommend getting ahead of the game and developing a cyber security policy that looks at incident prevention, as well as how to deal with an attack or breach, should it happen. When creating a cyber security policy, there are a number of key areas to be considered:

  • Analyse your company’s current state of cyber protection and readiness and identify ways security can be built into IT practises.
  • Create a plan for protecting against a breach or incident, which can include staff training, password education, anti-virus, ensuring servers and documents are backed up and equipment holding information is disposed of responsibly.
  • Create a plan for dealing with a breach or incident if it happens, such as switching to offline versions of systems to minimise disruption.
  • Make everyone aware of the policy across the organisation, and enforce it.
  • Adapting the policy as new technological innovations are introduced. For example, with the rise of the ‘Smart Ship’ and ‘Bring Your Own Device’ connectivity for crew, it means that more devices are plugged into vessel networks than ever before. With that, IT precautions must be aligned to a longer-term strategy, supporting the additional connectivity demands and associated security risks.

 

Arrange training for all

From board level to new hires, it's essential that everyone understands that they are responsible and accountable for the security of the business when online. All employees should be aware of the potential consequences of irresponsible actions, so it’s important to offer basic information and training in the area of cyber security:

  • Arrange staff training so everyone is aware of their responsibility towards cyber security, and ensure all relevant personnel can readily identify potential threats and areas of weakness, and interpret the symptoms that can lead to a security incident.
  • Where possible, basic cyber security guidelines should be embedded as a core part of personnel training.
  • Cyber resilience workshops for crew could offer basic online security skills including how to stay safe and secure online to raise awareness of the potential threats.

 

Be password savvy

In everyday life, we are taught the importance of choosing passwords wisely, keeping them safe and changing them regularly, and it’s no different in a maritime environment. There are certain measures you can take to ensure your passwords offer maximum protection:

  • Always change the default manufacturer password when a new system is installed.
  • Regularly change passwords for internet facing systems such as satellite communications terminals.
  • Choose non-obvious passwords with a mix of upper and lower-case letters, numbers and special characters.
  • Implement a system of administrator privileges to guarantee an educated level of approval company-wide and reduce the security risks posed by lesser trained staff.

 

Update software and hardware protections

Having the right protection in place to prevent a security breach or attack, is just as important as being able to deal with one effectively, so here are our top tips:

  • Invest in purchasing, maintaining and upgrading protective software such as Anti-Virus and Malware to ensure security measures reflect the sophistication of the latest threats which develop rapidly over time.
    • Satcom Global can advise on anti-virus protection suitable for a wide range of maritime users, even those with modest data allowances.
  • Introduce a policy for physical and removable media devices to help reduce the risk of malware exposure.

 

Promote and enforce action

Having plans and procedures in place is very important, but they are not going to deliver the level of security needed by an organisation if they are not communicated and enforced effectively.

  • A cyber security policy should be circulated to all staff ensuring awareness of:
    • Individual responsibilities towards security and threat prevention, such as managing passwords, viewing and opening mail and attachments responsibly.
    • How to deal with or report suspicious emails, attachments or online activity responsibly before it becomes a major issue.
    • Internal reporting channels for falling victim to cybercrime whilst at sea.
  • Get buy in from the top, to help underpin the importance of cyber security, so all staff take it seriously.

 

Experts suggest that the maritime market can benefit from a concept of scale, where larger maritime businesses support the smaller maritime businesses in their supply chains, becoming partners and working together in a stronger and more united front to adopt effective holistic and integrated cyber resilience practices. With this in mind, Satcom Global are passionate about supporting customers big and small with their cyber security efforts in relations to satellite communications systems.

Please contact justask@satcomglobal.com if you have any questions about how Satcom Global can support your increased efforts to combat cyber security at sea.

« Back to news

Cyber Security Maritime
With the current awareness and profile of cyber security in shipping the threat to shipping is a reality that needs addressing. "
Peter Broadhurst, Senior Vice President, Safety and Security, Inmarsat