The global marine sector faces unfamiliar territory in the field of cyber-attacks, which are easily doable in the industry based on researchers’ claims.
While it has become prone to such threats, the good news is that some of the preventive measures begin during the testing stage of technologies. For instance, as CAST noted, ships that rely on GPS satellite signals should look into controlled radio pattern antenna (CRPA) simulation, which allows vessels to test the vulnerability of software and hardware resources.
The risks involved from a cyber-attack include a likely collision between two large ships, simply because a hacker was able to trick them into following the same course. Pen Test Partners researcher Ken Munro said that this stems from “always-on satellite connections,” which allowed cybercriminals to understand a ship’s navigation system more thoroughly.
GPS signal spoofing and jamming are some of the many flaws that can be easily exploited by hackers. In other cases, the fault lies on human error. Many vessel owners use weak login details for their security networks. By doing so, it’s almost the same as inviting an unwelcome guest aboard the ship.
Compliance with regulatory standards can be another way of determining a ship’s state of cybersecurity. Commercial companies should always comply with these rules not only to avoid potential attacks, but also to protect themselves from legal disputes.
The U.S. government has been working on a bill to improve security at U.S. ports. In the meantime, companies can choose from different regulatory standards such as the Tanker Management and Self-Assessment program and “The Guidelines for Cybersecurity Onboard Ships.”
Cybersecurity no longer serves as an option for the marine sector, especially now that hackers know how easy it is for them to compromise software systems. What is your cybersecurity strategy against online attacks?