In private, ships masters and operators will admit to plenty of hacking incidents, however, this anecdotal evidence does not help a cash-strapped operator decide where to invest limited funds.

Hence, the industry is short of actuarial data with which to make risk-based decisions on cyber matters.

Your organisation and your vessels will be hacked in some form at some point. If you are well prepared, then the damage will probably be minimal; an irritation.

If you are not well prepared, it will be an expensive exercise, possibly business-limiting

Every single organisation of the thousands the writers of this book have dealt with has had some form of a hacking incident over the years.

Some involved data loss, ransom or corruption, others involved theft of monies or technical equipment, other theft of intellectual property.

“I have seen businesses go bust as a result of a hack, I have seen others brush off incidents as they were well prepared. Those who state that they have never been hacked, in my experience, simply don’t have the expertise or systems in place to know whether or not they had been.”

Ken Munro of PenTestPartners

.

*Above: Non reported near-misses is a well-documented issue in the wider Maritime Industry.  Source of above image:  www.Maritime-Executive.com

Traditionally OT and IT have been separated, but with the internet, OT and IT are coming closer as historically stand-alone systems are becoming integrated.

Now imagine the Canal system is run by computers for efficiency.  Old `Operator` roles automated and connected to a bigger picture via the internet.  More efficient with complete control, less physical.  However, should one element of the system break, it may have impact on all the other elements.  The analogy within shipping is that in a fully integrated bridge/engine/cargo management system, one element breaking may affect others.  Now add in the idea of almost unlimited crew both onboard and ashore have the ability to control any of those smaller elements.

Cyber awareness is not just about the external hacker, it is also about the internal operator who may not be aware of the implications of their actions within a large integrated system.

If you turn off your system incorrectly, any files that were being saved may be incomplete or not saved at all. This can then go ahead and create corrupt data due to the fact you didn’t allow the computer to finish writing to the disk correctly. Your Computer could now also permanently damage the hard drive due to not being turned off correctly. This is due to the actuator arm unable to park its self by the side of the disk. Instead, it may come to a slow stop and park itself upon the disk and scratch it, therefore damaging the disk and making it unusable.

The consequences of this can be that for a long time you might get lucky and the data corruption may be in an area of the disk that you don’t notice, or a file that you can do without. But after much time or even after very little time you will probably, when you need your computer most, find that one of your important programs no longer works because an important file is corrupt. Or worse, Windows will no longer boot because the registry has become corrupt.

(Have you ever seen this screen before?)

GDP (Gross domestic product) is one of the primary indicators used to gauge the health of a country’s economy. The GDP of Russia is $1.5 Trillion USD. That means if Cyber Crime was a country, it would have the 13th highest GDP in the World.

This $1.5 trillion figure includes:

$860 billion – Illicit/illegal online markets.

$500 billion – Theft of trade secrets/IP.

$160 billion – Data trading.

$1.6 billion – Crimeware-as-a-Service.

$1 billion – Ransomware.

.

Nowadays, where everything on our vessels is controlled with technology and computers, we have to be very careful of incoming threats created to cause damage or safety concerns.

At the end of this course, we will be reviewing 10 high profile shipping incidents that added to the above figures. They are only 10 of the many incidents that are reported and does NOT include the high profile Maersk incident that has been well documented already.

Learn from this course and add to your “common sense” so you are not responsible for the next major incident!

Thieves are often excellent social engineers. Watch the movie ‘Catch me if you Can’ for some great examples of how ‘talking the talk and walking the walk’ can gain access to sensitive areas.

A vessel often has many different personnel aboard, particularly when in port. It could be very easy for a motivated individual to board the ship and place a ‘back door’ device on the ships network.

Once placed, the hacker would have continuous remote access to the network on the ship. A back door can bypass the security all of the network perimeter defences such as firewalls.

Defending against the social engineer is clearly important.