Smart Shipping: sailing towards risky waters

Red Alert on Cyber Threat

Every shipping company and shipping asset is a potential target. Cyber attacks pace is growing, and we should realize that we will be attacked soon or late. Getting prepared is of essence.

Thanks to a risk-based approach, we can understand  the interest for a hacker to attack:

– How well protected are the ships or the shipowners ?

– What are the vessel’s vulnerabilities and the ease of exploit them ?

– What kind of reward can expect a hacker ?

A ship is worth million dollars, it is a highly visible and a single incident can jeopardize the reputation of a company. It can be used to trigger major incidents by taking control of the rudders just for few minutes in Suez canal for instance.

Shipowners needs to integrate the cyber threat in their marine risks profile, as any business risk.

Highly Vunerable Assets

Shipboard systems (OT / IT)

IMO statement: All IT and OT onboard systems shall be considered as vulnerable.

Such systems are interconnected and shore connected making a ship a massive and complex connected object.

Ships cross seas and call in regions where cybersecurity can be a challenge. Ships goes through yard and docking period when supply chain cybersecurity control can easily be lost with numerous technicians boarding the ship to install and connect their own equipment.

A ship carries by essence versatile risks profiles which shall be identified, analysed and mitigated.

Resulting from the risk profiles analysis is the right investment in cybersecurity, building protections where it is relevant.