EH21 - Cyber security afloat or securing (very) big iron

-

Learn how cybersecurity impacts modern maritime operations, from vulnerabilities in critical ship systems to regulatory compliance, incident risks, and practical approaches to securing vessels.

Key takeaways
  • Modern ships and drilling vessels are heavily dependent on IT/OT systems for critical operations like navigation, propulsion, drilling control, and power generation

  • Common vulnerabilities include:

    • Legacy systems running outdated software (e.g. Windows 7)
    • Lack of network segmentation
    • Shared credentials across vessel fleets
    • Vulnerable industrial protocols without security controls
    • Remote access capabilities without proper protection
  • Since 2021, cybersecurity has become mandatory for shipping companies through IMO regulations and requires:

    • Risk assessments
    • Security controls implementation
    • Regular audits and certifications
    • System segmentation into security zones
  • Major cyber incidents can have severe consequences:

    • Loss of ship control/propulsion
    • Environmental damage
    • Loss of life
    • Supply chain disruptions
    • Financial losses (e.g. Maersk NotPetya incident cost hundreds of millions)
  • Key challenges for securing maritime systems:

    • 20+ year operational lifespans
    • Limited maintenance windows
    • High cost of system downtime
    • Need for continuous operations
    • Complex supply chains
    • Limited vendor diversity
  • Testing and securing systems requires:

    • Careful planning around operational schedules
    • Risk assessments approved by ship captain
    • Network isolation during testing
    • Defense-in-depth approach
    • Regular updates and maintenance
    • Physical security controls
  • Industry trends show:

    • Increased connectivity (Starlink)
    • Growing awareness of cyber risks
    • More investment in security
    • Need for specialized maritime cybersecurity expertise
    • Consolidation among major system vendors