EH21 - Cyber security afloat or securing (very) big iron

Modern ships and drilling vessels are heavily dependent on IT/OT systems for critical operations like navigation, propulsion, drilling control, and power generation

Common vulnerabilities include:

• Legacy systems running outdated software (e.g. Windows 7)
• Lack of network segmentation
• Shared credentials across vessel fleets
• Vulnerable industrial protocols without security controls
• Remote access capabilities without proper protection

Since 2021, cybersecurity has become mandatory for shipping companies through IMO regulations and requires:

• Risk assessments
• Security controls implementation
• Regular audits and certifications
• System segmentation into security zones

Major cyber incidents can have severe consequences:

• Loss of ship control/propulsion
• Environmental damage
• Loss of life
• Supply chain disruptions
• Financial losses (e.g. Maersk NotPetya incident cost hundreds of millions)

Key challenges for securing maritime systems:

• 20+ year operational lifespans
• Limited maintenance windows
• High cost of system downtime
• Need for continuous operations
• Complex supply chains
• Limited vendor diversity

Testing and securing systems requires:

• Careful planning around operational schedules
• Risk assessments approved by ship captain
• Network isolation during testing
• Defense-in-depth approach
• Regular updates and maintenance
• Physical security controls

Industry trends show:

• Increased connectivity (Starlink)
• Growing awareness of cyber risks
• More investment in security
• Need for specialized maritime cybersecurity expertise
• Consolidation among major system vendors