With more ships being connected to broadband internet through VSAT solutions, there is greater need for security to mitigate cyber risks. Classification society Lloyd’s Register (LR) recently published a 20-page guidance note, Cyber-enabled ships, which highlighted the risks vessels are facing and how to manage this. LR’s marine marketing director Luis Benito said the combination of connectivity advances and further integration of onboard systems puts more ships at risk of cyber attacks. “Connected ships will have to look at different levels of protection in terms of cyber security, depending on their degree of connectivity,” he commented. He thinks a total system approach to cyber security is needed, including different systems on vessels and ashore (Marine Electronics & Communications April/May 2016).
Rival society ABS has warned marine engineers of the cyber threats to smart ship systems. ABS managing principal engineer George Reilly explained the issues at Riviera’s European Marine Engineering Conference in Amsterdam in April. He said the increasing use of smart shipping is compromising the integrity and reliability of monitoring systems. These could be affected by cyber threats if the smart ship systems use the internet for data and information transmission. “Smart assets are highly dependent on software and data quality, timeliness and integrity,” he explained.
Cyber-enabled assets need security from these threats: “Data architecture and data gathering systems require safeguards and monitors. Software quality may affect data integrity. System and software updates must be managed by configuration and change management procedures, which include testing,” Mr Reilly said.
Read the Complete Guide to VSAT here:
A total system approach can be taken when firewalls, antivirus, network and online controls, web filtering and user selection applications are set properly. Email scanning is an essential aspect to cyber security through VSAT. Port-IT is developing the IRIS suite of applications that can be used to scan emails for malware. This will be available for existing email programmes such as AmosConnect, SkyFile Mail, Globe Email and others, using a database of antivirus products for scanning incoming mail, but will have a small data footprint, so it will be bandwidth efficient.
The first stage of initiating this programme suite was the introduction of the Remote IRIS service in March. This enables operators to scan email attachments against Port-IT’s database of more than 55 antivirus products. The user would send an email they do not trust to the Remote IRIS service for antivirus checks. A reply will be sent within 10 minutes to confirm whether there are any threats. This is a free service from Port-IT.
Marlink’s XChange integrated service delivery platform has a variety of security functions that can operate in conjunction with the SkyFile Mail service. It has a suite of security tools, including built-in firewalls and the SkyFile Anti Virus program. According to Marlink, the software protects remote computer assets from potentially harmful viruses. It has fully automatic antivirus updates, notifications and version verifications that secure onboard computers and local area networks.
KVH Industries’ cyber security services are hosted on the CommBox network management unit. These services enable ship operators to initiate connection-specific firewall rules, web address and content filtering, and anti-malware filters. Ship masters can set up unique firewalled networks for operations and crew. Fleet or vessel IT directors can establish protocols for blocking websites, providing virus protection for all onboard internet usage, and manage individual crew member’s access to the internet. Another cyber security function is the global static IP feature that can block undefined inbound applications, or filter out harmful applications.
Harris CapRock offers a variety of cyber secure value-added services for VSAT including the SafePass Pro advanced cyber security solution. Chief technology officer Rolf Berge said this provides defence against cyber attacks targeting offshore oil and gas IT infrastructure, cruise ships and commercial shipping. “The new cyber-security solution includes Alert Logic threat monitoring services, which provides network intrusion monitoring and detection,” he said.
There is also a vulnerability scanner, and firewall protection that supports web address and applications filtering. “Customers have access to our cyber security experts for a customised approach to pinpoint system vulnerabilities, monitor insider threats, proactively defend the network and respond to incidents,” Mr Berge added.
BlueTide Communications, an independent division of ESSI Corp, introduced the Security-as-a-Service (SECaaS) cyber security solution for maritime and offshore users in April. This combines anti-malware, intrusion prevention, application control and content filtering to provide protection for onboard communications and IT networks.
The service features deep packet inspection (a form of computer network packet filtering), anti-malware and application control to protect against network vulnerabilities, malicious attacks and potentially compromised mobile devices linked to onboard WiFi networks. “This all-in-solution delivers superior threat protection and application control without compromising network performance,” said BlueTide managing director Emil Regard.
The BlueTide global network operating centre provides 24/7 real-time event monitoring, analytics and reporting on application traffic, bandwidth utilisation, threats and suspicious activity. “This visibility and control over network traffic becomes a powerful troubleshooting tool to minimise downtime related to malicious applications,” he added. “With new vulnerabilities emerging and morphing each day, the firewall is continuously updated without interruption or a reboot.” SECaaS bundles gateway security and a unified threat management application with powerful monitoring, reporting and support into a rapid-to-deploy package.