Port-IT outlines how stakeholders within the container shipping sector can tackle growing cyber security threats, reports Rivera.
Advanced malware, ransomware and terminal-based attacks are on the rise within the container shipping sector.
This is according to data from Port-IT. But aside from these threats, Port-IT chief executive Youri Hart warns, “One of the biggest concerns is that IT is still not seen as a part of the core business of the vessel or container. If you need a PC to do a small part of your job, it is part of your core business, and you should budget for it. We still see outdated networks running Windows XP or Windows 7. And of course, a ship can sail from A to B without a PC, but an electronic notice of arrival departure needs to be made, thus meaning the network is part of the core operations.”
His advice is start at the beginning and create an IT budget per vessel. It does not have to be a big amount but a fixed amount that can be used for hardware replacement and security improvements. “When you have that as a base you can grow further. Start with the basics,” he advises.
Implementing a cyber security strategy
Asked what stakeholders need to do to protect themselves and how they should implement a cyber security strategy, again Mr Hart underlines it is important to stay with the basics.
He expands, “Get the IT on the same level, meaning all PCs use the same operating system and have the latest updates. Implement an endpoint security product and unified threat management (UTM) so you have your basics correct. Most container vessels have badly managed networks that are basically tied together by string. If you implement layers of security on a badly designed network, malicious actors can eventually exploit this weakest link.”
He adds, “Team up with a company that can assist you in this. People are still afraid to go to a specialist but are also using office 365. Use the people that are good at what they do, we don’t repair our car ourselves we go to a specialist – the same should be done for IT and cyber security. Specialised IT companies have experience in cyber security which can’t be learned overnight. They know exactly what you need on board your vessel, and they can implement and monitor it for you.”
Port-IT’s total security suite VANIR bolsters multiple layers of protection using different security features, including UTM. It offers asset management, monitoring and visibility options. VANIR offers owners a scanning and record-keeping tool for complete documentation.
Mr Hart comments, “We see a very large increase in customers interested in our network detect and response solution, which integrates with our UTM service to provide meaningful visibility into networks in which there is normally no visibility. For example, we were able to detect and neutralise an OT sensor which had been infected via a network attack.
Later this year, he says a “unique service will be added to this package that is not seen in the maritime industry” that will assist in the battle against cyber crime even further.
Did you subscribe to our daily Newsletter?
It’s Free! Click here to Subscribe