The maritime industry has increasingly adopted internet-connected technologies and digital systems to enhance vessel and port facility operations, such as cargo movement and ship navigation. However, this interconnectedness introduces cybersecurity risks, including ransomware attacks, unauthorized access to vessel controls, supply chain espionage, and theft of trade secrets. Gard emphasizes the importance of sharing information about cyber incidents with the appropriate authorities to enhance collective defense against cybercrime and bolster cybersecurity within the maritime sector, reports Grad.
Why Share Cyber Incident Information?
- Prevent Future Threats: Sharing information can help avert future cyber security threats.
- Trend Identification: Helps in identifying trends that can protect the entire maritime sector.
- Assistance and Warnings: Authorities can provide assistance and issue warnings to prevent others from falling victim to similar attacks.
Important Items to Share
- Event Data: Date, time, and location of the incident.
- Type of Activity: Detailed description of the event.
Types of Activities to Share
- Unauthorized system access.
- Denial of Service (DOS) attacks lasting more than 12 hours.
- Malicious software detection.
- They targeted scans against IT services.
- She repeated unauthorized access attempts.
- Phishing messages via email, mobile, or social media.
- Navigation events related to SATCOM, AIS, and GNSS interference.
How to Share Information
- Email: Send details to the flag administration, coastal authorities, national police, port authority, class society, and/or your cybersecurity service provider.
- Statutory Reporting: Remember, sharing information with your cybersecurity service provider does not replace statutory reporting requirements to authorities.
- Contact Information: Include full contact information in your report.
Reporting to Authorities
- US Coast Guard (USCG): Focuses on establishing minimum requirements for reporting cybersecurity incidents. New requirements will apply to US-flagged vessels, outer continental shelf facilities, and US facilities subject to the Maritime Transportation Security Act of 2002 regulations. Reporting by other entities is encouraged but not mandatory.
- International Maritime Organization (IMO): Resolution MSC.428(98) requires vessel owners, operators, and managers to implement cybersecurity measures across all levels of their management system, in line with the International Safety Management (ISM) Code. The IMO’s Guidelines on Maritime Cyber Risk Management (MSC-FAL.1/Circ.3) provide maritime cyber risk management recommendations.
Did you subscribe to our daily Newsletter?
It’s Free! Click here to Subscribe
Source: Grad
