- The U.S. Coast Guard issued an official warning to vessel owners that cyber security at sea needs urgent updating.
- This led to an inter-agency investigation of a “significant cyber incident” that had exposed critical control systems of a deep draft vessel.
- The outcome of the investigation speaks volumes for the lack of security awareness at sea.
- Cargo data transferred via USB drive at the pier.
- CISA has a CERT alert through the National Cyber Awareness System (NCAS) that reinforces the need for cyber-security on commercial vessels.
The U.S. Coast Guard has issued an official warning to owners of ships that cybersecurity at sea needs urgent updating, says an article published in Forbes.
Marine Safety Alert
In the Marine Safety Alert published in June, the Coast Guard affirms that cyber-security assessments are conducted to better understand the extent of their cyber vulnerabilities.
This probed an inter-agency investigation, led by the Coast Guard, into a “significant cyber incident” that had exposed critical control systems of a deep draft vessel bound for the Port of New York in February 2019 to what it called “significant vulnerabilities.”
Functionality of on-board computer degraded
The investigation concluded that the malware attack had: “significantly degraded the functionality of the on-board computer system.”
The crew members were aware of the security risk presented by the shipboard network.
This network is used to update electronic charts, manage cargo data, and communicate with shore-side facilities as well as the Coast Guard.
Crew members aware of the risks
Ethical hacker John Opdenakker says he was “amazed” to hear that the crew well knew the security risk but “this didn’t result in the problems being addressed.”
Opdenakker pointed out that the vessel operator should act upon that intelligence. He added that the Coast Guard “strongly recommends” those responsible for these vessels are hardly advanced in nature.
Recommendations of the investigation report
The outcome of the investigation speaks volumes for the lack of security awareness at sea.
Here are some of the recommendations from the investigation report:
- Segment your networks into sub-networks to make it harder for an adversary to gain access to essential systems and equipment.
- Eliminate the use of generic log-in credentials for multiple personnel. Create network profiles for each employee. Require employees to enter a password or insert an ID card to log on to on-board equipment.
- Administrator accounts should be used sparingly and only when necessary.
- Install and routinely update basic antivirus software.
- Vulnerabilities impacting operating systems and applications are continually changing–patching is critical to effective cyber security.
USB drive for data transfer
The investigation also revealed that it is “common practice for cargo data to be transferred at the pier, via USB drive.”
Drives that would be routinely plugged directly into the ship’s computers without any prior scanning for malware.
U.S Cybersecurity and Infrastructure Security Agency
The U.S Cybersecurity and Infrastructure Security Agency (CISA) has also issued a Computer Emergency Response Team (CERT) alert through the National Cyber Awareness System (NCAS) that reinforces the need for cybersecurity on commercial vessels.
Tim Mackey, the principal security strategist of the Synopsys Cybersecurity Research Center, said that “attackers define the rules of engagement in an attack, and targeting governmental and military assets will always be valuable for those seeking to disrupt our society. This incident highlights lessons for everyone to take, whether you’re in government or a corporate setting: vigilance starts with preparedness.”
Did you subscribe to our daily newsletter?
It’s Free! Click here to Subscribe!