With the advantages of technology and maritime remote connectivity – solutions are becoming more connected however they present new risks for ships being are targeted all the time by threat actors as they are hunting for penetration vectors.
Today, shipowners need to give almost unlimited access to the system vessels to third-party vendors who need to access a specific system. This increases the risk of cybersecurity threats and allows a malicious actor access to all ship systems – without the ship owner control over what is being done, by whom, when, and how the network is being used.
When the contractor remotely monitors and maintains a vessel’s system, such as bridge and engine room computers, workstations on the ship’s administrative network, or others, these systems include a two-way data flow and/or upload-only.
What does that mean?
Basically, most fleets today are allowing their vendors and suppliers to gain access to most parts of the ship, when they are only meant to work on a specific part, thus leaving the ship vulnerable to various cyber attacks from a variety of sources.
According to IMO 2021 and BIMCO – the guidelines on cyber security onboard ships, indicate that the shipowner should query the internal governance of cyber network security and seek to obtain a cyber risk management assurance when considering future contracts and services.
This is particularly important when covering network security if the ship is to be interfaced with a third party such as a marine terminal, stevedoring company or OT supplier for ongoing support and maintenance.
More maritime companies should include active third party risk assessment procedures to be conducted routinely.
Third party risk assessment can also include attack simulation of critical IT and OT infrastructure to identify whether the actual defense level matches the desired level set forth in the cyber security strategy for the company.
Such tests can simulate incidents using IT-systems to assess potential threats to the ship.
Also, third party outsourcing should also be validated and tested to ensure that they do not present an easy route into the ship and to indicate that their administrative practices are up to the standard level expected by regulatory requirements.
This can be gathered by monitoring the access to the vessel and procedures for enforcing blockage of threat to headquarters, rather than granting access to the complete vessel.
Any solution deployed onboard vessels should have automated testing and reporting to support all evidence of its efforts in mitigating such cyber 3rd party threats supported with assurance
required to validate that cyber security threats can be mitigated effectively.
How to Manage Efficiently?
In reality, it only takes one point of vulnerability in a ship’s system to lead to a large potential security threat.
A third-party data breach could potentially cause a company large financial regulatory problems, financial difficulties and a bad professional reputation.
The key to preventing these from happening is a secure connectivity that protects your organization and reduces risk from third-party vendors / suppliers.
Be sure to have the right means to protect your assets.
Cydome provides the highest level of threat protection, built specifically for the challenges that occur in the maritime world.
From automated mapping and vulnerability scanning based on NIST controls, to real-time detection and alerting from any unauthorized access, in any part of the ship.
Cydome Remote Access Management is specialized in securing access for external vendors that need to access critical systems onboard ships. The solution creates a secure infrastructure for third parties organizations to securely and effectively connect to a specific system. This is done while ensuring full control over the connection in terms of security, time, place and ensuring that it is open only when needed.
Want to learn more about our solutions?
Sign up now for more information.