Cybersecurity maritime regulation
They must comply from January 1st, 2021 and no later than the first renewal of the compliance document.
Cybersecurity definition
Cybercrime is the set of criminal offences committed through the Internet or computer networks. Cybercrime is one of the greatest modern challenges facing humanity.
Cybercrime takes place in cyberspace. This can be:
- Computer hacking, intrusion into computers, computer servers orwebsites.
- Remote destruction of computer data.
- Internet credit cardfraud.
- Automated processing ofunauthorizedor unreportedpersonal
- Creating fake websites imitating knownsites.
- Inciting crimes against persons or property, via the Internet.
- Remote installation takeover….
Cybercrime in numbers
- For the year 2019, cybercrime was estimated at more than $600 billion (in data misappropriation, ransom demands, etc.), or 1% of the world’s GDP diverted.
- More than 30,000% is the increase in computer attacks since January 2020 in France. From 1200 at the beginning of the year, they rose to 380,000 at the beginning of April. These are mainly phishing, and malware, malicious sites that target users remotely.
- Between 30 minutes and 10 days, this is the average time to break into a corporate network. 93% of the most successful is the case.
- For a company, no less than 13 penetration vectors were identified.
- In 68% of cases, only 2 steps were needed to access the network.
- From February to March 2020, malicious domain name registrations increased by 569%.
- A cyberattack costs on average nearly 1.3M euros and 15 days of interruption.
- 9 out of 10 companies are affected.
- 7 months, the average time to identify a data breach. According to the FFA (French Insurance Federation): For the fourth year in a row, the risk of lethal cyberattacks remains the main risk that would weigh on companies. The year 2020 was marked by an increase in cyber attacks, partly explained by the containment and intensification of telework.
KeyCyber-Menaces
- Malware: a type of malware in which any file or program can be used to harm the user of a computer, whether by a worm, virus, Trojan or spyware.
- Ransomware: A type of malware in which an attacker blocks access to the victim’s computer system files, often by encryption and demands a ransom to reveal the code and unlock the computer.
- Social engineering: a method that relies on human interaction to deceive the user and bypass security procedures in order to access sensitive, usually protected information.
- Phishing: a type of fraud that mimics emails from trusted sources. The purpose of these messages is to steal sensitive data such as credit card code or login information.
- Zombie Networks: This is one of the most dangerous threats, since they are made up of control serversand controls and a large number of infectedcomputers, usually hundreds of thousands who participate inthe attack and are managed remotely.
- Service Denials: Prevent legitimate users of a service from using the service in a different way
- Internal threat: Reducing employee attention when dealing with sensitive data s/insufficient training on cybersecurity /unsuitable policye…
- Leakedinformation s: Presents the risk of malicious use of technical systems to obtain small amounts of information on individual files.
- Cyberespionage….
Cyber- Maritime Attack
2017: MAERSK was one of the first large-scale maritime victims of the Petya Not Petya (wannacry) epidemic. $300 million in losses.
2018: The ports of Barcelona and San Diego targeted. The desired impact was the neutralization of commercial operations between the companies and their vessels. And the slowdown on all land operations such as unloading and loading ships.
2019: Israelicyber defence solution provider Naval Dome conducted an experiment on a 260m container ship. After infecting the ship’s captain’s computer via email, a team compromised the navigation system, radars and engine room management system. This allowed them to divert the vessel from its original route and disable the engines. An absolute danger on sea routes.
2020: CMA CGM was attacked by ransomware Ragnar Locker, 15 days passed before the situation returned to normal. E-Commerce sites, booking, tracking, road finder, Myprices, billing, have undergone significantmalfunctions. The group also said it feared data theft. The financial impact
of 2020 is not yet known: MSC announced that a major network outage was being resolved and all internal systems were again “fully functional”. Initially, the company described the outage, which began on the evening of 9 April and affected the company’s geneva headquarters and affected “the availability of some of the digital tools. But after a “thorough investigation,” she admitted to being the victim of malware exploiting a vulnerability. While refraining from disclosing more, citing security reasons.
2021: Beneteau, attacked on 19 February 2021, has not yet resumed its entire activity.
Threats and Vulnerabilities in your company and on your ships
- Department of Computer Science (IT, Information Technology):
Denotes the entire information processing technology sector. Mainly computer science, telecommunications and the Internet.
- Operational Technology (OT, Operational Technology)
The OT includes hardware and software systems that monitor and control physical equipment and processes.
OT systems are often protected by physically insulating them from the network. But as companies expand remote operations and outsource many tasks, including equipment maintenance and maintenance, connectivity becomes essential, and OT and IT technologies continue to converge.
Ships are affected by the OT and IT interaction:
- Trackingfunction for information/administrative tasks
- Alarm and monitoring functions
- Control functions that arenecessary to keep the vessel in its normal operational and habitable conditions.
example:
- Maintien of the propulsion and direction of the ship-Power management
- Safety management: Detection et la fight against fires / Invasion surveillance / Internalcommunication systems …
- Navigation management: ECDIS / Autopilot / Radar / Stabilizer….
- Dynamic positioning management.
- Cargo transfer control system / ballastage /
- Alarm and monitoring system.
The development of the IT department requires a regular evaluation of its cybersecurity:
- Development of the computerization of pay slips
- invoicing
- Development of telework: Use of virtual privatex network (VPN) to secure exchanges.
- Staff awareness and implementation of “good practices”
- Client file
- Order / Booking ….
The solution to fight Cybercriminality:
The Cyber Management
The methodology
1.Identify threats:
- Understand Cybersecurity’s external threats to ship and armement.
- Understand the internal cybersecurity threat posed by inappropriate use and poor cybersecurity practices.
2.Identify vulnerabilities:
- Inventory embedded systems with direct and indirect communications links.
- Understand the impact of a cybersecurity threat on these systems.
- Understand the capabilities and limitations of protective measures.
3.Assess risk exposure:
- Determine the likelihood that vulnerabilities will be exploited by external threats.
- Determine the likelihood that vulnerabilities will be exposed by inappropriate use.
- Determine the safety and security impact of the exploitation of any individual or combined vulnerability.
- Develop detection and protection measures.
- Reducing the potential impact of exploiting a vulnerability.
4.Establish a response plan:
- Develop contingency plans to respond effectively to identified cyber-risk.
Cybersecurity Audit
The Audit is based on 14 chapters:
- Information Security Policy
- Information Security Organization
- Human Resources Security
- Asset management
- Access control
- Cryptography
- Physical and environmental safety
- Operational safety
- Communications security
- Acquisition, development and maintenance of information systems
- Supplier relationship / Tierce party.
- Management of information security incidents .
- Aspect of information security in business continuity management
- Compliance
Who are we?
Lh Maritime Survey: Consultants, Maritime Experts, Surveyors, Auditors since 2017.
We are ISO/IEC 27032: Cybersecurity Management
Certificate No. 1076869-2021-03