Increased digital transformation can expedite and streamline processes and provides a convenient way of communicating and planning logistics. However, with increased convenience comes increased risk. If you asked the CEO of a maritime shipping company twenty years ago if they had invested in cybersecurity, they would most likely have laughed at you. However, adopting operational technology (OT) and information technology (IT) on seafaring vessels has generated a more efficient supply chain. It also opens to door to threats from cybercriminal organisations.
The more digital technology that vessels adopt, the more risk this presents. Indeed, the International Maritime Organization has defined maritime cyber risk as “the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised.” The impact of this risk can be quantified as the fear of the unknown, the fear of what could happen if a cyber criminal attacked your systems and left your vessel stranded without navigation systems or life support.
What OT and IT systems are at risk in a maritime environment?
IT and OT systems that may be exposed to cyber threats include, but are not limited to, bridge systems, cargo handling and management systems, propulsion and machinery management, power and access control systems, communication systems and more.
Furthermore, critical onboard systems require seamless and continuous monitoring and support for operational, security and performance-related issues. The existing IT operating model focuses primarily on supporting shore-based activities and addressing the ad hoc vessel requirements. These systems were becoming increasingly complicated and required a strategic pivot.
Limitations in communications such as the connectivity and quality of bandwidth between very-small-aperture terminal (VSAT) and FleetBroadband (FBB) can affect monitoring and response times to cybersecurity incidents.
Limited capabilities and capacity on vessels for supporting or managing advanced cybersecurity issues have been a persistent issue within the maritime shipping industry. Stakeholders across the shipping industry are under strict guidelines and regulatory compliance to safeguard both the on and offshore from existing, new, and emerging cyber threats and vulnerabilities.
The convergence of IT and OT in maritime environments
The need for professionals in the maritime industry to assess the risk of their digital controls has never been greater. With the increasing convergence of OT and IT, we see that physical property loss and loss of life have become mainstream. When you combine these threats, you find that cyberattacks on maritime OT systems have increased by 900% over the past several years. These attacks are growing in frequency. If a ransomware attack hits a vessel , there are few options other than paying the ransom. The fact that cybercriminals can now add a financial extortion element increases the fear and risk of OT-based operations.
Failure to secure IT systems on vessels can have catastrophic consequences on the global supply chain. In many cases, attacks on OT originate from IT systems and then migrate to the operational technology they control. This means that the two are intrinsically linked.
Cybercriminals are acutely aware of their power and have begun to change their tactics. They are now using a trial-and-error system, going down to a series of things and seeing what works. This has contributed to the increasing threats facing OT environments. Industries that operate within critical infrastructures, such as oil, gas, chemical, and transportation, are being targeted by specific attacks tailored for their unique operational technology environment.
In a way, we should learn from the processes of cybercriminals. They keep up to date logs on developments in the OT security industry as they scheme to sow havoc and hold critical infrastructure organisations to ransom. If the cybercriminals are aware of the OT and IT assets you have within your digital environment, you should be too. We cannot protect what we cannot see and understand. Business leaders should prioritise OT security before it is too late. You should ask questions such as what holes we have in our IT or OT systems? Or what vulnerabilities are we susceptible to, and how do we manage them? Answering these questions will start you on your journey towards better vessel security.
What can you do to protect your OT systems?
If you are in the maritime industry, you must partner with a security provider that understands the unique quirks of marine environments. These partners will have the experience you can leverage specifically within the OT domain. IT security does not transfer to OT environments. Traditional managed detection and response (MDR) providers do not have the expertise to secure IT and OT environments at sea. This is why Obrela has developed a proprietary XDR (eXtended Detection and Response) technology named “Vessel Network Analysis” (VNA). VNA is an intelligent, self-contained passive Network Monitoring solution which adapts through AI (Artificial Intelligence) and ML (Machine Learning) algorithms to available bandwidth and threat landscape. VNA covers both OT and IT digital worlds in a vessel and ensures real-time detection, specifically, detecting suspicious activity throughout the visible networks/subnets.
The tool also provides real-time Intelligence Based Threat Detection: Detects suspicious activity based on Intelligence updates before they occur.
When securing the OT of your vessels, act quickly and effectively. Obrela can help you to remove complexities and secure environments wherever they travel.