https://maritime-executive.com/editorials/what-do-you-do-if-a-hacker-takes-control-of-your-ship [ ] Go SUBSCRIBE NOW Maritime Executive Logo Maritime Executive Logo Media Kit * news * Features * Podcasts * Magazine * Newsletter * Blogs * Jobs * Advertise * Subscribe * news * features * Podcasts * magazine * newsletter * blogs * Jobs * advertise * subscribe TOP STORIES Baltimore Bridge strike Baltimore Bridge Strike Could Be the Most Expensive Marine Casualty Ever Published by The Maritime Executive Key West Florida Florida Permits Larger Cruise Ships in Key West Over Local Objections Published by The Maritime Executive containers trapped in Baltimore CMA CGM Declares "Force Majeure" in Response to Baltimore Bridge Collapse Published by The Maritime Executive Royall Navy Auxiliary vessel UK for First Time Sends Auxiliary Ships to India for Maintenance Published by The Maritime Executive 16000 Views What Do You Do if a Hacker Takes Control of Your Ship? NTNU is training mariners on how to respond to a cyberattack in progress Cyber exercise on bridge simulator The ship is not behaving as it should. What's happening? Captain Odd Sveinung Hareide explains to the others on the bridge what he has done, what he is prioritizing right now and the next move. Photo: Eli Anne Tvergrov, NTNU. Published Mar 19, 2023 2:50 PM by Gemini News [By Eli Anne Tvergrov] You're on the bridge, with the ship's course shown on the digital display. But why is the ship continuing to turn west? Everything looks normal on the computer screens in the dark wheelhouse -- but outside, the land is dangerously close. What's going on? Down in the engine room, workers report via radio that everything is normal, but they wonder why the bridge has changed course. The engines are revving and the ship is picking up speed. The engine room hasn't done this. What now? Cybersecurity is a hot topic for the entire maritime industry, as well as in academia. A joint team recently conducted a completely new cyber security course at NTNU in Alesund. Probably the first of its kind NTNU in Alesund's programme for the maritime industry has just offered a new course entitled "Maritime digital security" (in Norwegian). Over two months, course participants have looked at digital threats. They have assessed the risk of existing digital threats and realistically practiced a cyber attack on a ship under way. The key focus is on risk management of cyber attacks and building resilience. "Where information technology and people meet, there is room for digital vulnerability. Security breaches can come in through the ship's systems and through the port system and through the people who operate or supervise them," Marie Haugli-Sandvik and Erlend Erstad said. Both are PhD candidates at the Department of Ocean Operations and Civil Engineering at NTNU. They are studying how the maritime industry can be better equipped to handle cyber attacks. The two PhD candidates have developed and now run the maritime digital security course, which appears to be the first of its kind in Norway. The course has been included as part of the doctoral theses they are about to complete. International requirements The Norwegian Maritime Directorate and the Norwegian Coastal Administration have a strategic goal that seafarers and personnel be offered essential digital security skills. The starting point is international requirements from the IMO (International Maritime Organization). The international industry associations and shipping organizations therefore focus on this topic. Within the basic requirements for shipping, there will soon be even stricter minimum requirements for cyber security. Stricter requirements for training, practice and training will all come next year. Developed with the industry "We developed this course in close collaboration with the industry," Erstad said. "We have listened to what they want, looked objectively at their needs, and then tested the best solution we can come up with." "It's always better to have a broad perspective and different approaches with new projects and methods. Established businesses can also benefit from a fresh look. NTNU is a good place to try out new ideas. As researchers, we can help meet the industry's urgent needs while at the same time discussing solutions with them for the future," Haugli-Sandvik said. Not enough training in cyber security Haugli-Sandvik conducted a survey this winter among 293 deck officers from 11 major offshore shipowners in Norway. * Eighty-three per cent said that they had taken part in some form of cyber security training. * Fifteen per cent answered that they had never received training. * Two per cent didn't know if they had had training. "Eighty-two percent of the deck officers said that they had received the training as e-learning and/or that they had participated in digital safety campaigns sent by their employer," she said. Employers to a large extent were responsible for this training, in the form of courses. This demonstrates that the industry wants to take responsibility, Haugli-Sandvik believes. But there are many standardized and general IT security courses. "But most of the training wasn't directly operationally oriented and/ or adapted to the maritime industry," Haugli-Sandvik said. This is illustrated by the fact that 66% of the deck officers surveyed said that they were uncertain or disagreed that they had enough training to handle a cyber incident on board. Challenges identified by the Norwegian National Security Authority'sRisk Report 2022 The Norwegian Maritime Directorate and the Norwegian Coastal Administration have focused on a number of challenges identified in the Report on strategy for maritime digital security 2020. In its 2022 Risk Report, the Norwegian National Security Authority (NSM) points to a threefold increase in the number of serious incidents and cyber operations from 2019 to 2021. The corresponding report for 2023 addresses the issue that there are many vulnerabilities in unclear supply chains, and that with more unpredictability the industry needs to be better prepared. The maritime industry has worked with digitalization in both traditional information technology systems (IT systems) and in operational technology in systems for automation, propulsion, management and other control systems. The greater the use of remote connection, integration and digitization in operational technologies, the more vulnerable the operation can be. At the same time, the lifetime of larger ships is generally between 25 and 35 years, and digital upgrades in the entire international fleet usually happen gradually and over time. There is great variation in computer equipment on board both for administrative functions and control systems. The situation is much the same as for ports, where more and more operations are being automated. When it comes to port traffic alone, incidents have been uncovered that have result from cyber attacks IT and administrative systems. These lead to business interruptions, information theft and manipulation linked to smuggling. Major consequences Digital IT events can have consequences for ship operations. They can affect administrative systems for ship manifests, passenger lists, digital certificates and sailing licenses and the like. This can delay or impede operations. Companies that are exposed to these problems can experience significant financial consequences and damage to their reputation. The Norwegian National Security Authority (NSM) points out that activity in the cyber world can be so advanced that we don't actually notice it, and covert activity can remain hidden for a long time. How should crew on board react to discover hidden threats? How can the crew on board make the right assessments in advance or make concrete decisions in the brief window of time a few minutes before a ship runs aground? Knowing what to do, both to prevent this from happening, and to practice what to do if it does, is critical for the industry. Three people in a ship simulator. Is the ship capsizing? Captain Odd Sveinung Hareide makes contact with the engine room. Photo: Eli Anne Tvergrov, NTNU. Deck officers and cyber security Haugli-Sandvik's doctoral dissertation looks at how deck officers experience cyber risk at sea. "My project is part of the work in one of NTNU's 12 centres for research-driven innovation. This centre, SFI MOVE (Marine Operations in Virtual Environments), works with how future maritime operations may look through the use of digital twins, machine learning and control centres on land," she said. "I'm studying how targeted guidelines, training and risk communication can be developed for maritime cyber security. I am also investigating what tools we should develop to handle new cyber risks we may experience at sea." Erstad, on the other hand, is looking at cyber resilience at sea. "I'm looking at the best way that navigators can be resistant to, prepare themselves for, and overcome, cyber attacks against the integrated navigation systems on board the ship," he said. Erstad says the researchers have benefitted from working with researchers at the Cyber SHIP lab at the University of Plymouth in England, which also works with maritime cyber security. To practice realistic actions and situations in a safe environment, NTNU has opened a Cyber Range especially developed for the maritime sector. The Cyber Range enables practitioners and researchers to uncover vulnerabilities in maritime navigation and control systems for ships. People in classroom with big screens on one wall. PhD candidate Erlend Erstad and Einar Johan Lukkassen from NTNU evaluate the response from the bridge. Marie Haugli-Sandvik and the other participants and observers, prepare for the exercise to continue. Photo: Eli Anne Tvergrov, NTNU Simulated event The larger course exercise relied on ship simulators at NTNU in Alesund. These simulators are also unique in their design when it comes to realism. The participants took their seats in ship simulators, designed like a bridge on a larger ship underway in the North Sea. "We make the simulator scenario close to what actually happens on a ship, as well as to what happens in the communication between the ship and the land. But even though the scenario uses full-scale maritime bridge simulators, the focus was mostly on getting a good discussion going," Erstad said. The exercise also included participants from DNV, marine underwriters the Norwegian Hull Club, NORMA Cyber, Solstad, public institutions such as the Norwegian Coastal Administration and the Inland Norway University of Applied Science, as well as from the University of Plymouth. They were invited in as observers and as resource persons in the simulation. "We learn the most from the dialogue between the actors in the rehearsal and in the review afterwards, not least because you can then see what was practiced and the event itself from another point of view," says Erstad. Strengthening the weak link Professor Kevin Jones heads the Maritime Cyber Threats Research Group and Cyber SHIP lab at the University of Plymouth. He points out that a cyber attack can pose huge problems for the global economy and trade. "When the large container ship 'Ever Given' ran aground in the Suez Canal, the cause was the weather and wind. Although this was not a cyber attack, the incident illustrates the consequences that can affect a vulnerable global system," Jones said. Ninety per cent of world trade is predicted to be linked to maritime transport, through maritime supply chains. It's entirely believable that a similar incident could occur due to digital vulnerabilities, as a result of unauthorized access to computers and control systems. "The weak link is the human being, and we have to strengthen this link. Humans are the resource on board that can handle such a situation," Jones said. Adapt skills development The exercises and the specific course with the participants, helpers and observers have strengthened the two PhD candidates' view that it is important to adapt skills development to the precise circumstances at hand. The course offers a clear practical approach to risk management in a digital perspective. This is also included as part of NTNU's master's programme in operational maritime management. "It is important that businesses in the maritime sector familiarize themselves with their values, the digital threats and vulnerabilities they have. Managers need to know their employees will be able to handle the digital threats, and understand the needs they have for skills in working with digital security," Jones said. The next course in Maritime Digital Security is planned for autumn this year. The offer will then be tailored to an even greater extent for managers, middle managers, operational (sailing) and administrative personnel in the maritime sector, but will also be very useful for other industries. Reference: Erstad, E., Hopcraft, R., Vineetha Harish, A. et al. A human-centred design approach for the development and conducting of maritime cyber resilience training. WMU J Marit Affairs (2023). Cyber safety at sea The maritime industry must raise awareness of what's at risk by not preventing cyber attacks. Here is some general advice: Checklist at individual level on board: * Install security updates as soon as they come and automatically as much as possible. * Do not assign administrator rights to end users. * Do not allow the use of weak passwords. Introduce, where possible, that users document their identity through multi-stage security and approval procedures (multi-factor authentication). * Phase out older ICT products. * Do not allow anything other than software that has been approved by the company or unit supplier. Checklist at system level on board and ashore: * Introduce a system for authentication and authorization for users of necessary information. * Introduce protection of all data at the appropriate level, based on the sensitivity of the information. * Introduce controlled access for IT users on board and ashore, so that each individual only has access and rights to the information for which they are authorized. * Introduce controlled communication between ship and shore, with safety in focus. * Introduce a response plan for cyber incidents based on thorough risk assessments. The opinions expressed herein are the author's and not necessarily those of The Maritime Executive. MORE TOP STORIES * Investigators Check Dali's Fuel with Speculation of Possible Contamination * The Ship Has Sailed for Cash-Based Compensation - Now What? * NTSB Releases "Black Box" Timeline of Baltimore Bridge Strike * Remains of Two Victims Recovered From Baltimore Bridge Wreckage EDITORIALS TOP STORIES * "You Can Hear the Gunfire": The 911 Call Center for Mariners Under Attack * Uruguay's Navy Looks to Shine a Light on Dark Fishing Fleet * China's Gray-Zone Provocations: Time to Reciprocate * Why Houthi Attacks in the Red Sea Are Likely to Persist: They're Popular * Supporting Shipping's Transition Towards a Carbon-Free Future SUBSCRIPTIONS SUBSCRIBE * Print * Digital * Newsletter * Renew Subscribe Now RELATED STORIES Shipping Baltimore Bridge strike Baltimore Bridge Strike Could Be the Most Expensive Marine Casualty Ever Published Mar 28, 2024 6:02 PM by The Maritime Executive Lloyd's of London expects that the payout for the Baltimore bridge strike will be exceptionally expensive, and it may even be the "largest ever marine-insured loss" - bigger perhaps than the Costa Concordia. When the boxship Dali hit the Francis Scott Key Bridge on Tuesday morning, it killed six people, collapsed a major highway thoroughfare, and blocked off access to Baltimore's harbor. The physical damage was massive and costly, but it will be the secondary impacts to business that really... Continue Reading... Ports Key West Florida Florida Permits Larger Cruise Ships in Key West Over Local Objections Published Mar 28, 2024 5:58 PM by The Maritime Executive Florida's Governor Ron DeSantis on Tuesday approved a new long-term lease for a pier in Key West making it possible for larger cruise ships to call at the popular port despite the ongoing objections of the majority of the residents of the resort town. It is the latest step in a multi-year battle between environmental groups supported by local residents and the state government to reduce the size and number of cruise ships docking in the port. Tuesday's... Continue Reading... Shipping containers trapped in Baltimore CMA CGM Declares "Force Majeure" in Response to Baltimore Bridge Collapse Published Mar 28, 2024 4:50 PM by The Maritime Executive The major carriers are scrambling to assist customers and formulate plans in the wake of this week's incident suspending vessel traffic in the Port of Baltimore indefinitely. While there were no container vessels on dock at the time of the incident, CMA CGM reports that the terminal stopped receiving exports as of 11 a.m. on March 26, prompting the carrier to issue a notice of Force Majeure today to customers. CMA CGM is informing customers of contingency plans under... Continue Reading... Government Royall Navy Auxiliary vessel UK for First Time Sends Auxiliary Ships to India for Maintenance Published Mar 28, 2024 3:18 PM by The Maritime Executive The UK Royal Navy confirmed that for the first time, it has sent two of its auxiliary vessels to India to undergo essential maintenance. It follows a similar move by the U.S. Navy in 2022, all part of the efforts to strengthen Western ties with India. The Royal Fleet Auxiliary vessels RFA Argus and RFA Lyme Bay arrived in India at the L&T Shipbuilding (Larsen & Toubro) Kattupalli shipyard near Chennai, India. The Royal Navy did not provide details... Continue Reading... SUBSCRIPTIONS SUBSCRIBE * Print * Digital * Newsletter * Renew Subscribe Now Please enable JavaScript to view the comments powered by Disqus. * About Us * Advertise * Newsletter * Contact Us * Privacy Policy * Site Map * News * Features * Podcasts * Magazine * Newsletter * Blogs * Jobs * Piracy News * Shipbuilding News * Cruise Ship News * Ports News * Salvage News * Training News * Government News * Environment News * Corporate News Subscribe [maritime-e] [maritime-e] (c) Copyright 2024 The Maritime Executive, LLC. All rights reserved.