ACT BEFORE YOU’RE HACKED Simple and generic antivirus is no longer fit for purpose: a genuinely effective, multi-layered, maritime cyber security solution has to combine cyber awareness, network security and endpoint security. Words: Wayne Perks, Manager of Security Services, Inmarsat Maritime 66 | SUMMER <strong>2019</strong> | <strong>ONBOARD</strong>
ADVERTORIAL Cyber security, or the lack of it, is often portrayed as a pivot point upon which the smooth running of contemporary society is precariously balanced. There can be little doubt that it legitimately represents one of the most fundamental concerns of our times, considering that the integrity of everything from business-critical services and sensitive personal data to asset monitoring, transport network infrastructure and even political processes is now entirely contingent upon the impregnability of online networks. Maritime cyber security naturally presents its own set of specific challenges. Cyberattackers have been characteristically quick to exploit vulnerabilities in this sector, leading to threats not just on individual vessel systems, but also sophisticated, enormously damaging ransomware attacks on multinational shipping conglomerates. In the superyacht sector alone, the statistics make for sobering reading. In a poll conducted for Inmarsat’s 2018 Superyacht Connectivity Report, almost 40% of respondents admitted that their onboard cyber security regime merely consisted of a basic firewall. Combine this in the bigger picture with the 2017 findings of FutureNautics’ Ship Operators Cyber Security Survey, in which 39% of respondents reported a cyberattack on their vessels’ onboard systems within the last 12 months, and it becomes obvious that cyber resilience remains an issue that entire swathes of the seafaring community urgently need to engage with. At its most basic level, the initial problem may be one of perception. The assumption among superyacht skippers and crew has often appeared to be that a standard antivirus programme will cover all their cyber security requirements. Not unreasonably, many are drawn to the idea of a one-shot easy fix, a silver bullet that will discreetly seal off their systems for good – job done. There is, of course, no such thing, and infallible, 100% cyber security is a hopeful concept at best; so it’s important to acknowledge that an in-depth cyber defence incentive consisting of multiple layers is by some distance the most effective approach to adopt for achieving far higher security. It is for this reason that Inmarsat developed its Fleet Secure Portfolio, which consists of three services – Fleet Secure UTM (Unified Threat Management), which is a comprehensive set of tools designed to continuously inspect, detect and protect the vessel’s network; Fleet Secure Endpoint, a powerful multi-layered endpoint security solution to prevent attacks whilst removing infections and threats throughout the onboard endpoints; and Fleet Secure Cyber Awareness, cyber security training specifically targeted for seafarers, raising awareness to assist in preventing threats before they get on board. Each service is separate, so customers can opt to choose one of the three, or deploy all of them. The Fleet Secure Portfolio actively seeks to maintain a secure system core by ringing it with this three-pronged defence strategy combining network security, awareness and training, and endpoint security. Generic antivirus software only has antispyware and anti-phishing capabilities, and will only work if the most recent update version is installed. Updates often need to be actioned on a daily basis, and with modern attack vectors encompassing methods to bypass antivirus there can still be no guarantee to catch every form of malicious software. However, in order to fulfill its brief, Fleet Secure Endpoint has to encompass a raft of additional duties including ransomware prevention, botnet protection, network monitoring, web control, multi-engine scanning, endpoint health status and threat alerting, and the provision of a full asset inventory – software, hardware and so on. Clearly, a proactive means of detecting, alerting and reporting ever-more insidious and cunning methods of cyberattack is key to staying ahead of the curve. The Fleet Secure Endpoint solution is designed to spot new nodes on the network or malign encryption attempts: the solution instantly informs users of any anomalous activity which deviates from the ‘known good’ configuration while simultaneously barring access to all files on the device, segregating the affected part of the system so that other systems aren’t impacted. In purely practical terms, another attractive aspect of the solution is that it places little surplus demands on contracted Inmarsat’s 2018 Superyacht Connectivity Report revealed almost 40% of respondents admitted that their onboard cyber security regime merely consisted of a basic firewall bandwidth and requires no extra outlay on hardware. Operating via high-speed broadband connectivity, it determines external attacks including, crucially, malware which may have been introduced into the vessel’s local area network by accident. It has been estimated that 95% of maritime cyberattack incidents are caused by simple human error. The entire network can be compromised by crew members downloading from unreliable sources, unknowingly plugging infected USB sticks into operational IT equipment (navigational equipment and engine monitoring systems, etc), or even merely charging their vape pens through USB ports. The belief that devices which carry no data are impervious to infection is, sadly, untrue. And on this topic, superyacht crews need to be made aware that tech items such as drones, smart TVs and music systems are also vulnerable. Preventing accidental cyber security breaches such as these before they can occur is a central pillar of the Fleet Secure ideology. The first line of defence is to encourage best practice through detailed guidelines, appropriate training and strict adherence to designated processes (including the regular changing of system passwords and Wi-Fi access codes). To this end, Inmarsat has collaborated with the Marine Learning Alliance and management consultants Stapleton International to devise Fleet Secure Cyber Awareness – a dedicated cyber security training regime to enlighten crews and captains about the many ways through which the onboard IT infrastructure can become compromised. Forewarned is forearmed... For more details Contact a local Inmarsat partner or visit www.inmarsat.com/maritime <strong>ONBOARD</strong> | SUMMER <strong>2019</strong> | 67