30th October 2019
With vessels becoming increasingly 'connected' at sea based on the industry wide push for efficiencies and increased importance placed on crew welfare, the need for a proactive approach to cyber security is clear. With National Cyber Security Month coming to an end in the UK and the January 2021 deadline for IMO regulations on cyber risk management being a hot topic, we take a look at the latest thoughts from industry experts.
Maritime security consultant, David Rider from maritimesecurity.news.blog recently produced an article for Maritime Executive magazine*, looking at the potential threats vessels are facing due to vulnerabilities related to the nature of their operations. After looking at regional differences and trends, David unsurprisingly highlights that vessels and shipping companies most vulnerable were those operating without effective cyber security measures in place, exposing critical vessel control systems to threats.
Through his research he also concludes that the main threat to security today remains to functions at head office rather than ship based operations, as after all…..that’s where the company finances are managed, and through email scams, hackers are looking to encourage fraudulent bank transfers through cleverly spoofed emails.
Another industry commentator is Ellsa Cassi from Lloyds Register, and earlier this year in Maritime Digitalisation and Communications magazine**, she talked specifically about the human factor within the cyber security mix and how it can impact other protections in play: “You could deploy technologies, a firewall and an intrusion prevention system to prevent a breach from happening, but what you cannot do is prevent people who are not trained opening the door to the attacker.”
With this in mind, it is clear that every company operating within the maritime industry and any other industry who rely on IT, must ensure that internal awareness is raised of potential threats and how best to avoid them, and that proper barriers are maintained and constantly monitored for ever changing vulnerabilities.
………………………………………………………………….......
In line with National Cyber Security Month in the UK, we wanted to update you on the measures Satcom Global is taking to keep both our networks and customer satellite connections protected.
Over many years Satcom Global has developed a range of inherently secure maritime value-added services which have helped to protect partner and customer networks with the safe passage of traffic. More recently, in response to increased threats, we have taken our protections further, becoming Cyber Essentials certified and bolstering our network with additional monitoring tools and security features.
Satcom Global Internet Security
To support the internet security of our customers, we offer a range of ship side and land based firewall products which can be configured to specific vessel and customer requirements. We also offer ESET Endpoint as our anti-virus solution of choice, which provides reliable protection for our staff and the on-board infrastructure of our customers, delivered by Nano updates to minimise the amount of valuable satellite data required to keep anti-virus fully up to date.
In terms of our overarching network and infrastructure, we use the latest Cisco Firewalls, Switches and Routers, all configured with ‘high availability’ in mind, and we also offer secure internet breakouts.
Satcom Global Email Security
For advanced email security, Satcom Global employs Barracuda Cloud Protection to check for spam and viruses, scanning and even opening suspicious attachments in the cloud before they reach our servers.
Barracuda email filters provide secondary scanning of email within our data centres guarding against both virus and spam. In addition, ESET Enhanced Server Protection is in place to protect our customer IPSignature email servers from cyber-attacks and viruses as an extra layer of added security.
Ben Watson, Satcom Global’s Head of IT, further highlights the importance and benefit of multi-layered security:
“Cyber security is paramount in any industry, but when dealing in satellite broadband the stakes are even higher. Last month alone, Barracuda Cloud Control processed over 1.3 million emails for Satcom Global, blocked 270,000 potentially harmful emails, defended against 5,121 advanced threats within attachments, and detected over 12,052 viruses. Those statistics speak for themselves, but we can’t become complacent that a system alone can protect us. As part of our company IT policy and training, we need to ensure that staff are aware of potential cyber risk, measures we have in place to mitigate it, and that they deploy a responsible level of care and caution whilst using online systems and email.”
Enhanced Security with IPSignature 4
In addition to our wider protections, Satcom Global’s proprietary IPSignature 4 platform provides additional security for a range of maritime communications services. An integral part of Aura VSAT as well as supporting the management of Inmarsat FleetBroadband and Iridium services, OpenPort and Certus, it offers a multitude of features to improve cyber security onboard. The multi-purpose maritime communications management solution provides the separation of crew and business networks, two factor authentication for changes, web controls with white and blacklisting, traffic monitoring and alerting, firewall management and IP level encryption.
………………………………………………………………….......
Further information on all of the protections outlined above are detailed in our Cyber Security product sheet which can be downloaded from our Resources library here, and please feel free to contact one of our regional offices today to discuss your secure communications set-up in more detail.
* https://www.maritime-executive.com/blog/maritime-meets-cyber-security
** https://www.rivieramm.com/opinion/opinion/cyber-preparedness-is-needed-to-meet-imo-safety-requirements-22025
« Back to news