The Challenge

Cyber-attacks on the maritime industry’s operational technology (OT) systems have increased by 900% over the last three years.

Cyberattacks are malicious acts seeking to disrupt ever increasing digital life and operations for financial or political gain.
Current approaches:
Most security programs rely on controls such as
  • Asset Management

  • Access Controls

  • Vulnerability Management

  • Malware Protection

  • Detection

These can be thought of as barriers, set up around the asset to form an “outside” security perimeter to protect critical operational technology (OT) systems that is onboard, “inside”

  • Resource constraints prolonging security program establishment and validation
  • Multi-vendor/multi technology IT commodity type solution “barriers” are not suited to the OT environment
  • Human factors play a big role in asset security and contribute to failings
  • Many safety critical operating systems are using obsolete/legacy operating systems
  • Outside-in solutions do not cater to internal attacks
  • Threat actors are evolving quickly. Security barriers are being lowered or removed

...the risk of cyber attack increases

Attack on the
navigation system

  • Take over the whole integrated bridge systems
  • Display the asset in a false position
  • Loss of lives
Attack of the
RADAR system

  • Misleading Radar picture
  • Display the asset in a false position
  • Hide ocean natural obstacles
Attack of the
machinery control system

  • Maliciously operates and disables machinery – Generator, Air Condition, Pumps, etc.
  • Overrides the fuel control, steering and ballast systems
  • Causes the asset to overturn
  • Fuel spilling and causes vast pollution

Different types of cyber attacks

Internal Vectors
Attacks which require physical
presence on the asset
External Vectors
Remote attacks implemented
via satellite or cellular

Barriers Compromised (OT attack examples in the Energy/Maritime sectors)

Access Controls

Darkside [Colonial] 2021

Ekans 2019

NotPetya 2017

Triton 2017

Copperfield 2017

Stuxnet 2009

Malware Protection

Solarwinds 2020

Havex 2018

Shamoon 2018

Black Energy 2017

Copperfield 2017

Industroyer 2016

Vulnerability Management

BlueKeep 2019

Confiker 2019

WannaCry 2018

Grillmark 2013

Copyright © 2021 NavalDome. All Rights Reserved.