With the increasing use of digital systems on ships, cyber security has become extremely important. The maritime industry relies on these technologies for navigation, cargo management, communication, and other activities, which increases their vulnerability to cyber-attacks.
It is important for all stakeholders in the maritime sector to actively engage in enhancing cyber security practices. Cyber security measures should comply with international regulations and standards. For operational guidance, refer to the International Maritime Organization’s (IMO) webpage on cyber risk.
A cyber-attack on a vessel or maritime infrastructure could be devastating. Risks range from financial loss to potential loss of human life. Also, existing technologies (such as AIS or NAVTEX) do not include security measures. This makes them vulnerable to possible cyber-attacks.
Maritime Services should be “secure by design”. This means developers consider security in the design process and build it in from the start. (cf. IALA Recommendation 1024). Developers must ensure the confidentiality, integrity and availability of data at all times.
Cyber hygiene
Cyber hygiene refers to routine habits, practices and procedures that individuals and organisations use to maintain the heath, safety and security of their devices, networks and sensitive data. This is not a set and forget action. These processes must be regularly reviewed to keep up with emerging threats. It is also essential that these processes be followed by everyone. It only takes one lapse for your network to be compromised.
How to protect your assets
In addition to the IMO developed guidance for international shipping, the Australian Cyber Security Centre within the Australian Signals Directorate Agency and the Department of Home Affairs have published a number of guides on how to protect yourself and business from cyber threats.
This includes what protections are required, best practice processes, how to check for compromise/vulnerability within your devices and networks and what to do if you think you have been compromised. Vigilance is key.
- Learn basic ways of protecting your assets from the Australian Signals Directorate
- Find out about cybersecurity strategy from the Department of Home Affairs.