As cyber-security threats intensify, Port-IT chief executive Youri Hart explains what container ship operators need to do to mitigate such risks
Vessels and crew are more vulnerable to cyber attacks than ever before as internet speeds are better and “everyone and everything wants to connect to the internet”, says Port-IT chief executive Youri Hart.
This makes the vessel and its crew more vulnerable to cyber attacks. One of the biggest issues, Mr Hart points out, is that cyber threats evolve quickly, meaning equipment on the vessel often needs to be updated because a vulnerability was found, and updating takes time. “Due to the nature of shipping, this is often difficult and because of that not done, causing security issues left unattended and piling up. The security solution installed is only as good as the last update installed, the install and forget mentality is something from the past and does not fit in today’s cyber world,” he says.
Mr Hart points out while there is enough awareness, there is not enough action yet. He says, “Companies that install our cyber-security solutions often ask how they can block system updates such as windows to avoid data usage. If we look to the month of June 2023, Microsoft released critical security fixes for more than 70 vulnerabilities in Windows. If you don’t apply those updates, you can get hit. The windows updates are just as important as your antivirus system, if not more. But I believe, especially for small business owners, no one is aware until they face a hack or ransomware attack, what the potential costs involved can be.
“With our Port-IT cyber-security awareness module, we try to create awareness for the crew and staff, to help them understand the potential risk and to avoid the easy errors.”
Providing some ideas of how container ship operators can mitigate threats, he says, “Ship operators or management should start with an IT policy and basic cyber-security regulations with a plan for their company and vessels. Make sure all their computers have the same operating system, updated every month. Restrict users to only having access to functions that are required for their role. Basic IT hygiene can solve a lot of issues. Next to that, there are several solutions in the market that help prevent attacks, consulting with the provider of such solutions can further harden cyber security.”
Port-IT continuously evolves its solutions, with recent developments including that its endpoint solution will have secure file backup included, meaning vessels have the option to back up their most important documents to Port-IT’s system and patch management will be included to update all applications on a vessel’s network remotely via Port-IT’s web portal.
Port-IT is also launching a new service called Vulnerability management. Mr Hart says, “To scan for vulnerabilities within a network, an extended data loss prevention service will be launched towards the end of the year or beginning of next year.”
Its UTM service is also being enhanced with new features.
Mr Hart sums up, “As cyber threats are evolving, we must evolve and adapt. That is what we are doing continuously.”
Sign up for Riviera’s series of technical and operational webinars and conferences in 2023:
© 2023 Riviera Maritime Media Ltd.