ECDIS is increasingly vulnerable to malware and hackers as more ECDIS units on ships are linked to the ship’s communications for online chart updates
ECDIS is increasingly vulnerable to malware and hackers as more ECDIS units on ships are linked to the ship’s communications for online chart updates.
To mitigate risks, seafarers, shore managers and vendor engineers need to ensure operating systems, software and electronic navigational charts (ENCs) are kept up-to-date, and follow guidance from BIMCO and International Chamber of Shipping in ECDIS security as published in Witherbys’ Cyber Security Workbook for On Board Ship Use.
They recommend officers maintain updated ENCs and computer software, keeping operating systems updated with the latest security patches. Many ECDIS still operate on Microsoft Windows 7 or Windows XP and in April 2018, Microsoft released updates to patch 22 critical vulnerabilities.
“These updates must be applied as attackers will otherwise exploit the security flaws,” says the report authors. This also applies to Linux-based operating systems.
BIMCO recommends ECDIS is not connected to the internet but is placed on a dedicated secure VLAN for automatic updates or uses a standalone, segregated and firewall-protected unit from ENC subscription providers. Where there is a secondary ECDIS, there should be a delay between updates in case any malware or virus is embedded in the patch and infects the primary unit.
Physical security is also important. ECDIS computers should be locked in a cabinet, USB ports should be blocked to bridge teams and endpoint protection should be installed. All computers should be hardened during installation and functions restricted to ECDIS applications.
Naval Dome provides endpoint protection for bridge operating technology (OT) and has DNV GL security level 4 accreditation. It has signed an agreement with global shipmanager Anglo-Eastern to provide cyber security for a fleet of more than 650 ships. Under this arrangement, Naval Dome will evaluate Anglo-Eastern’s cyber position and make recommendations on improving protection.
Anglo-Eastern chief executive Bjorn Hojgaard says this could include replacing OT with more secure systems. “Cyber threats are among the most serious challenges the global shipping industry faces,” he says. The agreement “not only enhances the level of security across our fleet, but also encourages system providers to retrofit systems installed aboard the global fleet with more advanced cyber protection.”
P&I partnerships improve navigation safety and cyber security
North P&I Club has partnered with two companies to improve security and ship navigation safety. It is working with SureNav to promote safe navigation and improve bridge team performance and compliance.
SureNav conducts remote navigation audits of bridge operations and navigation using data from bridge equipment, such as a voyage data recorder (VDR) and electronic and ECDIS logs.
North P&I loss prevention executive John Southam says these services should reduce risk for shipping companies. “We frequently analyse high-value admiralty claims that arise from collisions, groundings and other contact incidents,” he says.
“One of the most influential contributory factors to these incidents is a failure in bridge team management. Through our partnership with SureNav, our members will benefit from access to five navigation audits, all conducted by experienced master mariners.”
Shipping companies will be able to use their VDR alongside supporting evidence such as copies of the charts used, checklists, log entries and voyage plans to evaluate compliance with procedures in the vessel’s safety management system.
In a separate deal, North P&I has partnered with HudsonCyber to offer its members access to their HACyberLogix platform.
This cloud-based programme enables shipping companies to access their cyber security capabilities and understand what changes need to be implemented for compliance with IMO’s amendments to the International Safety Management (ISM) Code that will be enforced from January 2021.
This platform integrates industry cyber security standards, frameworks and standardised practices, including IMO’s International Ship and Port Security Code and the ISM Code.
Using this, North P&I Club’s members can cost-effectively implement and sustain a cyber risk management framework compliant with IMO’s Maritime Cyber Risk Management guidelines.