As ships become increasingly connected to the internet, their onboard systems become more vulnerable to online threats
With shipping companies embracing digitalisation, the proliferation of software on board vessels has enabled the industry to transition to data-centric operating practices. These trends ramp up the vulnerabilities of onboard systems to malicious malware and Trojan software that can reach into the inner workings of ships without proper protection.
Vulnerable onboard systems include IT and communications networks, bridge equipment, propulsion controls, automation, energy and emissions management, cargo handling and ballast water management.
“As the number of onboard systems multiply and complexity grows, so does the urgency and resources needed to maintain them,” said GTMaritime head of operations Jamie Jones.
To protect these systems from cyber threats, GTMaritime has introduced a new product to reduce cyber security weaknesses in ships.
GTDeploy cuts delays in pushing out urgent software and security patches to protect shipboard systems before threats emerge. Software patch management is vital to cyber-risk management as defensive measures, such as email filtering, firewalls, network segregation and unified threat management.
GTMaritime designed GTDeploy to make patch management integral to the maritime IT environment, said Mr Jones. “Software updates get pushed down the list of priorities for a variety of reasons,” he explained. “Sometimes there are simply more immediate problems that need dealing with, but, often this is to do with pressure on budgets – the cost of sending someone out to a vessel may be hard to justify.”
It is also becoming increasingly difficult to send engineers, IT personnel or local agents to ships at a time when people worldwide are urged to follow social distancing guidelines and port security restrictions are tightened. Ship operators, managers and owners need services to manage onboard cyber security remotely.
GTDeploy allows applications to be managed through an intuitive drag-and-drop dashboard interface. GTMaritime said GTDeploy will function regardless of the type and capability of satellite communications set up on a ship.
GTDeploy supports automatic updating. It can add, refresh or uninstall security updates, patches or entire applications.
Owners must incorporate cyber security into their safety management systems by 1 January 2021 to remain compliant with IMO’s amendments to the International Safety Management (ISM) Code. By the first ship survey after January 2021, vessel operators must demonstrate robust and systematic processes are in place to address vulnerabilities and reduce exposure to malicious code.
Cyber security solutions will be presented at Riviera Maritime Media’s Maritime Cyber Risk Management Forum in London on 16 June