What is exactly cybersecurity? Is it really an important topic? At the beginning to explain we will use a university explanation of this term. Cybersecurity is protecting yourself and others from attacks that are carried primarily with the computer. I think this explanation is quite simple. Now we know what is cybersecurity, we can focus, how to protect our vessel.
At vessels with integrated systems start to be a standard at this moment. Basically, You are able to operate the vessel from one computer. The situation is exactly the same as with airplanes. You could have one network which is connecting our navigation systems, safety systems, propulsion systems system, and auxiliary systems. Additionally, we have an office network with the crew. The overview of the basic layout points to our weaknesses in the system, which have to be protected.
The topology of connection systems is looking like at graphic below. On the vessel side from the left side, we have users onboard. Vessel systems and personal devices of are connected through the router or Lan connection directly to the server. onboard the vessel to the satellite antenna. The signal is received ashore and data are transferred to the server. The data transfer operation is going in both directions. Here we can easily point to some sensitive places of the out network onboard. The crew which is using the commercial networks, should not operate together with sensitive equipment. This creates really high risk. The best solution. is to separate private users and integrated equipment from each other. So hardware separation. For Cybersecurity reasons, we can easily split networks for different servers for different kinds of users.
Look at the graphic below, You can see the perfect solution of a divided network. Grey network is for private users. Cyberattacks which can appear on these devices are not nice, but company data and the safety of the vessel are completely secured. The yellow network is restricted for office operation. Company data are secured. The last, blue network is highly restricted only for company use, like updates, remote maintenance. etc. By such a separation of networks, we have a much more secure environment than in the basic solutions.
By hardware separation, we can also secure our devices and systems onboard. As an example, it is quite easy to imagine that situation in the office. Someone likes to print a document with the use of his private Pendrive. Close to each other are standing laptops connected to the yellow and grey network. Accidentally, he puts the infected Pendrive to the yellow network PC. What then? Such a small mistake can cost a big problem. But we have an easy solution to prevent such a situation. Switch off USB ports and disk slots in BIOS at restricted office devices. By changing the settings in BIOS we can switch off this unit completely, then users cannot infect important vessel equipment accidentally.
This is an easy option. The frequent updates of the devices are key to keep the system safe. A good example is ECDIS, which gets correction frequently. In such a case the best solution will have a highly restricted device, connected only between a restricted network and ECDIS computer, or connect ECDIS directly to the network with the highest restriction. Personally, I will suggest separating ECDIS and other navigation systems from all kinds of networks. Why? Only hardware separation can guarantee Cybersecurity. For software solutions, people made mistakes. Even with updates, the software can have bugs.
The design of the blue network to operate only on vessel requests in certain conditions. Like a port, with the use of a VPN. In such an environment, You can do the maintenance operation in port. If You are sure that all systems are working properly after updates, You can d updates which are not always working, better to do in a safe condition, than in the middle of the ocean.
This is just the easiest and most effective solution to prevent cyber accidents onboard. The next important topic is software. The most important type of software which can significantly improve cyber safety are:
Access control – Permission to access a resource according to authorization level of the user. Easy and effective.
Encryption software – Used to protect digital information by cryptography. A very good solution to exchange data between the company and the ships.
Firewalls – Basic network security which is monitoring network traffic.
Antivirus – Software which is known as anti-malware. Antivirus detects and removes different types of malware.
VPN – A virtual private network (VPN). This gives you online privacy and anonymity by creating a private network from a public internet connection.
Such a software package is the absolute minimum to achieve minimum safety sailing. In my personal opinion, connecting to all navigation systems to real-time, remote operation is very risky. The crew has to be well trained, or cybersecurity policies have to be strict. In conclusion with these solutions: The amount of crew onboard can be limited. Monitoring vessel condition and operation really well.