Download for free the Guidelines on cybersecurity onboard ships

Cybersecurity is important because of its potential effect on personnel, the ship, environment, shipping company, and cargo. Cybersecurity is concerned with the protection of IT, IoT, information and data from unauthorized access, manipulation, and disruption
Cybersecurity is important because of its potential effect on personnel, the ship, environment, shipowners, and cargo. Cyber security is concerned with the protection of IT, IoT, information and data from unauthorized access, manipulation, and disruption. The growing use of comprehensive data analysis, smart ships and the "Industrial Internet of Things"

(IIoT) will increase the amount of information available to threat actors and the potential attack surface to cyber criminals. This necessitates robust approaches to cyber risk management.

Cyber risk management should be an inherent part of a company's safety and security culture conducive to the safe and efficient operation of the ship and be implemented at various levels of the company, including senior management ashore and onboard personnel.

Cyber risk management should involve the senior management level of a company on an ongoing basis, instead of for example, only the ship security officer or the IT manager. Effective cyber risk management relies on a clear allocation of responsibilities and tasks within the company. Cyber risk management is an integral part of ship management and ship operation, and different employees have different roles, responsibilities, and tasks. Furthermore, in some companies, some roles, responsibilities, and tasks are outsourced to third parties.
IMO Resolution MSC.428(98) identifies an urgent need to raise awareness on cyber risk threats and vulnerabilities to support safe and secure shipping, which is operationally resilient to cyber risks. Thus, all maritime stakeholders should work towards safeguarding shipping from current and emerging cyber threats and vulnerabilities. The resolution furthermore affirms that the SMS should consider cyber risk management in accordance with the objectives and functional requirements of the ISM Code.

The 101st session of IMO's Maritime Safety Committee (the report from this meeting is found in IMO document MSC 101/24) "…agreed that aspects of cyber risk management, including physical security aspects of cyber security, should be addressed in Ship Security Plans (SSP) under the ISPS Code; however, this should not be considered as requiring a company to establish a separate cyber security management system operating in parallel with the company Safety Management System (SMS)".

In the same meeting, IMO also "…confirmed that resolution MSC.428(98) on Maritime cyber risk management in SMS set out IMO's requirements for Administrations to ensure that cyber risks were appropriately addressed in existing SMS (as defined in the ISM Code), verified by an endorsed Document of Compliance and Safety Management Certificate, and that in the Ship Security Plan, reference should be made to cyber risk management procedures found in SMS".

The following are common cyber vulnerabilities, which may be found onboard existing ships, and on some newbuild ships:
  • obsolete and unsupported operating systems
  • unpatched system software
  • outdated or missing antivirus software and protection from malware
  • inadequate security configurations and best practices, including ineffective network management and the use of default administrator accounts and passwords
  • shipboard computer networks, which lack boundary protection measures and segmentation of networks
  • safety critical equipment or systems always connected with the shore side
  • inadequate access controls to cyber assets, networks etc for third parties including contractors and service providers
  • staff inadequately trained and/or skilled to manage cyber risks
  • missing, inadequate or untested contingency plans and procedures.
Ships are becoming more and more integrated with shoreside operations because digital communication is being used to conduct business, manage operations, and retain contact with head offices. Furthermore, critical ship systems essential to the safety of navigation, power and cargo management have become increasingly digitised and connected to the internet to perform a wide variety of legitimate functions such as:
  • engine performance monitoring
  • remote diagnostics
  • maintenance and spare parts management
  • cargo and container tracking and management, loading and unloading, and stowage planning
  • crane and pump management
  • monitoring of systems for adherence to environmental regulations and reporting
  • voyage performance monitoring

The above list provides examples of this interface and is not exhaustive. The above systems contain, process and exchange data, which may be of interest to cyber criminals to exploit. Modern technologies can add vulnerabilities to the ships especially if there are insecure designs of networks and uncontrolled access to the internet. Additionally, shoreside and onboard personnel may be unaware how some equipment manufacturers and software providers maintain remote access to shipboard equipment and its network system. Unknown, and uncoordinated remote access to an operating ship should be taken into consideration as an important part of the risk assessment.

Some IT and OT systems are remotely accessible and may operate with a continuous internet connection for remote monitoring, data collection, maintenance functions, safety and security. These systems can be "third party systems", whereby the contractor remotely monitors and maintains the systems. These systems could include a two-way data flow and/or upload-only. Systems and workstations with remote control, access or configuration functions could, for example, be:
  • bridge and engine room computers and workstations on the ship's administrative network
  • cargo such as containers with reefer temperature control systems or specialised cargo that are tracked remotely
  • stability decision support systems
  • hull stress monitoring systems
  • navigational systems including Electronic Navigation Chart (ENC) Voyage Data Recorder (VDR), dynamic positioning (DP)
  • load planning, stowage, and cargo management
  • engine monitoring and control,
  • safety and security networks, such as CCTV (closed circuit television)
  • specialised systems such as drilling operations, blow out preventers, subsea installation systems, Emergency Shut Down (ESD) for gas tankers, submarine cable installation and repair.
The starting point for effective response is the response plan covering relevant contingencies. However, it is unlikely that response plans will eventually match a cyber incident scenario as it unfolds. This is why it is important to regularly drill the response plan and develop contingencies according to lessons learned about the threats, vulnerabilities and impacts. For most ships, the contingency plans are already in place in the emergency procedures required by the ISM Code 1.4.5.

Cyber incidents will require an active response to return the ship to operation. If for example, the ECDIS has been infected with malware, starting the backup ECDIS may cause another cyber incident. It is, therefore, recommended to build and rehearse an incident response plan, detailing roles and responsibilities, communications paths, and core activities.
the Guidelines on cyber security onboard ships
TOP 5 factors contributing to lower fuel costs for Shipping companies
Get a presentation with a full description of the features and free pilot project with trial of Marine Digital FOS for 2 months
"Clicking the button, you consent to the processing of personal data and agree to the privacy policy"
Get an overview "The Pathway to Zero Carbon Shipping:
IMO Compliance and CII Optimization through SEEMP" on email and download it for FREE! Leave your email now!
"Clicking the button, you consent to the processing of personal data and agree to the privacy policy, as well as consent to subscribe to the newsletter. "
Аdvantage of Fuel Optimization System from Marine Digital:
Marine Digital FOS can be integrated with other system and third-party's solutions through the API. To implement vessel performance monitoring for any vessel, we are using mathematical algorithms, machine learning and the same equipment as in FOS. The more data we collect from vessels, the more precise reports and recommendations our system will perform according to your individual requirements in fleet management.

If you have any questions about the solutions and the Marine Digital System platform, write to us, we will be happy to answer
Increased business process speed
Increased business process speed
Reducing to zero the number of errors
Reducing to zero the number of errors
Best offer to the clients
Best offer to the clients
Reduction in operating expenses
Reduction in operating expenses
Have a questions?