Superyacht Cyber Security: A Q&A with the Experts
In 2022, 100,000+ Google play users downloaded an infected application, the U.S. Department of defence lost $23M in an elaborate phishing attack, and Twitter confirmed data from 5.4 million accounts was stolen. These are just three examples of large and powerful organisations falling victim to cybercriminals. Whilst this growing threat has been well-documented, many businesses are failing to up their defences in response, and this translates to the superyacht industry.
We always talk about the exciting innovation regarding onboard connectivity, but it is this advanced connectivity that is making vessels increasingly vulnerable. We spoke to Aaron Hicks, our Senior Technical Support Engineer, about some common cyber-related questions, along with some simple steps all superyachts should implement.
Q: When it comes to onboard cyber attacks, what are the most common types of attacks that superyachts fall victim too?
A: “Phishing is a common method of attack, and we have recently seen several yachts fall victim to advanced phishing attacks. Advanced phishing is where the login details for a crew member’s email account are taken via phishing. The attacker then logs into this email account and creates rules to automatically delete genuine emails from a supplier or other party to which the yacht normally would make payments. This also allows the attacker to see any outstanding invoices for these suppliers. The attacker then sends spoofed emails to the crew members breached email account, purporting to be this supplier asking for payment of these invoices with changed bank details.”
“Cases like this are increasing in frequency, and unless crew are trained in sophisticated phishing techniques, many individuals are, and have fallen victim. This can result in the loss of hundreds of thousands of pounds.”
“Ransomware is generally much less targeted, but a prevalent cyber threat across all industries. Ransomware is a malware designed to deny a user or organisation access to files. This is particularly true for the yachting sector as it poses a financial threat and can also be a significant safety risk. Hackers can infiltrate the yacht’s systems and take complete control of the yacht, including satellite communications, telephone systems and even navigation systems”.
Q: How has the threat of cyber attacks within the superyacht industry evolved in recent years?
A: “We have seen a heightened risk to the OT (Operation Technology) on board, such as bridge systems, engine systems and IoT (Internet of Things) devices such as CCTV and entertainment systems. This is due to them becoming progressively integrated with IT systems and the internet, increasing the attack surface and potential vulnerabilities on board.”
“This heightened risk has translated to the introduction of the 2021 IMO resolution, ensuring all superyachts now undertake cyber risk audits.”
Q: What are five simple steps vessels should implement to lower their threat of an attack?
- Regular Cyber awareness training for all crew
- Strong password and password management policies. The crew must use strong, unique passwords for each account and change these regularly. This process is made much easier with the use of password managers. (In 2020, 61% of data breaches involved compromised password credentials).
- Ensure all devices are updated with the latest software/firmware available.
- Use a firewall to control incoming and outgoing network traffic (block suspicious sites/p2p downloads/etc.)
- Install anti-virus software on all compatible devices.
Q: Why is crew cyber awareness training essential?
A: “Cyber awareness training for crew members can help them establish an understanding of how to identify and prevent cyber-attacks, and how to respond if an attack occurs. Cyber security knowledge amongst crew is important due to the sensitive information that is often stored about guests and owners, along with financial information for the day-to-day running operations of the yacht. A 2020 Inmarsat Superyacht Connectivity Report revealed that 43% of the crew studied had not completed cybersecurity training. As human error is often cited as the main cause of cyber security breaches, if your vessel is contributing to this statistic, now is the time to make a change.”
“OceanWeb’s CyberSafe product is an excellent crew training solution. It provides modular cyber awareness training courses, training crew to sport the various threats and malicious tactics commonly used.”
Q: In your opinion, what is the most critical aspect of a yacht’s cyber security framework?
A: “The most critical part of a yacht’s cyber security framework is having strong measures in place to detect and prevent attacks. This includes measures such as firewalls, intrusion detection systems, software updates, employee training and regular security assessments.”
“It’s also important to have plans to deal with cyber incidents and backups of critical systems and data. The goal is to have a comprehensive approach that covers all the potential vulnerabilities.”
Q: How can yachts benefit from a cyber security risk assessment?
“A cyber security risk assessment assesses an organisation’s ability to protect its information and information systems from cyber threats. Yachts can significantly benefit from a cyber security risk assessment by;”
- Identifying vulnerabilities in their systems and network
- Prioritising risks by identifying the most critical systems and data that need protection.
- Ensuring compliance with industry regulations regarding cyber security
- Having a continuous process to adapt and improve their cyber security stance.
“A risk assessment can help yachts identify potential weaknesses in their systems and take steps to address them before attackers have an opportunity to exploit them. This way, they can protect their vessels, crew, and sensitive data from cyber threats and ensure the smooth functioning of the yacht and its operations.”
At OceanWeb, we provide a comprehensive list of cybersecurity services, including risk management and crew training. Our solutions are aligned with internationally recognised best practice frameworks, protecting yachts from external threats and enabling vessels to maintain full IMO compliance.