CSC February’s Members Meeting
28.02.2019
CSC February’s Members Meeting
February’s Members’ Meeting, was held on Thursday, 21 February 2019 at the Mediterranean Beach Hotel in Limassol.
For this Meeting the Chamber arranged a Presentation by Mr. Manos Manoli, IT Manager at Marlow Navigation Co. Ltd. and Mr. Gideon Lenkey, Technology Director at Epsco Ra entitled: “2019 The Evolution of Cyber Crime in Shipping”.
The meeting was started with report delivered by Mr. Andreas Neophytou, the v-ce President of the Chamber. It is worth stressing that in this year the Chamber is celebrating the 30th anniversary. It was reminded that The Cyprus Shipping Chamber was established on 26 January 1989, and constitutes the trade association of the Shipping Industry in Cyprus. The main purpose of the Chamber is to promote the interests of Cyprus Shipping and to continuously further the reputation of the Cyprus flag. At the same time, the Chamber acts as a lobbying group for the promotion and safeguarding of the legitimate interests of its Member-companies, at a national as well as at international level. Today, the Cyprus Shipping Chamber ranks as one of the largest national shipping associations in the world and undoubtedly, “Navigates Cyprus Worldwide”.
Then the second part of the meeting was started. Below I will present the most important points of the speeches of both quests.
With blinding speed, agility and innovation, cybercriminals infiltrate well-meaning organizations in seconds, stealing data, trust and the futures of entire businesses. It’s the core reason cyber threats are becoming the number one risk to business, brands, operations and financials. 2017 and 2018 showcased the ebb and flow of criminal behavior and their changing strategies, particularly for ransomware innovation and cyberattack tactics.
To mitigate these types of attacks, we need to achieved the following two keys:
1. cyber threat intelligence (CTI),
2. employees training courses.
Visibility isn’t always linked to the present. Due to the dynamic nature of the cyber threat landscape, it’s important to take a step back and thoroughly review, analyze and learn from both the successes and failures of existing cybersecurity strategies. Each and every organization should know what they’re fight against. According to some data Oganizations are integrating and connecting CTI into their environments via a dedicated platform. Many others are using vendor-provided application programming interfaces (APIs). An automated, data-driven breach prevention platform, for example, should do everything from block both known and unknown malware, stop encrypted attacks, simplify security management, improve visibility and awareness and help restore systems to a healthy state — and do so from the network, across email, to the cloud and out to the endpoint. To survive the cyber war, organizations must ensure deployed appliances, security solutions and strategies are continually evaluated or optimized — fueled by real-time cyber threat intelligence — which will ensure that they are integrated, layered and versatile. Cybersecurity is never finished. It’s not a checkbox. It’s a perpetual state of alertness, awareness, preparation and resolve. It’s time to better arm (with knowledge and appropriate tools) our information technology admins, security analysts, forensics experts, network architects, the most important – our employees.
It was recently reported that more than 80% of offshore (situated at sea) Cyber, Information Technology (I.T) and Operational Technology (O.T) security breaches are as a direct result of human error. The International Maritime Bureau (IMB) also recently reported that cyber crime at sea was on the rise and ship owners should be aware of the consequences of not implementing risk mitigation measures.
In a recent study conducted at Coventry University (UK) by the author with the support of the CSO Alliance, it was highlighted that 67% of Company Security Officers (CSOs) within shipping companies felt ‘Cyber Security’ was NOT a serious threat to international shipping. It was also highlighted in the same study (‘Cyber Security, The Unknown Threat At Sea 2016’) that 89% of CSO’s did not believe Cyber Security was their responsibility and referred the author directly to their IT department. The study which was carried out over 18 months with more than 250 ship owners of all shapes and sizes also explored the awareness levels on board as well as on land in HQ. It was highlighted that 91% of Ship Security Officers (SSOs) questioned or interviewed believed that they did not have the knowledge, training or competencies to manage the cyber threats to the vessel. Finally perhaps the most concerning finding from this study was that 100% of the shipowners who took part in this study highlighted that crew members were given NO training at all nor was there any campaigns to raise awareness, yet 53% of CIOs stated they had IT security policies in place on their vessels.
As a baseline, actionable cyber threat intelligence can be organized into the following categories:
1. Malware a general top-level category of malicious software that is deployed on targeted machines, devices or networks for illicit gains or illegal activity (e.g., data and credential theft, vandalism, spying, etc.).
2. Ransomware a type of malware that encrypts a user’s or organization’s data and demands a ransom — often in the form of cryptocurrency — for the data to be decrypted.
3. Intrusions wide-ranging network breaches that include application exploits, worms, Trojans, software vulnerabilities and other malicious traffic that could affect network security, performance, safety or reliability.
4. Encrypted attacks malware or other malicious payloads that are encrypted using secure sockets layer (SSL) or transport layer security (TLS) standards to hide behavior and defeat standard security controls (e.g., firewalls without deep packet inspection).
5. Spam unsolicited mass email communication that can provide opportunities for cybercriminals to introduce malicious URLs or files into a network.
6. Phishing targeted email that leverages social engineering — often posing as a legitimate user, friend, co-worker or business — to encourage recipients to click on malicious links, open attachments, execute files, etc.
How the above may effect on shipping industry? Few examples:
1. in June 2017, NotPetya attacked AP Moller-Maersk, that costs the Company at least $300 million,
2. on 20 September 2018, several servers in the Port of Barcelona’s security infrastructure were hit in a cyber-attack that apparently did not affect operations but showed port vulnerability to such incidents.
3. on 25 September 2018 the Port of San Diego’s IT systems were disrupted by a ransomware attack that prompted investigations by the Federal Bureau of Investigation and the Department of Homeland Security.
4. in July 2018, Cosco’s terminal at the Port of Long Beach in California was the target of a ransomware attack.
5. This is the reality– it’s the crime of the 21st century, where “pistols” were converted into “keyboards”. Both of today’s speakers stated that Cyprus is well aware of the above dangers. The country’s main assumption is developing seafarer training courses in cyber security. Such a course is already incorporated into the education system at the nation’s maritime academies. Deputy Ministry of Shipping is also eyeing cyber security initiatives with Cyprus’ Department of Information Technology Services that it plans to share worldwide. The key note: shipowners and companies to make sure employees follow safe protocols.
The meeting can be concluded with the following tips to improve:
1. The UN, Governments and Flag States should undertake a fundamental look at its methods of maritime cyber regulation as well as what types of regulations are needed and where.
Everal staps have aready been taken – in January, a section dedicated to security, including cyber-risk, was introduced in the third edition of the Oil Companies International Marine Forum’s Tanker Management and Self Assessment (TMSA) programme.
The language was also included in the seventh edition of the vessel inspection questionnaire from the forum’s Ship Inspection Report Programme (SIRE), made effective in September. The IMO’s Maritime Safety Committee inserted maritime cyber-risk management into its list of Information Security Management Code requirements, with a strong recommendation that companies adopt it from 1 January 2021.
2. Shipping entities must retain an offline option for all the main services which interact with other trading parties.
3. There is an urgent and progressive need to consolidate the existing awareness raising campaigns around maritime cyber security into one coherent set of messages along an international campaign.
4. The effectiveness of the reporting channels for victims of cybercrime at sea need to be improved and made transparent.
5. Larger maritime businesses need to be encouraged to support the smaller maritime businesses in their supply chains in order to adopt effective holistic and integrated cyber resilience practices.
6. Law enforcement should have a central place in the UN’s Maritime Cyber Security Strategy and in particular law enforcement aimed at protecting the maritime business community. It should include a UN commitment to better survey and record the scale of cyber crime against the maritime community as part of the official international crime statistics.
7. Governments need to commit more resources to enforcement against cybercriminals and take the cybercriminal threat at sea more seriously.
8. Larger economic infrastructure providers such as financial intermediaries should be liable for losses as a result of maritime cybercrimes.
9. On a general point and internationally, cyber resilience needs to be taught in schools alongside the other aspects of ICT. Basic digital skills – including how to stay safe and secure online, should be embedded in the curriculum as a core part of the functional skills that every young person should acquire during their education.