For the second time this year the US Coast Guard has issued a warning about the cybersecurity practices aboard commercial sea vessels. Full US Guard Alert Here
To us in Cyber Security, the recommendations are fairly standard. But for the Maritime industry, it seems new.
In order to improve the resilience of vessels and facilities, and to protect the safety of the waterways in
which they operate, the U.S. Coast Guard strongly recommends that vessel and facility owners,
operators and other responsible parties take the following basic measures to improve their
- Segment Networks. “Flat” networks allow an adversary to easily maneuver to any system
connected to that network. Segment your networks into “subnetworks” to make it harder for an
adversary to gain access to essential systems and equipment.
- Per-user Profiles & Passwords. Eliminate the use of generic log-in credentials for multiple
personnel. Create network profiles for each employee. Require employees to enter a password
and/or insert an ID card to log on to onboard equipment. Limit access/privileges to only those
levels necessary to allow each user to do his or her job. Administrator accounts should be used
sparingly and only when necessary.
- Be Wary of External Media. This incident revealed that it is common practice for cargo data to
be transferred at the pier, via USB drive. Those USB drives were routinely plugged directly into
the ship’s computers without prior scanning for malware. It is critical that any external media is
scanned for malware on a standalone system before being plugged into any shipboard network.
Never run executable media from an untrusted source.
- Install Basic Antivirus Software. Basic cyber hygiene can stop incidents before they impact
operations. Install and routinely update basic antivirus software.
- Don’t Forget to Patch. Patching is no small task, but it is the core of cyber hygiene.
Vulnerabilities impacting operating systems and applications are constantly changing – patching
is critical to effective cybersecurity.
Maintaining effective cybersecurity is not just an IT issue, but is rather a fundamental operational
imperative in the 21st century maritime environment. The Coast Guard therefore strongly encourages
l vessel and facility owners and operators to conduct cybersecurity assessments to better understand
he extent of their cyber vulnerabilities.
We recommend using a full UTM Firewall on all commercial vessels that have internet connectivity. In addition, individual connected endpoint devices, need to have active anti-malware software installed and running. L4 Networks can help! Contact Us Please.