As technology advances, more sectors begin to rely on Information and Communications Technology (ICT) for an essential part of their operations. Much like other sectors, maritime activity too now relies on ICT for standard operations like navigation, communication and management of cargo and services. This development significantly improves monitoring capabilities and productivity, but compromises the level of isolation from the outside world, introducing new vulnerabilities and risks, including cyber threats.
Several serious attacks have already been realised and reported, and more will certainly occur in the future, given the wide range of attackers’ motives (financial gain, competition, criminal activities) and the weaknesses of maritime ICT systems. An assessment of cyber security readiness has shown that the maritime sector is considerably exposed to cyber threats, mainly due to the complexity of the maritime ICT environment, the inadequate consideration of cyber security in maritime regulation and the low level of awareness and expertise of maritime staff in cyber security threats.
Vulnerable systems may include bridge systems, cargo handling and management systems, propulsion and machinery management systems, power control systems, access control systems, passenger servicing and management systems, passenger facing public networks, administrative and crew welfare systems, communication systems. Potential attacks may include the compromise of the navigation system (GPS) in order to alter navigation information (position and course) or cause service disruption, or gaining unauthorized access to ECDIS to handle communications etc.
Neurosoft offers a set of solutions and services, designed for the specific needs of the maritime industry, to proactively manage vulnerabilities of ICT systems, monitor status and repel cyber security attacks.
Our highly-qualified professional team of security analysts and researchers will provide guidance to effectively:
- Identify risks and vulnerabilities and assess risk exposure.
- Protect ICT infrastructures against cyber threats, through the development of appropriate mechanisms (technical and organisational) and contingency strategies.
- Detect a cyber event in a timely manner.
- Respond to cyber security incidents.
- Recover from cyber security attacks.
Our experience focuses in the areas of:
- Design and architecture requirements for maritime ICT systems with a focus on telecommunications.
- Vulnerability assessments and penetration testing.
- Threat intelligence.
- Continuous Security Monitoring.
- Compliance with international standards.
- Incident management.
- Security training and awareness.
- Guidance in security hardening guides.