By Graham Sutherland, Senior Researcher & Consultant at Nettitude
Modern ships utilise networked technologies in order to provide faster, more accurate, and more convenient operations of the vessel. This connectivity unfortunately brings with it new threats to the security of the vessel, its crew, and its cargo, while additionally bringing unique challenges in terms of systems maintenance.
Whilst the benefits of these technologies bring huge value to day to day operations, there are certain precautions which should be taken to offset any risks associated with integrating such technologies. Below are some of the most common security issues faced on today’s ships that you should be aware of.
1. Outdated operating systems
Outdated operating systems, either in terms of the operating system version itself or the patch status. Older versions of operating systems (e.g. Windows XP, Vista, and 7; Linux kernel 2.x) do not benefit from many of the more modern exploit mitigations and security controls introduced with up-to-date operating system versions.
Combined with a delayed or lacking security patches, this can vastly reduce the security posture of the system against both remote and local attacks. This need not be limited to traditional desktop computer systems, either; outdated systems onboard can include those required to safely operate a vessel.
2. IoT & networked appliances vulnerabilities
Often IT, OT and network infrastructure are not assessed for security when designing and building new vessels (or retrofitting new technology onto existing vessels) and are rarely updated with new firmware and software updates. Even when updates are applied, the general lack of security assessments on these products as part of the life cycle means that vendors are rarely aware of the vulnerabilities, so they do not often get fixed. Communicating these vulnerabilities to marine appliance vendors can also be challenging at this early stage in the marine security ecosystem, as they are generally unfamiliar with responsible disclosure processes and security patching practices.
3. Network segmentation issues – insufficient or improperly configured network
Insufficient or improperly configured network segmentation, particularly between IT and OT systems. In many cases, there may be an expectation, documented or otherwise, that the IT and OT systems are not interconnected in such a way that an attacker might traverse from one network to the other. In practice, this is rarely the case, as information needs to be shared between the networks for the purposes of systems monitoring (e.g. engine monitoring) and remote management.
For this purpose, it is common to find a “gateway” device (a computer) with Ethernet connected to both IT and OT networks. Due to issues highlighted in the previous two points, it is commonly possible to compromise this gateway device and then route traffic between the IT and OT networks via it. A more secure approach is to transmit this data using a non-Ethernet transport layer (e.g. RS485, CanBus, NMEA, etc.) and have separate appliances on the IT and OT networks translating this data.
It is still possible to build a secure Ethernet-based bridge between the two networks, but there are increased costs and complexities involved and such an implementation should be designed by competent security persons.
4. Endpoint security issues – missing or out of date antivirus software
It can be challenging to keep antivirus software up to date due to the limited, ephemeral nature of network connectivity aboard a vessel. Care should be taken to attempt to update antivirus software and other endpoint software whenever possible. Maintenance of endpoint security software should be incorporated into onboard operational maintenance routines.
Additionally, endpoint software is commonly not configured to log incidents.
5. Security configuration issues – inadequate configuration on desktops, servers, and appliances
Default passwords and hardcoded engineering accounts are common, allowing for a very low-skilled attack against the affected systems.
Desktop systems are generally not locked down with group policy and other security controls in order to improve security posture and improve detection of attacks. User accounts are also commonly shared or re-used and unused accounts are not always disabled, particularly when there is a crew change.
6. Third-party access to systems
Third-party access to systems, e.g. remote access solution vendors, can be a concern as those organisations’ security posture is difficult to ascertain, and their networks are usually not in scope during security assessments. Where possible there should be security controls in place that enforce two-party consent before a third party can access ships’ systems.
This should be implemented in a way that is verified by someone physically present on the vessel. It is important to ensure that each of these items is assessed in order to help reduce the likelihood of security vulnerabilities that enable attackers to gain access to ships’ systems or traverse unimpeded through the network once they have gained a foothold.
Being aware of the above vulnerabilities that are essentially ‘trap doors’ into your network is one of the first ways of taking action against an eventual attack. However, implementing a comprehensive security plan within the design of your ship's network systems provides the most effective way of ensuring you are prepared for the worst and know how to bounce back after.
For more information on design for security, please see our full research report.
For more information on the above vulnerabilities, you can email us at firstname.lastname@example.org, or alternatively, contact your local Nettitude office.