LRQA Nettitude Blog

Why Marine Vessel Owners Should Consider LR Cybersecurity ShipRight Certification | Nettitude

Posted by Nettitude on Mar 31, 2022

We often hear about unwanted cyber interventions harming operations. You might think it’s not relevant to the maritime industry – you’d be wrong.

Not immune from cybersecurity incidents, a growing number of attackers are focusing their activity on the marine and offshore sector[1][2][3]. That includes cargo ships and cruise liners. Both are attractive targets due to high-value assets and likely vulnerabilities.

Whilst the picture might seem alarming, specialist guidance and procedures exist to help you mitigate your risk, securing vessels from harmful attacks. Created by cybersecurity specialist Nettitude, and used by Lloyds Register, the LR Cybersecurity ShipRight [4] certification is one such example.

Read More

Topics: Marine and Offshore, Marine, cybersecurity, ShipRight Certification

California Consumer Privacy Act (CCPA): The most rigorous privacy regulation so far?

Posted by Nettitude on Jun 23, 2020

By Shai Canaan | Principal Security Consultant at Nettitude

The state of California will start enforcing the California Consumer Privacy Act (CCPA) Assembly Bill 375 (AB 375) on July 1st 2020. This California privacy law legislation is, as its name suggests, privacy specific and aims at protecting the information of residents of the state of California - or as its language refers to them, “California consumers”.

 

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, Marine and Offshore

The top cybersecurity issues for superyachts in 2020

Posted by Nettitude on Jun 19, 2020

By Nettitude  

Aside from the luxury conveniences onboard many superyachts, modern vessels utilise networked technologies in order to provide faster, more accurate, and more convenient operations. Whilst all of these modern conveniences have been a game changer for the superyacht industry, this connectivity can often unfortunately bring with it, new threats to the security of the vessel, its crew, and its passengers, while additionally bringing unique marine-specific challenges in terms of systems maintenance.

Based on first hand security assessments conducted by Nettitude on a wide range of vessels, this blog post aims to express the current threat landscape for superyachts, likely tactics of threat actors, common security issues, and marine-specific challenges in maintaining secure systems and networks.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, Marine and Offshore

An Introduction to the Lloyd's Register Cybersecurity Framework

Posted by Nettitude on May 21, 2020

By Elisa Cassi | Cyber Product and Services Manager 

Nettitude and Lloyd's Register have released the LR Cybersecurity Framework (CSF) for the Marine and Offshore sector, to complement the Cybersecurity Strategy paper that was previously published. The two documents are part of a suite of marine specific documents to support shipping organisations defining and implementing a robust and appropriate Cybersecurity Strategy.

This post focuses on the LR Cybersecurity Framework and provides an overview of how to use it effectively to deliver relevant and pragmatic cyber capability within your organisation for addressing cyber-threats.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, Marine and Offshore

Sniffing Secrets – Sensitive Maritime Communications Broadcast on a Global Scale

Posted by Nettitude on May 14, 2020

By Joel Snape | Security Researcher at Nettitude

One of the key enablers of business modernisation and efficiency in the Maritime Industry has been the availability and adoption of VSAT satellite connectivity. This has allowed vessels to stay connected to shore-based networks throughout their voyage: providing internet and corporate network access for crews and passengers; increasing the amount of administration which can be carried out at sea to save time in port and enabling remote monitoring and management of on-board systems.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, Marine and Offshore

What impact is the COVID-19 pandemic having on the cybersecurity of the Marine and Offshore Industries?

Posted by Nettitude on Apr 24, 2020

By Nettitude

On Wednesday the 11th of March 2020, the Director General of the World Health Organisation (WHO) officially used the term ‘pandemic’ to describe the COVID-19 outbreak, causing many countries to shut their borders, lockdowns to be put in place across a third of the world, and economic activity to begin to slow. Whilst the impact on the shipping industry was only marginalised to begin with, China is a major player within the global shipping sector and as a key partner for many countries maritime activity. This meant that the world quickly began to feel the effects of COVID-19, before it had even spread beyond the confines of China. As the virus progressed on a global scale, the threat level quickly escalated in many countries, and as a result, the cruise and shipping industries began to feel the full force of COVID-19.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, Marine and Offshore

Cyber Risks in Communication Systems Series: Key trends in technology vulnerabilities for the M&O sector

Posted by Nettitude on Mar 6, 2020

By Nettitude Research and Innovation Team

Communication technologies and protocols are an essential part of a vessels electronic systems. However, the unique aspects of marine and offshore environments present challenges to their use; in which the nature of their use and the widespread use of legacy systems affect all security activities and agendas.

This has become a particularly high topic on the cybersecurity agenda over the last two decades, as the explosive growth in communications services has dramatically changed the way that businesses operate in all sectors, improving efficiency and providing new opportunities. In the maritime sector, we can see this from the original adoption of VHF a hundred years ago for ship communication, through to more recent safety technologies such as AIS and satellite communication. However, the limited bandwidth and high cost of these technologies has historically limited the sector’s ability to leverage them in many of the ways seen in other industries.

The following blog post will outline some of the key trends in cybersecurity vulnerabilities in technologies utilised by the Marine and Offshore sector.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Cyber Security Blog, Download Area, Marine and Offshore

Modern Ships – 6 Common Security Issues | Nettitude

Posted by Nettitude on Jan 30, 2020

By Graham Sutherland, Senior Researcher & Consultant at Nettitude

Modern ships utilise networked technologies in order to provide faster, more accurate, and more convenient operations of the vessel. This connectivity unfortunately brings with it new threats to the security of the vessel, its crew, and its cargo, while additionally bringing unique challenges in terms of systems maintenance.

Whilst the benefits of these technologies bring huge value to day to day operations, there are certain precautions which should be taken to offset any risks associated with integrating such technologies. Below are some of the most common security issues faced on today’s ships that you should be aware of.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation, Marine and Offshore

NotPetya Ransomware Attack on Maersk – Key Learnings | LRQA Nettitude

Posted by Nettitude on Jan 16, 2020

The shipping sector has traditionally stood apart from the developments in cybersecurity over the past decade. With the majority of critical functions and assets physically isolated by miles of ocean, the need to secure these resources against cyber threats has seemed similarly remote.

However, in recent years, this hands-off approach to cybersecurity and assurance has become riskier and ultimately, costlier. In the modern cyber threat landscape, less capable adversaries such as hacktivists and teenage virus writers take a back seat to organised criminals and even nation state-sponsored threat actors. The cyber-crime economy is now mature, well-established, and well-developed.

Below we will take a look at the key learnings for ship owners and operators which can be taken from previous research and attacks, most notably the NotPetya attack in 2017 which caused major implications for global shipping giant Maersk.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation, Marine and Offshore

Remote Access Solutions | Part 1  - An overview of remote solutions at sea | Nettitude

Posted by Nettitude on Jan 10, 2020

By Graham Sutherland, Senior Vulnerability Researcher

The traditional online attack surface for ships is changing. Gone are the years where vessels were put to sea for months at a time with little or no contact made with the shore, with letters awaiting them at their next arrival port and unpredictable journey times and locations.

Even with the advent of satellite phones, GPS tracking and computer-based navigation, a typical ship will still have a much more limited online presence compared to shore-based organisations. However, this is changing rapidly. As the availability and reliability of internet connections aboard ships improves, it is natural that organisations will seek to leverage this connectivity for the purposes of remote monitoring and diagnostics.

Below, we take a look at the new and enhanced risks posed by remote access communication on board ships and how we can approach a safer way of operating to protect the ship, its assets and the people on board.

Read More

Topics: Cyber Security, Nettitude, News, Security Blog, Security Testing, Cyber Security Blog, Download Area, Research & Innovation, Marine and Offshore

Subscribe Here!

About LRQA Nettitude

Through our connected portfolio of advanced cybersecurity solutions, LRQA Nettitude helps companies to identify and manage the vulnerabilities and threats that pose a risk to their business, building cybersecurity resilience and underpinning your business strategy with proactive measures.

Recent Posts

Posts by Tag

See all