Cyber Security Workbook for On Board Ship Use - 2nd Edition 2021
In recent years, the shipping industry has undergone a digital revolution: internet connectivity on board has become common and ship’s systems are increasingly digitised and integrated. With this growing level of connection, comes greater risk. Ships are now a common target for hackers and it has become crucial that the entire crew has an understanding of how and when cyber attacks can occur.
Using detailed, step by step checklists, Cyber Security Workbook for On Board Ship Use provides a ship’s Security Officer with the practical skills to identify cyber risks and to protect vulnerable onboard systems. It also gives guidance on how best to detect, respond and recover in the event of a cyber attack.
This workbook will help to ensure that cyber risks are appropriately addressed in the onboard SMS (as required by IMO Resolution MSC.428(98)). It will also benefit shipowners, ship managers, ports and their IT departments.
This publication has been produced by BIMCO, ICS (International Chamber of Shipping) and Witherby Publishing Group.
Cyber Security Risk Management – IMO Requirements and Guidelines
In 2017, the International Maritime Organization (IMO) adopted Resolution MSC.428(98) on Maritime Cyber Risk Management in Safety Management Systems (SMS). This Resolution states that an approved SMS should take into account cyber risk management in accordance with the objectives and functional requirements of the ISM Code. It encourages administrations to ensure that cyber risks are appropriately addressed in the SMS no later than the first annual verification of the company’s Document of Compliance after 1 January 2021.
Resolution MSC.428(98) identifies cyber risk as specific threats that companies should address in the same way as any other risk that may affect the safe operation of a ship, its crew and the protection of the environment.
Cyber risk management should be an inherent part of safety and security and should be considered at all levels of the company, including senior management ashore and onboard personnel. In the context of a ship’s operation, cyber incidents should be considered as having the potential to result in physical effects and potential safety and/or pollution incidents. Company plans and procedures for cyber risk management should, therefore, be incorporated into existing security and safety risk management requirements contained in the ISM Code and ISPS Code.
Supporting Regulatory Guidelines
Version 4 of 'The Guidelines on Cyber Security Onboard Ships', which was produced and supported by BIMCO, CLIA, ICS, INTERCARGO, INTERMANAGER, INTERTANKO, IUMI, OCIMF and the WSC, provides guidance on maritime cyber risk management. While primarily aimed at addressing the safety consequences of cyber incidents on board ship, the principles and protection measures in the Guidelines are equally applicable to all organisations in the maritime industry.
The Guidelines are aligned with IMO Resolution MSC.428(98) and the IMO’s guidelines. They provide practical recommendations on maritime cyber risk management and should be read in conjunction with this workbook.
Cyber Outlook for Shipping
While shore based advances in internet connectivity have been substantial over the last 20 years, shipboard access to the internet has not developed at the same rate. However, due to the increased availability of affordable VSAT communications this is improving and the world fleet is increasingly better connected. In the Futurenautics Crew Connectivity Survey in 2015, it was estimated that the average availability of internet access across all fleet sectors stood at 43%. According to a survey by ICS, by 2019, this figure had almost doubled to 82% and it continues to rise.
However, with the comparatively rapid increase in internet connected ships comes an increased risk of cyber incidents. Existing PCs on board are often dated and are networked with no added security protocols. On board, dedicated cyber security procedures and adequate crew training are often lacking.
The split of ship’s systems into IT (business computers, personal devices, etc) and OT systems (ECDIS, cargo control systems, etc) may mean a divide in how cyber security for these systems is approached: staff responsible for IT security may prioritise data protection and preventing network vulnerabilities, whereas OT staff may view safety and continued reliability of operations as paramount. However, this workbook highlights the interconnectedness of these systems on board and the holistic approach to cyber security that must be taken. It offers practical advice on security measures that can be used to protect the ship as a whole.
Purpose of this Workbook
This workbook has been designed as a practical, straightforward and easy to understand guide to support the Master and officers on board ship. It is designed to facilitate understanding and good collaboration between individual ships, onshore IT departments and equipment manufacturers. The workbook may also be useful to the wider maritime industry.
Checklists have been provided to assist in day to day cyber risk management on board.
The checklists throughout this workbook are intended to be used on board ships by any officer. However, it is recommended that the role of inspecting cyber security, completing and verifying the appropriate checklists and identifying and reporting cyber security issues ashore is clearly defined in the SMS.
Along with the Master, the Ship Security Officer (SSO) has a responsibility to ensure adequate cyber security under the broad requirements of the ISPS Code. However, in practice, the responsibility for cyber security may also be delegated to an appropriately qualified officer. The officer should ensure they have a knowledge of the various cyber systems on board, including the satcom, all networks and all critical items of equipment.
Section: 1 – Introduction
1.1 Cyber Security Risk Management – IMO Requirements and Guidelines
1.2 Cyber Outlook for Shipping
1.3 Purpose of this Workbook
Section: 2 – Identifying Risks
2.1 Vulnerable Ship Systems
2.2 What is a Cyber Attack?
Section: 3 – Protection, Prevention and Training
3.1 Prevention of Malware Attacks
3.2 Software Updates
3.3 Endpoint Protection
3.5 Cyber Security and the SMS
3.6 Crew Training
Section: 4 – Detect, Respond and Recover: General Principles
4.1 Detecting a Cyber Incident
4.2 Detecting a Cyber Incident Checklist
4.3 Incident Response
4.4 Responding to a Cyber Incident On Board
Section: 5 – Detect, Respond and Recover: Ship’s Business Systems
5.1 Onboard Business Computers
5.2 Network Segregation On Board
5.3 Network Segregation Checklist
5.4 Wireless Networks
5.5 Satellite Communications Equipment
5.6 Cellular Data Connections
5.7 Connecting to Shore WiFi in Port
Section: 6 – Detect, Respond and Recover: OT Systems
6.1 Understanding OT Systems
6.2 Engine Department Considerations
6.3 OT Systems Checklist for Crew
6.4 ECDIS Security
6.5 GNSS Security
6.6 Cyber Security Checks on the Navigation Bridge during Watchkeeping
Section: 7 – OT Cyber Security: Onshore Office and IT Department Considerations
7.1 Ship’s Network Architecture
7.2 OT Asset Management and Risk Assessment
7.3 Securing OT Systems
7.4 Securing the Ethernet IP Network Used by OT Systems
7.5 Remote Access
7.6 Intrusion Detection Systems (IDS)
7.7 OT Systems Checklist for IT Department/Onshore Office
Annex 1 – Regional Regulatory Guidance
Annex 2 – Checking for Windows Updates
Annex 3 – Creating User Accounts
Annex 4 – Checking for Segregated Networks
Annex 5 – How to Check that Anti-virus Software Updates are Applied
Annex 6 – NMEA 0183
Annex 7 – Example of a Cyber Security Familiarisation Checklist for New Crew Members
Annex 8 – Planning a Crew Training Session
Annex 9 – Further Resources
BIMCO is the world’s largest direct-membership organisation for shipowners, charterers, shipbrokers and agents. In total, around 60% of the world’s merchant fleet is a BIMCO member, measured by tonnage (weight of the unloaded ships).
The organisation has NGO status and is based in Copenhagen, Denmark, with offices in Athens, Singapore and Shanghai.
With around 1900 member companies across 120 countries, from the largest shipowners in the world to small local port agents and law firms, BIMCO represents a wide range of maritime companies and organisations.
BIMCO’s goal is to secure a level playing field for the global shipping industry. BIMCO therefore works to promote and secure global standards and regulations for the maritime sector. The organisation’s century long effort into creating standard contracts and clauses is an expression of that aim.
The International Chamber of Shipping (ICS) is the principal international trade association for the shipping industry, representing shipowners and operators in all sectors and trades.
ICS membership comprises national shipowners' associations in Asia, Europe and the Americas whose member shipping companies operate over 80% of the world's merchant tonnage.
Established in 1921, ICS is concerned with all technical, legal, employment affairs and policy issues that may affect international shipping.
ICS represents shipowners with the various intergovernmental regulatory bodies that impact on shipping, including the International Maritime Organization.
ICS also develops best practices and guidance, including a wide range of publications and free resources that are used by ship operators globally.
Witherbys titles are developed using scripts developed by technical experts that are peer reviewed within work groups. Typically, they seek to improve understanding of the regulations, recommendations and guidelines issued by Industry.
Witherbys staff have significant expertise in the fields of navigation and hazardous cargoes as well as in the presentation of complex subjects in a graphic and easy to understand manner.
- Number of Pages:
- Published Date:
- October 2020
- Binding Format:
- Book Height:
- 303 mm
- Book Width:
- 232 mm
- 1 kg
BIMCO, International Chamber of Shipping and Witherby Publishing Group.
- Publication Date:
- October 2020