Inmarsat has issued a guide for shipowners and managers focusing on robust onboard IT networks.
The guidance focuses on assembling systems that are minimally vulnerable to cyber attack. Inmarsat recommends that software systems be rugged enough to be able to last three to five years at sea without having to be updated by IT staff.
This is key, the group said, in maintaining a system that is robust and easy to maintain long term. Remote access to a vessel for troubleshooting can take place, although it is advisable to connect through a virtual private network (VPN) to frustrate potential cyber attackers.
Inmarsat also advises annual cyber-attack drills to cement crew preparedness in the event of such an incident. A response plan to cyber attacks should comprise quarantining systems from one another; keeping corporate IT departments abreast of the newest developments, including secure communication channels; and shutting down and recovering critical systems remotely. However, there should also be a capability for recovering these systems locally if shore contact becomes available.
Anonymous reports suggest that cyber attacks on shipping, while generally identical to those that occur on land, are more prevalent than is generally reported, with companies preferring to deal with the attacks internally rather than suffer reputational damage. Cyber experts call this tendency unhelpful, indicating that a lack of information is hampering a robust response to cyber attacks in the shipping segment.