Protect your vessel and your business from growing cyber security risk

 

The days when a vessel was an island of privacy are gone. Now, it’s a floating data platform, containing highly sensitive connections to the Internet, to confidential passenger and crew information, and to critical onboard systems. In short, a prime target for cyber attack at sea and in port.

One billionaire had more than $150,000 stolen when yacht hackers pilfered his bank account, according to The Guardian, while vessel owners have been blackmailed after private photos were stolen. Passport and identity data has also been leaked and navigation systems locked and held to ransom. These cyber attacks are increasing in frequency.

The International Maritime Organization (IMO) has ruled that from 2021, Cyber Risks must be properly addressed as part of the International Safety Management (ISM) Code. But legacy network architecture and off-the-shelf security software just won’t cut it - potentially resulting in non-compliance that could make vessels unsaleable and unfit for charter or hire.

The reality is that every vessel’s varying connections, data, systems, and crew / passenger behaviours create a shifting vulnerability profile that can only be fully revealed and remediated through detailed, bespoke design review, scanning, testing and monitoring.

This is exactly what Firesand delivers – at sea, in port, in dock.

Maritime cyber risk: how vessels get hacked

Here are just a few examples (among many) of cyber security weaknesses aboard a vessel that can be exploited by hackers but typically remain undetectable to cyber security software:

Internet-connected objects and services (including virtual concierges) and streaming data are all vulnerable, with Google Chromecast devices and smart TVs having been publicly shown to be hackable.

An office on the waves can hide some dangerous undercurrents. Video conferencing services on board vessels, for example, have been found to contain flaws that enable them to be compromised and turned into bugging devices.

Obsolete architecture : networking devices in vessels have repeatedly been found to be out of date and unsupported, and therefore unsecure – a consequence of many vessels’ ’IT ‘backbone’ (even in new models) being based on re-used and obsolete network architecture.

Human (mis)behaviours : from a crew member using an unsecured personal device to connect to a critical system, to a captain forgetting to apply an update to the Internet-connected satcom, 99% of cyber attacks target unsecure human behaviours – at sea as anywhere else.

How does Firesand keep your vessel secure?

At Firesand, our team of experienced security experts find, flag and remediate your vessel’s existing security issues. We work with you to ensure systems are designed and implemented securely from the very start, comprehensively protecting your networks, vessel and business against the risk of operational disruption - day-to-day and into the future.

Existing vessels

  • Penetration testing (including infrastructure and wifi) enables us to see your vessel like a hacker sees it, giving you peace of mind that we will expose and close security holes before an attacker can exploit them.
  • Managed Vulnerability Scanning ensures your chosen software and applications are secure, up to date, and not placing your vessel at risk
  • 24x7 cyber security monitoring automatically alerts us and you to possible internal and external threats to your network

New builds

  • Consultancy throughout the construction of IT infrastructure for new vessels delivers:
  • Design reviews, to ensure you have a cutting edge IT framework that is suitably secured for your specific needs
  • Compliance checking of built infrastructure, ensuring your vessel’s IT is fully compliant with all current regulatory requirements

Physical and asset security

At Firesand, security doesn’t stop at cyber – through our trusted partners, we also offer:

Security guards, trained and experienced in protecting maritime assets

Drone detection and drone defence

Unique wireless technology profiling on board your vessel, in order to:

  • Detect the theft of technology (e.g. smart TVs, receivers, servers, and general computer equipment)
  • Identify intruders and potential risks to the vessel

Why choose Firesand for your vessel’s security?

  • We’re there for you however and wherever it suits you best – Need us while you’re at sea? In port? In dock? We can be there at short notice and for the long haul.
  • You get decades of specialist cyber security experience in our teams, gained across many high-profile global clients.
  • 100% bespoke service  – We tailor every aspect of what we deliver to the specific system profile of your vessel, as well as to the special demands of a maritime IT environment.
  • You benefit from our unrivalled cyber security and data privacy qualifications, including CEH, SABSA, CCISO, CISSP, CIPP/E, and FIP (the latter one of only a handful in the UK).

Bespoke, expert cyber security solutions to keep your vessel and your business afloat.

 

Get in touch today to discuss your needs.

 

News

  • DPO

    Don’t want to pay £57.5k for a Data Protection Officer?  Here’s what to do.   Appointing a Data Protection Officer (DPO) to be responsible for managing an organisation’s day-to-day data compliance is a requirem ...
  • Windows 10 Faulty RegBackups - How Firesand can help.

    Are you one of the 800M Windows 10 Users who received a warning from Microsoft in regards to a prevailing and serious problem?
  • The Firesand difference

    Unlike a generalist IT company that delivers a patchwork of managed IT services with multiple security bolt-ons, Firesand creates a secure IT infrastructure within which all services are secured from the ground up.