Maritime-Information-Systems - Tag - Maritimeinfosec.orghttps://maritimeinfosec.org/tags/maritime-information-systems/Maritime-Information-Systems - Tag - Maritimeinfosec.orgHugo -- gohugo.ioen-USCopyright Maritimeinfosec.org 2018-2026Fri, 12 Jun 2020 12:13:12 +0000The future of maritime information systemshttps://maritimeinfosec.org/future-of-maritime-information-systems/Fri, 12 Jun 2020 12:13:12 +0000Olivier JACQhttps://maritimeinfosec.org/future-of-maritime-information-systems/<p>By now, after reading the various articles on this site, you have probably understood that maritime information systems contain vulnerabilities. The real challenge is that the future of maritime information systems is being built while many of these vulnerabilities remain unresolved. It is a bit like adding extra floors to a house while the concrete of the ground floor has not yet fully set. In short, it is risky. Ships being built today are still insufficiently secured, yet they are designed to remain in service until around 2060.</p>Major risk scenarios affecting maritime information systemshttps://maritimeinfosec.org/major-risk-scenarios-affecting-maritime-information-systems/Mon, 28 Oct 2019 21:37:33 +0000Olivier JACQhttps://maritimeinfosec.org/major-risk-scenarios-affecting-maritime-information-systems/Even a brief and high-level risk analysis makes it possible to identify several major risk scenarios that could affect the maritime sector. The list below is not exhaustive, but it provides an overview of some of the most relevant concerns.

For vessels, these scenarios may include:

  • attempts to spoof or jam positioning or communication systems, either directly targeting the vessel or affecting its surrounding environment
  • malfunctions or loss of availability of ECDIS navigation systems, even though these systems are often deployed with redundancy
  • the transmission of false safety information to vessels (GMDSS alerts, AIS data, weather information, etc.)
  • intrusions targeting onboard industrial control systems, including propulsion, navigation, or cargo management systems
  • the remote takeover of a vessel or part of its systems
  • the partial or complete encryption of onboard information systems through ransomware attacks

Ports are also exposed to similar risks, including:

]]>Release of the 3rd edition of the cybersecurity best practices guide for the maritime industryhttps://maritimeinfosec.org/release-of-the-3rd-edition-of-the-cybersecurity-best-practices-guide-for-the-maritime-industry/Fri, 14 Dec 2018 10:30:26 +0000Olivier JACQhttps://maritimeinfosec.org/release-of-the-3rd-edition-of-the-cybersecurity-best-practices-guide-for-the-maritime-industry/There are many recommendation guides for implementing cybersecurity measures in the maritime sector. Perhaps too many, and of uneven quality, which can sometimes make things difficult to navigate (put yourself in the shoes of the seafarer or the shipowner who must understand and apply them).

Among these guides, one nevertheless stands out as a reference, both because of the number of associations and major industry stakeholders involved in its development (21 in total) and because it addresses the maritime world in its own terms, adapting cyber threats to the specific characteristics of this sector. This guide, “The Guidelines on Cyber Security Onboard Ships,” has just been released in its third edition.

]]>