It is a bit of the poor relation of cybersecurity and yet cyber attacks do not spare companies in the maritime sector such as the container carrier CGA CGM or the sailboat manufacturer Beneteau.
Launched last November, the France Cyber Maritime association aims to bring together ports, ship owners and maritime transport companies with approved service providers and specialists in order to optimize protection.
With also the ambition to set up an alert and reaction center for computer attacks (CERT) specializing in threat anticipation and incident response in the event of alerts in the sector.
Interview on the issues with its technical and scientific director, the former Lieutenant-Commander Olivier Jacq.
After 20 years in the French Navy, Olivier Jacq has acquired expertise in maritime cybersecurity.
LP / DR
What are the cybersecurity risks for the maritime sector and what are the targets?
OLIVIER JACQ.
The sector is targeted by two types of threats.
One is quite generic and very current: it is ransomware that can also affect a player in the maritime and port world and its classic information system.
Several large shipowners have already been affected and the International Maritime Organization itself has been the target of a sophisticated cyber attack.
The second threat comes from the attackers who want to attack precisely this sector which represents 80% of the world traffic of goods.
A container ship can carry over a billion dollars in value and this can be of interest to cybercriminals who steal data or cripple automatic ship unloading systems.
The increase in incidents all over the world has prompted us to organize ourselves to fight against these new threats.
What is the problem with the IT protection of ships?
Morning essentials newsletter
A tour of the news to start the day
Subscribe to the newsletterAll newsletters
You don't secure a boat like you protect a data center.
The security products can be identical to those of the terrestrial one but with particularities in the networks and the structures.
A ship is built for decades and managing patches and software updates is complicated.
Windows or Linux systems are easy to patch.
It is more difficult for proprietary software with very specific protocols.
Even if you patch a boat, you have to protect the entire fleet, that is to say thousands of ships that have to be immobilized for several days with specialists who make sure that there is no decline in its capacities.
READ ALSO>
Cybersecurity: the massive hacking of e-mail boxes, a real "unpinned grenade"
The new generations of boats are more and more connected by wi-fi with the risk of increasing the attack surface ...
The number of potential targets increases every year.
There is a strong digitization of “smart” ships and ports and passenger ships also concentrate hundreds of attackable wi-fi points.
In order to save personnel costs, the gateways are also gradually being digitized, as is the control of the engines of these giants of the seas.
Paradoxically, this switch to all digital can make it possible to set up intrusion detection equipment or antivirus that did not exist before.
As boats are more and more connected to land via the Internet, providing remote maintenance becomes really realistic whereas 10 years ago, it was necessary to wait for the mid-life overhaul of a boat to possibly update its systems. .
What are the solutions to adopt or the instructions to follow to protect yourself?
It is not enough to deploy a firewall or a probe to secure a port.
We need a global vision and a global response through the training of specialists in maritime and port cybersecurity.
The first experts are being trained and research on naval cybersecurity is advancing to secure drones or autonomous ships and new generation ports in the future.
In addition, the computer attack alert and reaction center (CERT) will be set up by the end of the year as a trusted organization that ports or shipowners can call on to share their experiences and better coordinate. incident response alongside Anssi (National Information Systems Security Agency).
Finally, this will require realistic and specialized training in order to become aware of the problem and improve emergency procedures.
