������Ƶ

Commercial and naval vessels alike have become a strategic target of choice for cyberattackers. To protect them against the sophisticated threats they face today, Thales recommends a system-level approach and built-in end-to-end security.
 

Strategic targets

The huge container ships that sail the world’s oceans have become the very symbol of globalisation, transporting vast quantities of goods every day. At the same time, cruise ships have become an important part of the tourist industry, with increasing numbers of ocean liners plying the seven seas like floating cities with room for thousands of passengers.

Naval forces are a key component of many nations' defensive capabilities in the event of a conflict, but they also perform a broad range of missions in peacetime, including law enforcement, maritime surveillance, search and rescue, interdiction of illegal trafficking and piracy, pollution mitigation and hydrographic surveys.

All of these vessels are a strategic target for attackers, who are becoming increasingly capable and resourceful. Vessels rely on a whole host of embedded computer systems, from automated management of shipboard installations, maintenance and logistics to GPS navigation, AIS (Automatic Identification Systems), combat systems and telecommunications. Although they have been protected from intrusion for many years, these systems are nonetheless a potential entry point for attackers, who use ever more sophisticated methods to circumvent the security measures in place.

The problem is further compounded by new threats directed at industrial command-and-control systems. These could also affect a vessel's propulsion and ancillary systems, which are increasingly interconnected with other systems.
At a lower level, negligence and a lack of awareness by maintenance teams working on key equipment, for example, and social engineering to gain access to critical resources, represent an insider threat that must not overlooked.

Complex and evolving threats

Vessels are vulnerable on many fronts to these global, complex and fast-evolving threats. An attacker could immobilise a ship by targeting its propulsion system, for example, conduct a conventional espionage operation or, more critically, alter key data, such as fire control coordinates, with disastrous consequences.

Any technology with embedded software is a potential target.

To be effective, cyberprotection must be tailored to the specific configuration of each vessel. It should be based on an exhaustive system-level analysis of vulnerabilities or ‘weak links’, including operational processes, connections with quayside infrastructure and management of everything from subcontractors to navigation systems.

Any technology with embedded software is a potential target. While software-driven technologies are statistically the most exposed to risk, the technologies used in shipboard automation and control systems have also been the target of attacks in recent years. At the same time, the growing operational use of mobile technologies such as smartphones, tablets, Wi-Fi and connected objects, combined with the development of remote maintenance, further increases the risk to key systems.

The array of threats continues to grow and evolve. Three forms of attack are particularly prevalent today. Ransomware typically installs itself on a target computer, encrypts data and demands a ransom for its release. APT attacks (Advanced Persistent Threats) use a set of continuous hacking processes to target one or more computers within the architecture. Because they are stealthy and circumvent conventional security measures, they are extremely hard to prevent. Meanwhile, denial-of-service (DoS) attacks attempt to make services unavailable to users by flooding the target system with superfluous requests.

Comprehensive protection

Thales advocates a multi-level response to these issues and threats:

• A detailed understanding of requirements and operational environments to ensure developments are secured from end to end, from the earliest design phase
• Implementation of control, audit and traceability mechanisms
• Choice of software components and solutions informed by security as well as other factors

In addition, security must be taken into account throughout the entire lifecycle of the vessel. It can never be taken for granted and must be permanently maintained. Lastly, in a constantly evolving threat environment, it is vital to monitor and supervise shipboard systems during operations in order to detect attacks quickly and minimise their impact.

By building security into every solution from the earliest design phase, the Cybersecured by Thales development approach addresses the full spectrum of cybersecurity challenges. It is based on trusted products designed to protect not only classified and strategic military information but also the much broader category of sensitive-but-unclassified data.

As part of this comprehensive approach to system security, Thales offers a wide range of security products tailored to these two categories of information and designed to protect data in the cloud, on networks and tactical radio systems, and to support secure mobility and telephony services. The company also develops gateways to meet the need for secure interconnections between different operators and different levels of trust and responsibility.

To help customers keep pace with the evolving threat environment, Thales provides ongoing security maintenance services that combine round-the-clock monitoring with clearly defined processes for remediating critical vulnerabilities in systems that are identified as easily accessible or that could cause significant disruption to operations.

Learn more:

• Managed security services: managing an active cyberdefence
• Mobile security
• Secure networks
• Military information security