MARITIME CYBERSECURITY

Managing safety globally throughout the fleet

Aeromarine has reached an agreement with the company S2-Grupo, specialized in cybersecurity products and services, to offer turnkey solutions for the naval and maritime sectors, adapting them to each customer needs

Aeromarine has reached an agreement with the company S2-Grupo, specialized in cybersecurity products and services, to offer turnkey solutions for the naval and maritime sectors, adapting them to each customer needs

a specific solution for every need

The ships that are currently operating do not have protection systems that reduce the risks of cyber-attacks. We offer the services, hardware and software necessary to implement cyber-resilience on board, starting from the stage each customer needs.

IMPLEMENTATION STAGES
  • Assets´Inventory
  • Risk and Vulnerability Analysis
  • Definition and implementation of cybersecurity frameworks: policies, procedures and technical controls
  • Development of Asset Use Guidelines
  • Integration of the Cibersecurity Plan with the ISM
  • Specialized training and awareness for the crew and the rest of the organization's personnel
  • Analysis of the existing Cybersecurity Plan
  • Onboard Assets Inspection
  • Architecture and communications analysis
  • Evaluation of the controls deployed effectiveness
  • Penetration Test
  • Prioritized action plans (short, medium and long term)
  • Installation, deployment and operation of cybersecurity monitoring hardware and software at the ship:
    • Sensors / Connectors (Argos)
    • Alert Correlation Engine (Tritón)
    • ATP analysis (Carmen)
  • installation of cybersecurity monitoring software at the office:
    • Management Module (Emas)
    • Dashboards (Hera)
  • S2 Grupo SOC Monitoring
    • Management Module (Emas)
    • Dashboards (Hera)
IMPLEMENTATION STAGES
  • Assets´Inventory
  • Risk and Vulnerability Analysis
  • Definition and implementation of cybersecurity frameworks: policies, procedures and technical controls
  • Development of Asset Use Guidelines
  • Integration of the Cibersecurity Plan with the ISM
  • Specialized training and awareness for the crew and the rest of the organization's personnel
  • Analysis of the existing Cybersecurity Plan
  • Onboard Assets Inspection
  • Architecture and communications analysis
  • Evaluation of the controls deployed effectiveness
  • Penetration Test
  • Prioritized action plans (short, medium and long term)
  • Installation, deployment and operation of cybersecurity monitoring hardware and software at the ship:
    • Sensors / Connectors (Argos)
    • Alert Correlation Engine (Tritón)
    • ATP analysis (Carmen)
  • installation of cybersecurity monitoring software at the office:
    • Management Module (Emas)
    • Dashboards (Hera)
  • S2 Grupo SOC Monitoring
    • Management Module (Emas)
    • Dashboards (Hera)

Is it enough to comply with IMO regulations?

IMO has published the resolution MSC.428(98), which obliges shipping companies to establish a cybersecurity plan as part of the ship's ISM, auditable in the first ship inspection from January 2021.

To develop a cybersecurity plan, it is necessary to undertake a series of steps to ensure that: the responsibilities for information security at all levels are identified, all ship's IT / OT assets are analyzed, the associated risks and vulnerabilities are studied, the procedures and controls are created and implemented, the good practice guides are generated and distributed, and the entire crew is trained.

To simplify the cybersecurity plan implementation, an information security standard , as ISO/IEC 27001, or a good practice guide, as BIMCO, could be used.

However, the creation of the cybersecurity plan does not imply that our ship is resilient to cyber attacks. To increase the security of the information, it is necessary to carry out intrusion tests, install hardware and software that allows to receive alerts and constantly monitor the ship to anticipate possible attacks.

IMO has published the resolution MSC.428(98), which obliges shipping companies to establish a cybersecurity plan as part of the ship's ISM, auditable in the first ship inspection from January 2021.

To develop a cybersecurity plan, it is necessary to undertake a series of steps to ensure that: the responsibilities for information security at all levels are identified, all ship's IT / OT assets are analyzed, the associated risks and vulnerabilities are studied, the procedures and controls are created and implemented, the good practice guides are generated and distributed, and the entire crew is trained.

To simplify the cybersecurity plan implementation, an information security standard , as ISO/IEC 27001, or a good practice guide, as BIMCO, could be used.

However, the creation of the cybersecurity plan does not imply that our ship is resilient to cyber attacks. To increase the security of the information, it is necessary to carry out intrusion tests, install hardware and software that allows to receive alerts and constantly monitor the ship to anticipate possible attacks.

Nature of cyberattacks

What is a cyber attack?

A cyber attack is a set of offensive actions against IT / OT systems to: damage, alter or destroy information, alter or stop its operation, destroy companies / institutions or Steal / hijack information.

Cyber Attack Types

Not targeted: Our company is not the target, it indiscriminately attacks systems, companies or individuals (phishing campaigns, botnets, ransomware ...)

Targeted: The attack is designed and directed specifically against our company (spear-phishing attacks, CEO fraud, Human Operated Ransomware, APT campaigns ...)

Origin of Cyberattacks

80% of cyberattacks  are originated inside the company  due to: Ignorance, Errors, Lack of Professionalism or Discontent of Employees

20% of cyberattacks are external

What is a cyber attack?

A cyber attack is a set of offensive actions against IT / OT systems to: damage, alter or destroy information, alter or stop its operation, destroy companies / institutions or Steal / hijack information.

Cyber Attack Types

Non-Targeted: The company is one of many potential targets (Malware, Social Engineering, Phishing, Scanning…)

Targeted: The attack is aimed at our company (brute force, denial of access to users….)

Origin of Cyberattacks

80% of cyberattacks  are originated inside the company  due to: Ignorance, Errors, Lack of Professionalism or Discontent of Employees

20% of cyberattacks are external

Who is attacking us and why

MOTIVATION

Damaging the image of the company, its products, brands, managers or commercial operations.

 

OBJECTIVE

  • Destruction / modification of data
  • Publication of sensitive data
  • Media attention
  • Denial of access to a system or service

 

MOTIVATION

Damaging the image of the company, its products, brands, managers or commercial operations.

 

OBJECTIVE

  • Destruction / modification of data
  • Publication of sensitive data
  • Media attention
  • Denial of access to a system or service

 

Cybersecurity help information

OMI MSC FAL 1-Circular 3

Resolución OMI MSC.428(98)

Cyber Security Onboard Ships

Protocolo 1.0 del NIST

ISO/IEC 27001