Cyber crime: 'It happens to superyachts'
During TSF, real examples of superyachts that had fallen victim to cyber attacks were discussed…
On the third day of The Superyacht Forum 2019, Eric Stride, chief technology officer at Atlas Cybersecurity, presented current and future cyber-security threats posed to superyachts. During the workshop, Stride spoke in depth about hacking and cyber-attacks, with the aim of giving the audience a better understanding on cyber security in the superyacht industry.
“There is often the mentality that small-to-medium businesses are not likely to be a target for a cyber attacker,” explained Stride. “But this size is actually very attractive to attackers, who primarily look for return on investment. Superyachts are high return on investment targets.”
Furthermore – Stride pointed out – a yacht is not and office and there are more challenges with cyber security on board. This means that the industry has to have solutions that are custom to the yachting environment in order to be affective. The rotation of crew, VSAT internet and a complex network of systems are just some of the factors that makes securing a yacht against cyber attacks unique.
Stride continued to explain that the primary attacker found in the superyacht industry has a financial motive. He presented the audience with a real example of an owner that lost $11 million in a cyber attack: the hacker used a phishing email to get into the network, carried out communication surveillance and then gained access to negotiation talks between the owner and a broker. When a price was agreed, the hacker sent a confirmation email asking for the money to be paid into a different bank account.
Similar anecdotes emerged from the audience: one captain lost €100,000 on what he thought was a fuel payment. The invoice had looked legitimate but he hadn’t realised that the domain name of the email it was sent from was slightly different. With captains and crew often receiving many different invoices a day from different companies, it is an easy mistake to make.
So, what can be done? “Technology alone will not defeat attackers, so any technology company that promises to stop 100 per cent of attacks is lying,” cautioned Stride. “You have to have the combination of people, process and technology.”
The IMO Maritime Cyber Security Guidelines and the requirement for vessels to include cyber risk management in their Ship Security Plans by 1 January, 2021 will bring about some improvement. Stride also recommended the industry refer to BIMCO’s cyber security guidance, which specify a four-step process ships should implement.
From the audience, WinterHaven’s Joseph Adir added; “On a practical note, it is very simple to separate the operations network from the crew and guest network so that operations aren’t affected if an attack does occur. Network separation is one quite simple way that superyachts can upgrade their cyber security without spending lots of money.”
A number of conclusions were drawn from the workshop as to what the industry should be doing in order to better protect itself against cyber attacks:
· Education crew about the basics of cyber security, including how to identify phishing emails;
· Refer to the IMO Maritime Cyber Security Guidelines and other relevant guidance;
· Consider network separation as a simple way to improve cyber security;
· Implement incident reporting system for cyber attacks within the industry for better education and information sharing purposes.
Click here to become part of The Superyacht Group community, and join us in our mission to make this industry accessible to all, and prosperous for the long-term. We are offering access to the superyacht industry’s most comprehensive and longstanding archive of business-critical information, as well as a comprehensive, real-time superyacht fleet database, for just £10 per month, because we are One Industry with One Mission. Sign up here.