Superyacht security - logging the log-ins
A system to monitor remote access developed for industrial applications is now being offered for superyachts…
As technology on yachts moves forward in leaps and bounds, so the necessity of maintaining control over who has access and for what reason becomes ever more paramount. Integrated bridges are now standard and audio-visual and communications systems are growing ever more complex. Alongside this the superyacht industry has witnessed the advent of remote access for diagnostics, firmware and software upgrades and other maintenance, both by equipment suppliers and independent subcontractors.
Given current developments, even highly skilled and trained ETOs and IT officers can quickly become overwhelmed at times. Today, shoreside support entailing remote log-in into the ship's most critical and vulnerable systems is standard procedure. Yet few yachts seem to devote much thought to security in such situations. Moreover, the possibility that unauthorised individuals or organisations will infiltrate home and office AV systems and misappropriate and remotely control tablets and smart TVs to record audio and video, using device integrated microphones and cameras to spy on people is, unfortunately, no longer fiction. It has become hard fact. Hacking into systems on board ships is a threat of which many are acutely aware of and against which all superyachts take (or should take) measures to protect themselves.
But how much attention do yachts pay to what the service technician does, when he logs on for routine maintenance as part of the service contract with the yacht? Superyacht owners are typically ultra high net worth individuals and are certainly of interest to just about any intelligence agency worldwide, not to mention a plethora of undesirable individuals. Is it not inconceivable that intelligence or criminal agents infiltrate the ranks of our best-known industry service providers. Just how thorough is the background check on individuals hired by these companies?
Finally, there is the issue of billing and the vast sums that are often charged for remote support sessions. “We have an ongoing issue on the yacht I currently command, as on my previous command, and that is that we have had a huge amount of remote support and they invoice at quite a substantial rate,” says captain Christoph Schaefer, who also acts as a consultant with Superyacht Global. “Obviously with the latency of the systems through VSAT, something that might normally take 15 minutes on a standard ADSL line can take hours on a yacht.“
The problem, of course, arises when the invoices for remote access arrive. “Sometimes it feels like technicians might be logging in to two or three boats at a time and waiting for each system to respond, as sometimes we get invoiced for five hours for something that should have taken ten minutes,” Schaefer continues. “We asked recently for a spreadsheet showing the breakdown of one of our providers with whom we have a Service Level Agreement (SLA). It was absolutely shocking the amount of time that they logged in and the amount of hours they claimed that they were online.”
The answer to all the concerns in fact already exists, and it is technology and software that was originally developed a decade ago for the industrial sector. The brainchild of Tillmann Basien, the VISOLUX system from Amitego was created both to monitor the activities of technicians with remote access to critical systems but also to counter the threat of industrial espionage. It is already used by major industrial players, particularly in Europe and Latin America. So how might this technology port across to the superyacht industry?
“I met Tillmann by chance earlier in the summer of 2017,” Schaefer explains, “and he started to talking about the system – I immediately jumped on it. I thought that if I had a system like this on board, a gateway where I could actually see what people who are logged in are doing, it would be the answer. And that’s what the system does – it records everything that’s happening and presents it to you as a movie, and you can set the framerate so that a three-hour session actually plays back in three minutes. You can see very clearly when there has been, for example, an hour when absolutely nothing is happening for whatever reason. So it gives the captain and the ETO a little bit more of an idea of what these guys are actually doing and achieving.”
Schaefer, through Superyacht Global, is working with Basien and Amitego to introduce a superyacht version of the system to our industry. Called VISOLUX-RACAM (Remote Access Control and Monitoring), the system is based on a ship-borne 19-inch rack-mounted LINUX server (physical or virtualised) connected to the internet. There is no shore-based hardware requirement. Offered at a base price of €12,500 plus travel and installation costs, the system allows for up to five remote access sessions to be recorded and monitored simultaneously. This can be extended for additional simultaneous access monitoring for additional cost.
The system’s reporting and control includes role-based log-in handling with two-factor authentication, video recording of users’ interactive sessions, access notification and reporting, and file transfer control. The benefits are clear. “Companies already using the system report that they are experiencing less downtime, less ‘trial and error’ from the technicians accessing their systems, and the people logging in remotely tend to be far more qualified because they know they are being held accountable for whatever is happening there,” comments Schaefer.
There are further benefits too. Schaefer cites an example that happened on his yacht right before the owner was due to come on board to start a cruise. With 24 hours to go before pick-up, as the yacht was heading towards Naples, all communications on the yacht suddenly dropped out. It was only after several hours – and several cell phone calls to the yacht’s SLA provider, that it was eventually discovered that a technician had logged in remotely and had changed something in the system which had inadvertently led to the comms shutdown. “If we had had video of the remote log-in session, as VISOLUX-RACAM would provide, we would very quickly have pinpointed the problem and probably half an hour later we would have been up and running again,” Schaefer says.
The ability to monitor who is doing what – whether from remote access or when technicians are onboard and accessing networks via the local networks, as well as being able to monitor what is actually being done in the time that the yacht is being charged for make VISOLUX-RACAM a very appealing solution.
For more about the VISOLUX system, visit Amitego’s homepage at amitego.com, or contact Superyacht Global for further information about the RACAM marine version of the system.
If you are a captain, engineer or other technical expert involved in systems or the operational aspects of superyachts, don't miss your chance to network with other field-leading experts and key superyacht industry influencers at The Superyacht Forum taking place between 13 and 16 November at Amsterdam RAI. Following a theme of A 10-year Blueprint for the Superyacht Market, the event will cover a variety of topics relevant to all sectors of the industry. For more information, click here.
Click here to become part of The Superyacht Group community, and join us in our mission to make this industry accessible to all, and prosperous for the long-term. We are offering access to the superyacht industry’s most comprehensive and longstanding archive of business-critical information, as well as a comprehensive, real-time superyacht fleet database, for just £10 per month, because we are One Industry with One Mission. Sign up here.