Maritime cyber security
-
Upload
george-pouraimis -
Category
Presentations & Public Speaking
-
view
260 -
download
0
Transcript of Maritime cyber security
![Page 1: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/1.jpg)
Cyber Security
in Maritime
Environment
George PouraimisCyber Security Analyst
2nd ICT Security World Conference
![Page 2: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/2.jpg)
Contents
1. Need for defense
2. Know your enemy
3. Cyber kill chain
4. How to defend2nd ICT Security World Conference
![Page 3: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/3.jpg)
Need for defense
2nd ICT Security World Conference
Cyber attacks in UK oil and gas industry cost about 400 million pounds ($672 million) / year
Awareness on cyber security in maritime sector is low to non-existent.
Data Source: www.reuters.com
![Page 4: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/4.jpg)
Need for defense
2nd ICT Security World Conference
In maritime industry attacks often remain in secret
Critical infrastructure & Cybersecurity (HORIZON 2020)
![Page 5: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/5.jpg)
Blue
Economy
90 %Europe’s external
trade is carried
out at sea
2nd ICT Security World ConferenceData Source: ec.europa.eu
![Page 6: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/6.jpg)
…some statistics
89%of breaches had a financial
or espionage motive
2nd ICT Security World ConferenceData Source: Symantec ISTR 2016Data Source: Verizon DBIR Report 2016
![Page 7: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/7.jpg)
…some statistics
50%of incidents related to
errors by admins
2nd ICT Security World ConferenceData Source: Symantec ISTR 2016Data Source: Verizon DBIR Report 2016
![Page 8: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/8.jpg)
…some statistics
23%of people open and
click on phishing emails
2nd ICT Security World ConferenceData Source: Symantec ISTR 2016Data Source: Verizon DBIR Report 2016
![Page 9: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/9.jpg)
Know your enemy
Activists and insiders
Criminals for ransom and espionage
Opportunists for financial gain
Terrorists for (geo)political reasons2nd ICT Security World Conference
![Page 10: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/10.jpg)
How hackers attack?
2nd ICT Security World Conference
Un-Targeted
1. Social engineering
2. Phishing
3. Water holing
4. Ransomware
5. Scanning
Targeted
1. Spear-phishing
2. Using botnets
3. Compromising supply chain
![Page 11: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/11.jpg)
Cyber Kill Chain
2nd ICT Security World Conference
Reconnaissance
Weaponization
DeliveryCompromise /
Exploit
C2
Exfiltration
Data Source: digital-forensics.sans.orgData Source: BIMCO
SurveyReconnaissance
Delivery Breach
Affect
![Page 12: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/12.jpg)
Case Study
2nd ICT Security World Conference
Phishing
Emaillink
Emailattachment
Malware Stealcredentials
Backdoor C2
![Page 13: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/13.jpg)
Cyber threats onboard
ships
2nd ICT Security World Conference
Communication systems (SATCOM, VOIP, WLAN)
Navigation systems (GPS, ECDIS, AIS, Radar)
Propulsion & power control systems
Access control systems (CCTV, BNWAS, SSAS)
![Page 14: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/14.jpg)
Cyber threats onboard
ships
2nd ICT Security World Conference
Cargo management systems (CCR)
Passenger servicing & management systems
Passenger and crew networks (WiFi, LAN)
Core infrastructure systems (Router, FW, VPN)
![Page 15: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/15.jpg)
How to defend?
Assess the risk 1. Risk assessment by internal IT admins
2. Risk assessment by specialists (Pen Testers)
Reduce the risk 1. Address cyber security vulnerabilities
2. Follow the procedures
2nd ICT Security World Conference
![Page 16: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/16.jpg)
Internal Risk
Assessment
1. Define technical audits and procedures
2. Identify systems that are vulnerable
3. Evaluate main operations that are vulnerable to
cyber attacks
4. Identify the impact of cyber incidents2nd ICT Security World Conference
![Page 17: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/17.jpg)
Vulnerability
Assessment
1. Scoping and Planning
2. Execution (Reconnaissance -> Mapping ->
Discovery -> Exploit )
3. Vulnerability review/reporting
4. Debriefing2nd ICT Security World Conference
![Page 18: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/18.jpg)
Manage procedures
TrainingOnboard ships (officers and staff)
Ashore (managers and personnel)
Security Awareness Emails, Internet use, Devices, Software, Passwords, non-company personnel, Reports, Maintenance
2nd ICT Security World Conference
![Page 19: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/19.jpg)
Incidence Response
2nd ICT Security World Conference
Identify incident
Limit damage
Prevent further damage
Isolate and
restore affected systems
Recover systems
Lessons Learned
![Page 20: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/20.jpg)
Maritime Cyber Security
Guides
IMO: Guidelines on the facilitation aspects of protecting the maritime transport network from cyber threats (2016)
BIMCO: Guidelines on Cyber Security onboard Ships (2016)
ENISA: Analysis of cyber security aspects in the maritime sector (2011)
2nd ICT Security World Conference
![Page 21: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/21.jpg)
Cyber Security Guides
ISO/IEC 27000-2016: Security techniques --Information security management systems NIST: Framework for Improving Critical Infrastructure Cybersecurity (2014)
Executive Order 13636: Improving Critical Infrastructure Cybersecurity (2013)
2nd ICT Security World Conference
![Page 22: Maritime cyber security](https://reader031.fdocuments.in/reader031/viewer/2022020213/587579701a28ab78498b5a8f/html5/thumbnails/22.jpg)
Thank you for your
attention
George PouraimisCyber Security Analyst
2nd ICT Security World Conference