USCG Issues Alert on Potential Cyber Vulnerabilities on Board Vessels

The United States Coast Guard (USCG) have issued Marine Safety Information Alert 06-19 warning of potential vulnerabilities on board vessels.

The publishing of this alert follows a recent cyber security incident that occurred on board a commercial vessel.

Findings of the investigation

It was found that the vessel’s network had been significantly impacted. Fortunately, essential vessel control systems had not been impacted.

The USCG stated that the vessel was operating without effective cybersecurity measures in place. This meant that critical control systems were vulnerable to exploitation.

The USCG noted that the ship’s network was capable of being used by the crew for personal business. Any malware that was inadvertently loaded onto the ships official network could then potentially cripple the vessels critical control systems.

USCG recommendations

The USCG urges the maritime community to recognise the potentially crippling cyber threat and implement cyber security measures designed to keep the vessel systems safe. They strongly recommend that vessel owners and operators take the following basic measures to improve their cyber security:

• Segment (separate) your networks
• Use “per-user” profiles and passwords
• Treat ALL external media (i.e. flash drives) with caution
• Install and keep up to date anti-virus software
• Keep your systems up to date

Guidance for each of the above security measures can be found in the fullMarine Safety Information Alert 06-19 can be found here.

Further guidance on cyber security can be found in North’s dedicated cyber security Insights area here.