As technology continues to develop, information technology (IT) and operational technology (OT) onboard ships are increasingly being networked together – and more frequently connected to the worldwide web. As a result USB port protection is required.
This brings the greater risk of unauthorized access or malicious attacks to ships’ systems and networks. Risks may also occur from personnel having access to the systems onboard, for example by introducing malware via removable media or by making errors entering data settings, etc.
Personnel should have onboard training in identifying the typical modus operandi of cyber-attacks.
Physical and removable media controls
Transferring data from uncontrolled systems to controlled systems represents a major risk of introducing malware. Removable media such as USB sticks, SD cards, etc. can be used to bypass layers of defenses and can be used to attack systems that are otherwise not connected to the internet. All personnel shall ensure that media devices are not normally used to transfer information between uncontrolled and controlled systems.
There are however situations where it is unavoidable to use such media devices, for example during software maintenance. In such cases checking of removable media for malware is a prerequisite.
In order to tackle the cyber-attacks, we must control access of removable media to vulnerable systems onboard.
Vulnerable onboard systems could include
- Cargo management systems
- Bridge systems
- Propulsion and machinery management and power control systems
- Administrative and crew welfare systems
- Communication systems
Ship Inspection Report (SIRE)
Besides, Shipboard Safety Management System, we also have regular inspections such as SIRE. A Ship Inspection Report (SIRE) Programme was established by OCIMF, which enabled voluntary participation and submitting companies to follow a uniform Vessel Inspection Procedure. And there comes Vessel Inspection Questionnaires (“VIQs”) contain a series of questions related to safety and pollution prevention applicable to the type of vessel that is inspected.
In Chapter 7 questions are related to Maritime Security and Cyber Security is also part of the VIQ.
As per VIQ 7.14 vessels must-have Cyber Security Policy and Procedures as part of the Safety Management System and a Cyber Response Plan. This procedure shall cover risk assessment issues such as mitigation measures controlling USB ports etc.
Also, the crew must be aware of the company policy on the control of physical access to all shipboard IT/OT systems. Access to USB ports on ‘Shipboard IT/OT’ terminals should be controlled, measures must be in place either to block or lock USB or RJ-45 ports on these terminals. Procedures should include the protection of critical equipment such as ECDIS from malware and virus attacks. Procedures should include the control of access to all shipboard IT/OT terminals including access to Servers that should be in a secure location. The procedures should also include access by any third-party contractors and technicians.
The company must have a policy or guidance on the use of personal devices onboard. Personal devices include phones/tablets etc and storage devices such as USB sticks. Check if the policy is implemented by both, crew, and visitors, e.g., all third-party contractors and technicians.
How to lock USB with GiliSoft software?
Install the software into the onboard designated working computers.
Enable password protection to access the software.
Check box “Disable Reading or Writing USB Disk”
Insert the desired USB stick into the USB port and press the “Add” button to whitelist the device.
Now the whitelisted device can be accessed.