Like every other digital industry, shipping is exposed to malware and multiple other cyber threats. However, the viruses that threaten to break the maritime supply chain and delay cargo delivery carry additional risks. Infected systems can compromise navigation or propulsion, threatening ship safety itself as well as the marine environment. With broadband internet connectivity available for vessels globally, and viruses such as NotPetya and Wannacry exposing the vulnerability of older, legacy systems often found on board ships worldwide, the industry is waking up to the scale of the cyber menace.
Human error can often be the leading cause of cybersecurity problems. No matter how strong the firewall, a system is only as secure as its least well-trained user. Without formal training, bad habits that include inserting potentially infected USB sticks can be hard to break. In the global shipping industry, ships often have no cyber threat management technology on board, and even the most highly skilled crews may have had little or no training specific to cybersecurity.
Shipping’s well-publicized journey towards digitalization and greater automation therefore demands an accompanying commitment to increase IT security and mitigate cyber risks through system robustness, but also through additional training and continuous awareness-raising.
In general, industries considered to be further advanced in that journey have recognized vendors, rather than third parties, as best placed to develop integrated security solutions risk mitigation, including monitoring, analysis and response. Given its role in electric systems covering ship power, propulsion, automation and control, for example, it is not surprising that ABB has a mature position on the in-depth security required for digital solutions.
The maturity of the group’s thinking on cybersecurity quickly became clear to me when I joined ABB Marine & Ports back in 2017. Here, I was able to put to good use the IT and cybersecurity experience I have gathered over the last 20 years, with the Italian Navy, then in an IT security consultancy, and most recently with Costa Crociere as Fleet IT Manager.
In my experience, no cybersecurity protection can claim 100% resilience. This is why cybersecurity is a process for risk mitigation, and not a product. It is not a destination but an evolving risk management strategy that needs to cover people, processes and technologies that face fast-changing threats.
At ABB, I am part of the Global Cyber Security Council for Service, a group drawing on expertise from across ABB. By sharing knowledge and information in a cross-industry group of global stakeholders, the Council ensures that our cyber skills and competencies are continuously refreshed.
To bring the shipping threat into focus, ABB has established a highly specialized and dedicated team at ABB Marine & Ports in Genova, Italy. The team of operational security specialists is behind ABB’s risk-based Cyber Security Services framework for maritime, and specifically for the connected ship. It represents a multi-faceted threat response strategy for individual owners that considers systems defenses (anti-virus software, analysis and monitoring), but also internal procedures and the need for thorough training programs.
In doing so, ABB takes as its starting point the IEC 62443 Standard, which provides a step-by-step guide to cybersecurity protection methods and techniques. Building on IEC, ABB has developed a consolidated cybersecurity framework, accepted by classification societies. This framework incorporates the roles played in cybersecurity by people, processes and technology.
Every cybersecurity service is defined by the lobal ABB Marine & Ports service team following ABB’s internal rules and the IEC 62443 standard. A typical ship visit, as part of a specific service contract, will include, at minimum, the following activities:
- Meeting with onboard personnel and ship superintendent
- Data collection and planning of the onboard service activities
- Onboard health check finalization, with hardware status and data collection
- Update of the antivirus system and a complete scan of the system with an antimalware tool
- Windows security patches update
- Automation system update with hot fixes, if necessary
- Network check
- Setting hardening
- Enabling logging to monitor the assets
- Final backup
Additional cyber-related onboard operations, risk assessment, consultancy and active monitoring are part of ABB’s service offering.
In line with ABB’s day-to-day role in supporting ship systems worldwide, requests for advanced maritime cybersecurity are expanding, in both IT and Operational Technology (OT). Our proactive initiative aims to protect our installed base through service contracts. However, we are also offering industrial IT consultancy on plant security, including system assessment, OT network monitoring and penetration tests, and risk mitigation plans according to IEC 62443.
Additionally, we are opening a laboratory in Genoa to test solutions and implement new applications that, together with targeted training offered in our Marine Academy, will complete our vessel protection support for customers.
With this approach, ABB brings clarity to ship and port cybersecurity with a holistic approach that can meet the real needs of customers, instead of a “one-size-fits-all” solution.
Author: Andrea Crosetti, Cybersecurity Solution Manager, ABB Marine & Ports