Posted at 11:00h
in Our Blog
Can ransomware, virus’s and worms be used to hack ships? Are they specifically designed for that purpose?
(From a user on our Quora account)
Nowadays ships have local area networks and servers with special maritime software which are used to share documents, emails and various other data. There two ways for a virus to reach a ship.
The first way is via email, fortunately the satellite providers delivering the emails perform various scans, but there might be a loophole somewhere.
The second way is via the crew or even a surveyor, personal laptops and usb sticks with infections could be connected to the local network causing an infection within the network.
It is even possible for a ship owner to purchase a used vessel which already has infected computers. The ship can run on a tight schedule with minimum time in port, making it impossible for an IT engineer to visit and clean/check PCs.
Satellites have specific bandwidth and may provide an internet connection to a ship over a specific region (similar to the limitations of a mobile/cellular antenna) or a ship can be in a shipyard with interferences from metal structures blocking internet access.
It’s still too difficult and very expensive to remote access the computers on a vessel in order to update an antivirus or set policies.
Another major issue is communication in English with the crew as their language skills are to a basic standard.
As providers of services and software for maritime companies we had to come up with a different approach to solve the problem. We install antivirus software that can be off line updated using a CD.
We also prefer to setup Linux workstations that connect to a central location via RDP on a server, thus minimizing risks and making control and backup easier. Even removal of USB ports wherever possible or installing USB lock devices.
So far we’ve had many cases of infections that could be handled one way or another.
Fortunately no, there have not yet been specifically targeted ransomware cases for ships.
Shipping companies’ offices however are specifically targeted by ransomware and fake payment emails that seem to be from genuine sources such as a supplier. We had cases with clients being victims of cyber criminals pretending to be a vendor/suppler sending fake banking details and managing to get real money out of their accounting departments.
Cyber criminals are one step ahead of us IT engineers. It’s a $billion business per year. So they will find a way to get through.
Prevention is the best remedy. Keep your crew educated with written instructions or video presentations on how to protect themselves and the company.