Communications technology can “save the day” and often save lives, believes Mark Woodhead, executive vice president of mobile connectivity at the global; communications company KVH.
Speaking to ShipInsight last week (4 April), Mr Woodhead referred to piracy situations in which a ship’s crew have retreated to a protected onboard citadel from where they have been able to communicate with colleagues ashore. He learned of one example when he attended the ‘Crew Connect’ conference in Manila in November 2018 where, “unbeknown to me, one of our customers said that connectivity from the master during a boarding was pivotal in them being able to do something about it.”
In that case, he would have been using the ship’s normal satcomms equipment rather than a dedicated installation because, so far, “that’s not something we’ve been asked for,” Mr Woodhead said. But that could be arranged: “we can set up dedicated channels for anything and configure networks on board in any way the customer wants,” he said.
He later drew ShipInsight’s attention to some detailed advice issued by the Swedish Club in 2011 about the construction and use of citadels, which stresses the importance of communications from such spaces. “The Master must be able to communicate to the outside world that he and all of the vessel’s crew and personnel on board are safe,” the club’s notes say, recommending a two-way satellite communications system powered from an independent source on board.
A citadel certainly proved its worth in March 2018 when the 644TEU container ship MSC Maria was boarded by armed pirates off Nigeria. Its crew managed to secure themselves in the ship’s citadel and “the incident was resolved with all crew and the vessel safe,” MSC said in a statement in November that recounts some of the event’s details.
It was issued to coincide with the Manila conference, where the ship’s master, Maksym Cherniy, was named Seafarer of the Year for his handling of the situation.
Mr Woodhead had earlier spoken to invited guests in London where he had discussed cyber security risks, among other topics, and where ShipInsight had asked him what single thing KVH could do to improve cyber security on its customers’ ships.
His answer was simple: education. One of the member companies in the KVH group is the training provider Videotel which has produced a cyber security training module that KVH provides free of charge to all its satcomms customers. It has also made it publicly available online. Technological risks are generally well managed, he said, which in KVH’s case include regular third-party audits of the Intelsat network that it uses, so “the key cyber issues are around the human element,” he said. “It’s not a network [or an] over-the-satellite issue.”
Problems tend to stem, for example, from “people bringing on material that shouldn’t be on the vessel that is virus-infected,” and those people could be crew or visitors, such as contractors or inspectors. There are also cultural differences to address through that training, he said. As an illustration, he cited the differing attitudes around the world to downloading films and other copyright material that crew might bring on board. They need to be educated that “if you’ve downloaded it from somewhere that you should not have done, it is going to come with viruses and things embedded in it,” Mr Woodhead said.
There are technical features that help to reduce the risk. With VSAT communications providing higher-speed communications than in the past, shipping companies can keep their shipboard computer software updated as easily as they can in their shore offices, he suggested. In addition, KVH is unique in providing dual-channel services, with a high-speed channel that is usually used for ship operational activities and a slower ‘unlimited’ channel that is often dedicated to the crew network.
These networks are usually set up to be independent of each other so if an infected memory stick, for example, were connected to the crew network, it might have an impact on welfare services but would not affect the ship’s operation, he said. This is not a unique problem for the ships, he pointed out; office systems are also vulnerable and the same care needs to be taken both ashore and afloat.
Educating crew is also important to encourage a quick response in the event of a cyber threat. First, it must be reported, Mr Woodhead said, and part of the training it provides to customers makes that point while also stressing that the company should not blame the person who has reported the problem. But Mr Woodhead is optimistic that this message is getting across. “The shipping industry trains its seafarers very well and they do, in the main, follow guidelines,” he said.
What needs to change are wider industry attitudes. “In the aviation industry it’s standard [practice] that if you have an incident you report it [but] there is a tradition in the seafaring community not to report. We need to change that,” he said. He paid tribute to Maersk, which was hit by a big cyber attack in June 2017 and has been very open in discussing that attack and its consequences, but he acknowledged that smaller companies might fear a reputational backlash if they were to reveal they had been hit by a cyber attack.
Nonetheless, there are many forums in “where the industry meets behind closed doors and they should just share the information,” he said.