Communications specialist Marlink’s strong commitment to providing dependable tools to defend against cyber-attack will be showcased at Nor-Shipping next week as the company reveals sophisticated new ‘IT Breach Policy’ monitoring for its CyberGuard Detection service. Designed to monitor internet and network usage that deviates from the IT policy set by the IT department, it will immediately raise an alert as soon as suspicious activity is detected. The module builds on the CyberGuard Detection service’s monitoring of all outbound and inbound network traffic through a combined automated and expert support approach.
Marlink has continued to advance its new CyberGuard portfolio during the first half of 2019 in close collaboration with its global customers, together representing 200 container vessels, tankers and bulkers, and more than 4,000 crew. The program helped Marlink to identify, share and evolve new customer-relevant innovations in the context of cyber-security. 24/7 monitoring generated diverse feedback and data, allowing Marlink to consider new use cases and risk scenarios, and evolve the service proposition with features such as the IT Breach Policy to provide an even more thorough protection of customers IT network and assets, and the introduction of a new dedicated notification system on alerts and incidents.
A key finding of the customer collaboration program is that crew are prone to unknowingly open backdoors on corporate devices, which may subsequently be used for cyber-attacks. For example, by using on board PCs to download content from untrusted sites, it is possible that malicious components may be installed acting as a Remote Access Tool (RAT) for cyber-attackers. While the human element has always contributed to cyber-risk, the direct feedback helped Marlink to build the new IT Breach Policy to mitigate the risk of crew members inadvertently enabling a successful incursion by hackers.
“Working with these customers has resulted in a very positive outcome, providing us with the information needed to develop a feature which is getting more and more sophisticated as it detects threats, which in turn can be resolved using the tools in the Marlink CyberGuard portfolio,” said Tore Morten Olsen, President Maritime, Marlink. “We thank the customers that supported us through this co-creation program which has allowed us to release such a powerful solution for hunting-down threats and abnormalities before they harm a ship’s operation, while also focusing on crew internet usage, which has been shown to be a primary contributor to successful cyber-attacks at sea.”
Cyber Detection was launched as part of the Marlink CyberGuard portfolio at SMM 2018 last September. The full operational Detection service is already used by a number of early adopter customers in support of their cyber security compliancy ahead of the IMO deadline of 1st January 2021, when ship owners and operators must include cyber risks into each vessel’s International Safety Management (ISM) Code.
The CyberGuard Detection service which involves no additional cost to customers identifies more than 50 different threat categories (including malicious applications, intrusion attempts, confirmed intrusions, abusive usage and social engineering). It provides customers with real-time actionable alerts and countermeasures via a dynamic and intuitive Cyber Dashboard while delivering easy to digest insight on the cyber risk level throughout their fleet.