New tool promises proactive protection from cyber attacks
A new tool developed by Norway-based Dualog has taken shipboard cyber security to a higher level by launching a new service that promises to totally protect vessels and their onboard IT systems even before an attack occurs.
Dualog Protect is being described as the first line of defence in a robust approach to cyber security onboard ship, where malware and unwanted data traffic is blocked at the DNS-level. By setting up this extra layer of defence, owners and managers can drastically reduce the risk of malware attacks on their ships. An important factor considering the findings of a Cisco Security Research paper which claims that 91.3 % of malware uses DNS in attacks.
Dualog Protect blocks ransom-ware, trojans and phishing attempts as well as preventing ‘command-and-control call-backs’ and data exfiltration. By operating at the DNS-level, the service protects all computers and devices attached to all onboard networks. It is an easy-to-implement system that addresses the emerging needs of the shipping industry to implement robust cybersecurity measures, given the advent of always-on operations, digitalisation, Internet of Things (IoT) and new connectivity demands from the maritime workforce.
As the number of onboard systems requiring online connectivity is increasing, Dualog Protect provides the level of protection needed to provide connectivity across a fleet without compromising security. Dualog places a lot of importance on the effectiveness of its systems, guaranteeing service uptime of 99.5% backed up by a 24/7 operational support team.
Its servers handled a total of 180 Terabytes (180,000,000 MB) of data during the fourth quarter of 2018 and a total of 28,119,029 emails were scanned for viruses and other threats. A total of 13,386,302 emails were rejected because there were identified as part of large-scale spam attacks while 149,104 were phishing emails with links to unsecure websites. A total of 142,917 viruses or malware were detected and stopped.
According to Geir-Inge Jensen, Operations Manager at Dualog, the advent of always-on satellite connections has exposed shipping to viruses, malware and hacking attacks.
“Vessel owners and operators need to address these issues quickly to avoid being an easy target. Effective incident management policies and processes improve resilience and reduce impact in case of an incident. Dualog can help mitigate these risks and help shipping companies ensure the benefits of digitalisation and increased connectivity are not lost,” he said.
Walter Hannemann, Product Manager at Dualog, added, “The Dualog Platform, with email, file transfer and internet services, is built to adhere to the highest standards of cyber resilience and security. State-of-the-art and redundant security services are incorporated into the core of the products, making sure that uptime is maximised.”
He added: “With Dualog Protect we now offer an even more comprehensive filtering mechanism that will allow for company-wide policies and a simpler way of handling the blocking of malicious and unwanted traffic. Besides much improved cyber security, it is also possible to filter traffic for domains and services per company policies, by allowing or blocking specific domains or URLs. This works on all protocols, websites and apps, without breaking data encryption.”