Communications

Basic protection against cyberattack


Malcolm Latarche
Malcolm Latarche
ShipInsight

10 July 2019

Basic protection against cyberattack

In addition to all of the advice issued by shipping bodies there is a much wider choice of general advice available from other industries and governments around the globe. All of these documents can be studied to gain an understanding of the issues involved, but in many cases much of the advice requires an in-depth knowledge of IT and is sometimes on a level that is too technical for non-experts in the field to understand. The advice suggests systems that can be put in place to guard against cyberattack and areas that need to be identified for further examination. Security measures such as protecting systems with passwords and other means and also limiting access to essential systems to approved personnel only.

Protective systems such as passwords and limited access work in theory but require dedication if they are to continue to remain effective. Passwords are often revealed unintentionally and even shared against company policy if work circumstances are eased by doing so – especially at sea where time pressures and illness make ad hoc arrangements necessary. Then too there is the issue of staff leaving organisations and passwords not being changed immediately so that person can continue to have access. Issues such as that are worsened when password access to elements of a network is also granted to customers and clients. Segregated networks can assist to some degree, but not when media is moved between workstations on different segregated nodes.

Although many consider that the cloud offers security against data loss due to computer failure or theft, this is only true to a certain extent. Cloud storage is often duplicated on different servers to ensure accessibility and survivability of data in case of system failure. What it cannot protect against is the survival of the company providing the service. In the event of a bankruptcy it is likely that equipment will be seized and disposed of in order to raise funds to settle debts. In such circumstances, essential and irreplaceable data could easily be lost. It is possible for the owner of the data to establish their own personal cloud which would overcome this problem but it is the convenience of not having to purchase equipment, maintain facilities and employ IT staff that makes cloud services attractive.

One of the least recognised sources of cyberattack is in seemingly innocuous items such as printers. Until recently a printer was an unsophisticated piece of equipment that did not have the capability to be compromised. However, modern versions have firmware which can be updated automatically if the equipment is connected to an internet enabled network. Quite often the factory default setting is for the device to communicate with the manufacturer

immediately it is installed and at regular times thereafter. There have been known cases of the firmware updating communications having been maliciously altered to cause problems for the network the device is connected to. A less sophisticated device or else switching off the updating software may be a sensible precaution.