Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: http://uscgproceedings.epubxp.com/i/528099
50 Proceedings Summer 2015 www.uscg.mil/proceedings real, more mundane criminal activity and insider threats are certainly far more common. Cyber threats are as ubiquitous as cyber vulnerabilities. Many of these insider threats are unintended, for example, when an employee responds to a phishing scam, or unknow- ingly uploads malware from a fash drive or other device. We might classify at least some of these cases as "cyber acci- dents" rather than attacks, since they are not directed at a specifc target, and are simply the result of poor cyber secu- rity practices. From a ship and port safety perspective, cyber accidents are as likely as attacks. Whatever their name, they have the potential to cause serious problems. The marine environment is harsh and unforgiving, and we must not allow cyber vulnerabilities to add to that risk. For example, GPS-assisted groundings have been known since the early days of that technology. 2 That said, collisions, groundings, and other casualties have all the same conse- quences, whether cyber related or otherwise. In some ways, however, cyber technology multiplies threats and allows for consequences on a scale that would have been quite unlikely before. From a threat perspective, cyber attacks are relentless, as they can be programmed to con- stantly probe a network, waiting for an opportunity to infl- trate a system. Additionally, sophisticated malware is much like the legitimate software we all use every day: It is dif- fcult to develop, but relatively cheap to obtain, simple to operate, and capable of continuous and countless functions. As retail and fnancial institutions have repeatedly learned, poor cyber security can and has allowed mil- lions of hackers to gain consumer credit card and personal information from a single cyber attack. In the maritime environment, GPS loss across a port area could easily place dozens of ships in danger, while simultaneously putting facil- ity gantry cranes out of action. The loss of ship and cargo scheduling systems could substan- tially slow cargo operations in ports, leading to backups across the transportation system. Cyber accidents or attacks on industrial con- trol systems could also injure workers, damage equipment, expose the public and the environ- ment to harmful pollutants, compromise secu- rity, and lead to extensive economic damage. Poor cyber security practices could allow hackers and criminals to access proprietary business infor- mation, or personal and fnancial information about crew and passengers, which is a particular concern for cruise ships. While nearly all cyber systems have some degree of manual alternative, the marine transportation system, like the rest of the modern economy, simply can't operate at the desired level of capacity without these systems. Good Marine Practice Saves the Ship Fortunately, prudent mariners can protect themselves through a combination of good marine practice and good cyber practice. First, crew members and facility workers should be familiar with basic cyber security practices, such as using strong passwords, not responding to phishing scams and other suspect sites, and restricting fash drive use. These are simple, non-technical practices that anyone can and everyone should practice. For more technical defenses, mariners and facility opera- tors need to cooperate with their company IT departments. Moreover, operators can identify the systems that are vital to safe operations, while IT personnel can ensure they are covered by the company's overall cyber security procedures, map any network connections, and provide advice to the operators on how to reduce risk. Operators and IT specialists can also work together to develop contingency plans to min- imize consequences. Think about a combination of manual backups for the actual operational process, data backups for the systems that might be affected, and procedures to Alex Skopje / iStock / Thinkstock Cyber attacks can constantly probe a network, waiting for an opportunity to infiltrate.