Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: http://uscgproceedings.epubxp.com/i/436751
34 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings Matthias Haas / iStock / Thinkstock between a ship and the port authority using a $100 off-the- shelf radio kit. 4 Recommendations and Guidelines As control systems have incorporated more computerized remote operations, there has been a corresponding dramatic increase in the number of cybersecurity incidents, and the focus of these attacks has shifted from regular IT infrastruc- ture to control systems. To address this issue, in June 2006, a Norwegian Oil and Gas Association workgroup published recommendations and guidelines for information security in industrial control and support systems and networks. The association then conducted inspections in spring 2007, which uncovered discrepancies in network segregation, Malware, or any other cyber attack, can occur on almost any system. For example, maritime control systems or naviga- tion technologies are not immune to cybersecurity threats. Holes in cybersecurity have reportedly resulted in incidents such as tilting an oil rig off the coast of Africa, or bringing control systems to a standstill during relocation of a rig, due to malware infections. 2 In July 2013, a team from the University of Texas at Austin successfully demonstrated GPS "spoofng" (sending false signals to a vessel navigation system) to change a vessel's direction. 3 Additionally, researchers from an anti-virus ven- dor demonstrated Automatic Identifcation System weak- nesses, as they were able to shut down communication Securing Your Control Systems Overcoming vulnerabilities. by MR. MaTe J. CsORBa, Ph.D. Principal Engineer Marine Cybernetics, Norway MR. niCOlai husTeli Chief Technology Offcer Marine Cybernetics, Norway MR. sTiG O. JOhnsen Senior Researcher SINTEF, Norway Information Systems On a sunny day in August 2005, the IT staff at a Norwegian oil and gas company noticed suspicious network traffic through a firewall. At the same time, several personal com- puters (PCs) began behaving strangely. Engineers quickly identified the cause of the suspicious behavior — a malware computer worm. The malware infected 157 hosts and affected 185 clients and servers. Investigators concluded that the malware infection, caused by a third-party PC connected to the internal net- work, could have consequences as far-reaching as a com- plete halt in offshore oil and gas production. Although it took a task force 50 hours to stabilize the network again, it was an incredibly lucky end to a cybersecurity incident, as there was no major impact. 1