Количество
и сумма товаров
в корзине

Каталог изданий

 

Cyber Security Workbook for On Board Ship Use, 3rd Edition, 2022
Cyber Security Workbook for On Board Ship Use, 3rd Edition, 2022
Cyber Security Workbook for On Board Ship Use, 3rd Edition, 2022
Рабочая книга по кибербезопасности для использования на борту судна, 3-е изд., 2022.
This publication has been produced by BIMCO,
ICS (International Chamber of Shipping) and
Witherby Publishing Group.

Цена, руб.: 30500
 –  + 
в наличии

 

Год издания: 2022 eng
Издатель: BIMCO, ICS, Witherby Publishing Group

This is a practical and easy to understand guide to support the Master and the ship’s crew with cyber security risk management. It provides detailed guidance on all aspects of cyber security protection, defence and response (including new sections on remote access, intrusion detection systems and engine department considerations). It also includes comprehensive checklists to assist with the practical, day-to-day management of onboard cyber security.

'Cyber Security Workbook for On Board Ship Use' is referenced in ISGOTT Sixth Edition as a source of practical guidance for Masters and ship’s crew (ref: ISGOTT 6, section 6.4, para.3).

In recent years, the shipping industry has undergone a digital revolution: internet connectivity on board has become common and ship’s systems are increasingly digitised and integrated. With this growing level of connection, comes greater risk. Ships are now a common target for hackers and it has become crucial that the entire crew has an understanding of how and when cyber attacks can occur.

Using detailed, step by step checklists, Cyber Security Workbook for On Board Ship Use provides a ship’s Security Officer with the practical skills to identify cyber risks and to protect vulnerable onboard systems. It also gives guidance on how best to detect, respond and recover in the event of a cyber attack.

This workbook will help to ensure that cyber risks are appropriately addressed in the onboard SMS (as required by IMO Resolution MSC.428(98)). It will also benefit shipowners, ship managers, ports and their IT departments.

This publication has been produced by BIMCO, ICS (International Chamber of Shipping) and Witherby Publishing Group.

CONTENTS LISTING

List of Checklists provided within this Workbook vii

Abbreviations/Definitions ix

Section 1 – Introduction 1
1.1 Cyber Security Risk Management – IMO Requirements and Guidelines 1
1.1.1 Supporting Regulatory Guidelines 1
1.2 Cyber Outlook for Shipping 1
1.3 Purpose of this Workbook 2
1.4 Checklists 2

Part I – Onboard Practical Considerations 3

Section 2 – Identifying Risks 5
2.1 Vulnerable Ship Systems 5
2.2 What is a Cyber Attack? 7
2.2.1 Attacker Profiles 7
2.2.2 Types of Cyber Attack 8

Section 3 – Protection, Prevention and Training 13
3.1 Prevention of Malware Attacks 13
3.2 Software Updates 14
3.3 Endpoint Protection 15
3.3.1 Anti-virus 15
3.4 Passwords 16
3.4.1 Creating Passwords 16
3.4.2 Managing Passwords 16
3.4.3 User names 19
3.5 Cyber Security and the SMS 20
3.5.1 Cyber Security and the Ship Security Plan (SSP) 20
3.6 Crew Considerations and Training 21
3.6.1 Key Aspects of Crew Training 21
3.6.2 Unintentional Cyber Breaches by the Crew 22
3.6.3 Evaluating crew 22
3.6.4 Training for Non-Crew Members 23
3.6.5 Designing a Training Programme 23
3.6.6 Cyber Security Drills 24
3.6.7 Cyber Security Familiarisation 26
3.6.8 Example of a Cyber Security Familiarisation Checklist for New Crew Members 27
3.6.9 Social Media 28
3.6.10 Travelling in Cyber Safe Mode 29
3.6.11 Crew Training Cyber Security Checklist 30
3.7 Ship Inspections and Port State Control 32
3.7.1 Port State Control Inspections 32

Section 4 – Detect, Respond and Recover: General Principles 33
4.1 Detecting a Cyber Incident 33
4.2 Detecting a Cyber Incident Checklist 35
4.3 Incident Response 36
4.3.1 Third Party Support 37
4.3.2 Cyber Recovery Plan 38
4.3.3 Backups 39
4.4 Responding to a Cyber Incident On Board Checklist 40

Section 5 – Detect, Respond and Recover: Ship’s Business Systems 41
5.1 Onboard Business Computers 41
5.1.1 USB Ports and Drives 41
5.1.2 USB Port Blockers 41
5.1.3 USB Cleaning Stations 42
5.1.4 Personal Devices and USB Ports 43
5.1.5 Onboard Business Computer Checklist 45
5.2 Network Segregation On Board 47
5.2.1 Existing/Simple Networks 47
5.2.2 Segregated Networks 47
5.2.3 Achieving a Segregated Network 47
5.2.4 Maintaining a Segregated Network 48
5.2.5 Benefits of Network Segregation 48
5.2.6 Vulnerable Systems On Board 48
5.3 Network Segregation Checklist 49
5.4 Wireless Networks 50
5.4.1 Business WiFi 50
5.4.2 Crew WiFi 50
5.4.3 Guest Access 51
5.4.4 WiFi Network Security 51
5.4.5 Virtual Private Network (VPN) 51
5.4.6 Networks (Wireless and Wired) 52
5.5 Satellite Communications Equipment 53
5.5.1 Satcom Passwords 53
5.5.2 Admin Password Security 53
5.5.3 Confirming that the Satcom System is Not Available from the Public Internet 53
5.5.4 Is the Software Running on the Satcom System Kept Up to Date? 54
5.5.5 Applying Updates to Satellite Terminals 54
5.5.6 Physical Security of the Satellite Terminal 55
5.5.7 Software Security of the Satellite System 55
5.5.8 Satellite Communications Checklist 57
5.6 Mobile (Cellular) Data Connections 58
5.7 Connecting to Shore WiFi in Port 59
5.7.1 Crew Connecting to WiFi Ashore 59
5.7.2 Shore WiFi in Port/Shore Cellular Data Checklist 60

Section 6 – Detect, Respond and Recover: OT Systems 61
6.1 Understanding OT Systems 61
6.2 Engine Department Considerations 63
6.3 OT Systems Checklist for Crew 65
6.4 ECDIS Security 66
6.4.1 Updates 66
6.4.2 Physical Security 66
6.4.3 ECDIS Recovery 67
6.4.4 Recognising Genuine NAVTEX Messages 67
6.4.5 ECDIS Cyber Security Checklist 68
6.5 GNSS Security 69
6.5.1 GNSS Input Data 69
6.6 Cyber Security Checks on the Navigation Bridge during Watchkeeping 70

Part II – IT Department and Shoreside Management 71

Section 7 – Key Considerations 73
7.1 Cooperation between the office IT department and the technical department 73
7.1.1 New build or retrofit project 73
7.1.2 Securing the supply-chain 73
7.1.3 Cyber-security Working Group 75
7.2 Cooperation between the office and the ship crew 77
7.2.1 Maritime Cyber Security Management 77
7.2.2 Cyber Security and the Safety Management System (SMS) 78
7.2.3 Cyber Security and the Ship Security Plan (SSP) 81
7.2.4 Onboard resources according to the ship types 82
7.3 Ship’s Network Architecture 83
7.3.1 IDMZ 83
7.3.2 Data Diodes (unidirectional gateways) 87

Section 8 – OT Systems Management 89
8.1 OT Asset Management and Risk Assessment 89
8.1.1 Asset Management 89
8.1.2 Asset Risk Assessment 90
8.1.3 Asset Management and Risk Assessment Checklist 93
8.2 Securing OT Systems 94
8.3 Securing the Ethernet IP Network Used by OT Systems 96
8.3.1 Converter Security 96
8.4 Intrusion Detection Systems (IDS) 98
8.5 OT Systems Checklist for IT Department 99

Section 9 – IT Systems Management 101
9.1 Remote Access 101
9.1.1 Remote Access Checklist 103
9.2 Vulnerability Scanning 104
9.3 Disaster Recovery/Backup 106
9.4 Uninterruptible Power Supply (UPS) for IT/OT systems 107

Annexes 109
Annex 1 – Cyber Security Assessment 111
Annex 2 – Model Cyber Security Plan 117
Annex 3 – Checking for Windows Updates 137
Annex 4 – Creating User Accounts 141
Annex 5 – Checking for Segregated Networks 149
Annex 6 – How to Check that Anti-virus Software Updates are Applied 153
Annex 7 – Planning a Crew Training Session 155
Annex 8 – NMEA 0183 157
Annex 9 – Regional Regulatory Guidance 163
Annex 10 – Further Resources 167