Maritime cyberthreats are unique, complex, and rapidly evolving as the next generation of connected vessels rolls off the line. The days when ships could go weeks or months without onshore contact are long over. Today, you would be hard-pressed to find a ship without GPS and satellite communications, along with computer systems for navigation and remote monitoring.
In early 2020, Naval Dome found a 400% increase in maritime cyberattacks due to the growth of technology use and work from home. Technicians who would typically fly out to ships to work with critical OT systems are now accessing these resources remotely without proper security controls. The Port of Houston was a suspected target in a nation-state attack – and was able to successfully defend against the attack with proper controls already in place. This aligns well with IBM’s finding that the average cost of a breach was $1.14 million less at organizations with a mature zero-trust approach.
Critical on-ship OT controls to pull remote diagnostics and perform maintenance may be outdated and living on end-of-life operating systems. Exposing these assets directly to the internet opens a large vulnerability in the organization’s attack surface. At the same time, traditional tools used to access these systems, like RDP or SSH, pose their own set of vulnerabilities when exposed to public networks.
Impacts to these systems can impact economies on both the macro and micro levels – leading to global supply chain disruptions, ships stranded at sea without communications, and risk to human lives and safety. Properly securing these systems must be top-of-mind for all maritime security teams, and the answer lies in identity.
The digital infrastructure on ships has long been treated like a physical office building, with a protection approach focused on hardware-based firewalls and security appliances in place. While these systems can be configured for highly-availability, hardware failures often mean that the ship and its crew effectively have no security in place. With constrained bandwidth and legacy connectivity methods, software updates for new vulnerabilities or patching took too long to be viable.
As marine vessels themselves become more digital, so do the workers onboard the ships. With more devices than ever, the digital industrial workforce is becoming more agile and productive with digital access to their work resources. Protecting these users while at sea or in port is a crucial piece of maritime cybersecurity.
For all these reasons, maritime organizations must adopt an identity-based access and connectivity solution as part of their overall zero-trust strategy. Identity-based security is key because many control systems on a ship utilize shared credentials or default accounts, with no way to tie specific access requests or application sessions back to a single, real, and verified user.
Cyolo’s lightweight, Docker-based deployment, combined with a trustless architecture that does not rely on the internet or public networks, make it an ideal security solution for the maritime industry. In addition, Cyolo is uniquely able to extend key security capabilities such as multi-factor authentication (MFA) and single sign-on (SSO) to legacy, air-gapped, or on-ship controls. By utilizing QR passkeys, users can easily enroll into the Cyolo platform based on policy, without network connectivity, and still access critical on-ship controls.
The Cyolo platform has two components, the Identity Access Controller (IDAC, an application connector) and the Cyolo Edge, responsible for routing user requests to the appropriate IDACs. When installed on-premises, the Edge enables local users to access local resources with the same zero-trust-powered policy and controls that remote users would.
Whether docked or cruising, security teams using Cyolo can rest easy knowing that access to all ship controls are secure, audited, recorded, and fully supervised. To learn more about how Cyolo can help you handle the rough seas of maritime cybersecurity, let's talk.
Josh Martin is a security professional who told himself he'd never work in security. With close to 5 years in the tech industry across Support, Product Marketing, Sales Enablement, and Sales Engineering, Josh has a unique perspective into how technical challenges can impact larger business goals and how to craft unique solutions to solve real world problems. Josh joined Cyolo in 2021 and prior worked at Zscaler, Duo Security, and Cisco.
Outside of Cyolo, Josh spends his time outdoors - hiking, camping, kayaking, or whatever new hobby he's trying out for the week. Or, you can find him tirelessly automating things that do NOT need to be automated in his home at the expense of his partner. Josh lives in North Carolina, USA.