Digitalization makes shipping more efficient, but it also increases risks: one in three ships has critical vulnerabilities. A single infected flash drive or phishing email can disable navigation, communications, or control systems.
📌 All types of vessels are vulnerable, from trawlers and tugs to bulk carriers with legacy systems—any vessel where IT and OT networks are connected.
⚠️ Key threats identified by experts:
- Weak or default passwords;
- Lack of regular updates to navigation and engine systems;
- Mixed networks (when office internet is connected to propulsion and power management systems);
- Unchecked use of USB devices;
- Lack of instructions for the crew in the event of an incident.
📘 IMO now requires cyber risks to be considered
According to IMO resolution MSC.428(98), shipowners are required to incorporate cyber risks into their safety management system. This means that cybersecurity is no longer a recommendation, but rather a mandatory part of ship safety.
🛡 What crews and shipowners should do:
🟢Update software on ECDIS, VDR, communication, and control systems;
🟢Separate IT and OT networks to prevent a virus from the office network from paralyzing ship operations;
🟢Use unique passwords and two-factor authentication;
🟢Prohibit the launch of unknown files and flash drives;
🟢Train crews—cyberattacks today begin not with a hacker, but with a simple email.
A cyberattack can disrupt a ship’s operations just as badly as a storm. The industry’s task is to treat digital security as well as physical security.
Seamen’s Club 🇺🇦 | #education