Cyber Operators Course (Op) – Module 4

Harmful software and procedures to counter – Micro-sandboxing

More recent developments in malware defences include the concept of ‘micro sandboxing’. Suspect files are run in a closed off area of the computer. Security software then inspects the behaviour of the file for a period of time, before determining if it is malicious or not.

Above image from www.trendmicro.com


Cyber Management (Ma) Course 2019


Welcome to your Annual Cyber Competency Assurance Training, or Cyber ACAT as it is better known.

This course was designed to ensure Management are competent in the Cyber

The Management (Ma) Course is designed to educate on what is happening in one of the largest industries in the World, namely Cyber crime.

The course take 2 hours learning, Plus a potential minimum of 6 hours anticipated for Procedural development.

The Management (Ma) course modules are:

  1. Requirements and Obligations
  2. Clause 380 Maritime Cyber Insurance
  3. SMS Cyber Management
  4. Response to an incident, Recovery and Procedures
  5. Monitoring Ships Data and activity
  6. Checklists of venerable equipment
  7. Management Risk and external assessments/access
  8. Relationship between ship and shore/agents/owners
  9. EDIFACT Attacks and Security
  10. Internal Case study drills and procedures

Ship Management of this process is simple, as each Crew/Guest/Contractors/Visitors completes the course it will show next to their name.

The cost of each Type of Cyber ACAT is £500 (+ VAT if applicable) per hull, per year. The number of officers that can complete the course is unlimited.

To buy for your hull(s), Please see Buying Options


Please note: All topics MUST be completed in order. If you attempt a different topic, you will see a blank page. Once completed you can go back at any time and view all previous topics.


Cyber Operators (Op) Course


Welcome to your Annual Cyber Competency Assurance Training, or Cyber ACAT as it is better known.

This course was designed to ensure Operators are competent in the Cyber

The  Cyber Operators (Op) Course is designed to educate on what is happening in one of the largest industries in the World, namely Cyber crime.

The course takes between 2 hours learning, Plus 1 hour internal discussion and identification of threats.

The Operators (Op) course modules are:

  1.  Introduction
  2. Accidental `Self-Hack`
  3. Different Risks and terminology
  4. Harmful software and procedures to counter
  5. Malware and prevention techniques
  6. Communication equipment and security
  7. Specific Compartment equipment
  8. Secure USB ports on all ships systems
  9. Good cyber hygiene and training

Ship Management of this process is simple, as each Crew/Guest/Contractors/Visitors completes the course it will show next to their name.

The cost of each Type of Cyber ACAT is £500 (+ VAT if applicable) per hull, per year. The number of officers that can complete the course is unlimited.

To buy for your hull(s), Please see Buying Options


Please note: All topics MUST be completed in order. If you attempt a different topic, you will see a blank page. Once completed you can go back at any time and view all previous topics.


Combined Cyber Operators (Op) and Management (Ma) Course 2019

Limited offer, Cyber Management and Cyber Operators Course for £750 (+ VAT if applicable) per hull, per year. The number of officers that can complete the course is unlimited.

Welcome to your Annual Cyber Competency Assurance Training, or Cyber ACAT as it is better known.

This course was designed to ensure Operators and Management are competent in the Cyber

The combined Cyber Operators (Op) and Management (Ma) Course is designed to educate on what is happening in one of the largest industries in the World, namely Cyber crime.

The course takes between 1 day on average.

The Operators (Op) course modules are:

  1.  Introduction
  2. Accidental `Self-Hack`
  3. Different Risks and terminology
  4. Harmful software and procedures to counter
  5. Malware and prevention techniques
  6. Communication equipment and security
  7. Specific Compartment equipment
  8. Secure USB ports on all ships systems
  9. Good cyber hygiene and training

The Management (Ma) course modules are:

  1. Requirements and Obligations
  2. Clause 380 Maritime Cyber Insurance
  3. SMS Cyber Management
  4. Response to an incident, Recovery and Procedures
  5. Monitoring Ships Data and activity
  6. Checklists of venerable equipment
  7. Management Risk and external assessments/access
  8. Relationship between ship and shore/agents/owners
  9. EDIFACT Attacks and Security
  10. Internal Case study drills and procedures

Ship Management of this process is simple, as each Crew/Guest/Contractors/Visitors completes the course it will show next to their name.

Limited offer, Cyber Management and Cyber Operators Course for £750 (+ VAT if applicable) per hull, per year. The number of officers that can complete the course is unlimited.

To buy for your hull(s), Please see Buying Options

Cyber Management Course (Ma) – Module 10

Internal Case study drills and procedures – Case Study 10 – Global Shipping company BW Group

Global shipping company BW Group’s computer systems in Singapore were hacked recently, prompting the company to briefly go offline, company sources said this week.

The incident happened in July, at a time when the entire global shipping industry is feverishly working to enhance cyber security. In the multi-billion dollar shipping industry cyber-security to prevent hacking is crucial for a smooth movement of cargoes and passengers across the globe.

In a shipping company, the onshore office and offshore systems of various ships need to be in regular communication to ensure seamless continuity in management.

The hacking of BW Group’s computer systems came close on the heels of a major global ransomware attack — Petya — on many computer servers across assets including those of shipping major, A.P. Moller-Maersk in June. According to Maersk, the breakdown had affected all business units at the company, including container shipping, port and tug boat operations, oil and gas production, drilling services, and oil tankers. It hurt the company’s business volumes and resulted in millions of dollars in lost revenue.

A BW Group spokesperson said the cyber attack on the company’s computer systems was not ransomware.

“Regretfully, there was an unauthorized access [of BW’s computer systems] some months back [but] there was no ransomware,” the spokesperson said.

Ransomware is a malware that prevents or limits users from accessing their system, either by locking its screen or by locking the users’ files unless a ransom is paid. Some types of ransomware, collectively categorized as crypto-ransomware, encrypt certain file types on infected systems and forces users to pay a ransom through certain online payment methods to obtain a decrypt key.

The BW spokesperson did not divulge information on any financial or data loss due to the unauthorized external access to the company’s computers.

BW Group is one of the largest shipping companies in the world, controlling not only tankers and bulk carriers but also gas carriers and offshore floating. BW LPG and BW Offshore are listed on the Oslo Stock Exchange. Earlier this year, BW became the largest shareholder in the New York-listed DHT Holdings, when the two entered into a tankers-for-shares deal.

Another tanker company, New York-listed Frontline, tried to block the deal through a lawsuit but was unsuccessful.

Cyber Management Course (Ma) – Module 10

Internal Case study drills and procedures – Case Study 10 – Global Shipping company BW Group

During the cyber attack, business systems were temporarily inaccessible from outside Singapore but various business segments of the BW Group were still able to communicate with all customers and crew through email and other communication platforms, the spokesperson said.

Singapore accords tremendous importance to cyber security in maritime business because it is located along one of the world’s busiest waterways, with close to 1,000 ships anchored there at any given time. A ship calls at Singapore port every two or three minutes — a total of around 130,000 ships a year — making maritime cyber-security critical.

“For shipping companies, the core business is the tonnage and cargoes and information technology is not always their topmost priority,” said an IT manager who has worked with maritime companies. The hardware that shipping companies are more concerned about relates to ships they manage rather than the onshore computer systems, which are equally important.

However, the BW Group spokesperson said the company is aware of the gravity of the situation.

“We take this incident seriously and have since accelerated our in-progress cyber-security efforts.” This is also in line also with the steps being taken by other players in the shipping industry, the spokesperson said.

The spokesperson did not comment on whether the culprits involved in the hacking were identified or traced.

Sources tracking the development said that an audit of BW’s computer systems was conducted by KPMG, which undertook forensics pertaining to the entire incident.

BW Group is working closely with vendors such as BT to ensure there are fool proof security products in place and managed by dedicated personnel to avoid any hacking in future, one such source said.

“Gaps in cyber security were already there and efforts were being made to plug them when this incident happened,” the source said.

“Mitigation actions have been taken to fix this unauthorized access,” the BW spokesperson said, but did not elaborate.