Cyber Operators Course (Op) – Module 6

Communication equipment and security – Check all on-board Wi-Fi networks

Strong encryption, strong Wi-Fi passwords and good Wi-Fi router admin passwords are a must. Crew Wi-Fi for personal use must not connect to anything other than the internet and/or on-board systems (e.g. media streaming) for personal use.

Any ship systems that use Wi-Fi (e.g. tablets for comms and navigation) MUST have raised security levels, including stronger authentication.

Make sure the satcom system isn’t available from the public internet.

Cyber Operators Course (Op) – Module 6

Communication equipment and security – Internet Risks

A virus is either a File or script looking to cause harm to your computer system. They tend to either slow down your computer or completely break them. Like a biological virus, a computer virus is something you don’t want to get.

Computer viruses are small programs or scripts that can negatively affect the health of your computer. These malicious little programs can create files, move files, erase files, consume your computer’s memory, and cause your computer not to function correctly. Some viruses can duplicate themselves, attach themselves to programs, and travel across networks. In fact opening an infected e-mail attachment is the most common way to get a virus.

A computer Viruses is a piece of malware which replicates into other files and hides as important data. Some extreme viruses infect the ‘boot sector’ which is one of the most important areas of a system (It’s the code that starts up the system)

Cyber Operators Course (Op) – Module 6

Communication equipment and security – How to Hack your SATCOM

Most airtime providers offer a private IP address space, so hackers can’t reach your satcom system as easily over the internet.

It’s easy to find out if your vessel terminals are public or not: put the IP address in a browser and see if you can route to the terminal web interface from the public internet. Or you could port scan it. Speak to your airtime provider and check.

Cyber Operators Course (Op) – Module 6

Communication equipment and security – How to Hack your SATCOM

A hacker could easily access the terminal administration interface, use a default password and then take control of the satellite terminal. They may also be able to then access more critical networks on the vessel

For example, if the password is default, a hacker can easily downgrade the software and introduce security flaws. Here’s an example of a downgrade attack in a Cobham terminal. Even if the password was then changed, the hacker would still have access!

Number 2: Make sure the ships satcom system isn’t on the public internet!

Cyber Operators Course (Op) – Module 6

Communication equipment and security – Basic Checks

‘Always-on’ can be the downfall of a vessel if its cyber security is not addressed. From being an isolated (and therefore more secure) environment when at sea, a ship is now just as connected as many offices. Yet, cyber security is usually an afterthought, if even considered at all.

  • Basic satellite equipment checks
  • Administration passwords
  • Access from the public internet
  • Terminal software version
  • Physical security of the terminal

By far the most common problem: the satellite terminal installer hasn’t changed the administration passwords from the default admin/admin, admin/1234 or similar. Ensure the passwords are complex and only known by those who need to know.

Cyber Operators Course (Op) – Module 6

Communication equipment and security – Introduction

By far the most common problem is that the satellite terminal installer hasn’t changed the admin passwords from the default admin/admin or similar. Ensure the passwords are complex and only known by those who need to know.

Update the software on the satcom system

Make sure it’s at the latest version and ensure it is updated every time the manufacturer publishes an update. Updates usually include fixes for security flaws, so the more out of date the software is, the more vulnerable it is.

Satcoms are the game changer in maritime cyber security. In the past, satellite connectivity was so expensive as to be prohibitive for all but the most essential communication. Crew personal email and social media access was a pipe dream.

However, now that data plans and significant bandwidth have become more affordable, always-on connections can be a valuable recruiting tool and enable the concept of the smart ship.

Cyber Operators Course (Op) – Module 6

Communication equipment and security – Satellite Communications System – Number 1 priority!

Before we start the module:

Check that the satcom system has its passwords changed from the manufacturer default!

Cyber Operators Course (Op) – Module 5

Malware and prevention techniques – Ways to prevent a Malware attack

Ways to prevent a Malware attack would be to keep your system up to date and have the firewall enabled. Some software also helps protect from malware attacks. For Viruses you can use special Anti-Virus software. Other than that you can only really only visit trusted sites. But we would always point out you should constantly back-up your system as much as you can, as you are never ultimately safe from harmful software’s.