MARITIME

CYBER SECURITY
“It’s not a question of whether you’ll get hit
but when you’ll get hit.”
 SEAWALL CONSULT
SEAWALL PROTECT
SEAWALL FIX
SEAWALL PR
SEAWALL TRAIN
SEAWALL TEST
SEAWALL SCAN
SEAWALL LEGAL

SEAWALL MARITIME CYBER SECURITY

First integrated risk management solution for the peril of cyberattack for the global
shipping community. Five crucial elements of cyber protection have been identified:
technical, operational, IT backup, legal and media crisis management.
Page 3
 Vulnerability Example: projected myriad cyber threats. Information Security
Cyber-attacks in 2018 and IT teams, therefore, will witness many
A matter of ‘When’, Not ‘If’? rapidly evolving threats, and many new,
December 5, 2017 advanced extortionist methods.
Ardian Berisha
Richard Ford, a chief scientist at Forcepoint
While governments point fingers at each stated that “this has been a tough year, and
other for failing to detect, prevent and/or 2018 is going to be a tougher year”, in terms
effectively respond to attacks, the cyber- of cyber-attacks. He claims that the increased
crimes are generating far-reaching impacts. digital footprint will further continue to
The rise in cyber-attacks, as a result of the endanger the survival of the organizations
growth and development of the internet, because of the lack of awareness and
has created problems for almost every shortfall in
industry worldwide, affecting the US, UK, technical expertise.  
EU and Russia the most.
Referring to Ford, due to the necessity
Based on the most recent reports, cyber- to keep pace with continually evolving
attacks are going to be more destructive in technology, one can expect that the year
2018. The continued pressure placed upon 2018 will witness a significant rise in phishing
organizations to operate with an online emails and email compromise.
presence brings the risk of encountering
www.pecb.com

Page 4
Vulnerability Example: There are three German shipowners that
Hackers took ‘full control’ of operate eight vessels between 8,200 and
container ship’s navigation 8,300 teu, according to IHS Markit data, one
systems for 10 hours of which confirmed knowledge of the attack
to SAS but denied it was a vessel from their
Sunday, November 22, 2017
own company.  
Tanya Blake, editor, Safety at Sea
 
In February 2017 hackers reportedly took While details are limited, according to the
control of the navigation systems of source, the 10-hour attack was carried out
a German-owned 8,250 teu container by “pirates” who gained full control of the
vessel en route from Cyprus to Djibouti vessel’s navigation system intending to steer
for 10 hours. it to an area where they could board
and take over.
Suddenly the captain The crew attempted to regain control of
could not maneuver, the navigation system but had to bring IT
experts on board, who eventually managed
an industry source who did not wish to be to get them running again after
identified told Fairplay sister title Safety hours of work.
At Sea (SAS). “The IT system of the vessel
was completely hacked.” www.fairplay.ihs.com
 
Page 5
 HACKED AT SEA: CONCERNS GROW FOR SHIP,
PORT CYBER SECURITY
Monday, February 5, 2018

For a few weeks last sprouted in hacked accounting software in Ukraine in

summer, the goods moving late June, and by exploiting a weakness in Microsoft
through one of its terminals Windows operating systems, quickly went global as it
slowed to a crawl because infected corporate networks and locked down the data of
of a global cyber attack that contaminated computers. Hackers would usually restore
originated 4,500 miles away. access after a ransom payment is made, but NotPetya
was engineered to cause chaos more than extort funds,
The terminal’s operator, cyber security experts say.
APM Terminals, is a
subsidiary of the world’s Maersk and many other global firms affected, such as
largest container shipping FedEx and pharmaceutical giant Merck, were not specific
company, A.P. Moller-Maersk targets of the attack, but that didn’t matter. In a “heroic
Group. The company, which effort” over 10 days, Maersk reinstalled 4,000 servers,
transports roughly 20 45,000 personal computers and 2,500 applications,
percent of the world’s cargo chairman Jim Hagemann Snabe said at the World
containers, was among the Economic Forum meeting in Davos last month.
hardest hit by the NotPetya www.newsdeeply.com
ransomware. NotPetya
Page 7
VULNERABILITY OF SHIPS
Modern seagoing ships are vulnerable to 21st century attacks
‘Ransomware’ attacks that encrypt entire
Data theft of manifests to allow
networks and demand a ransom in return
targeted attacks
for the decryption key
Remote control of satellite
Denial of service attacks forcing
communications systems giving full access
ships to go offline
to all onboard systems
Supervisory control and data aquisition Unauthorised remote control of onboard
(SCADA) attacks on legacy technology operational technology systems
attacks on legacy technology

Page 8
RISK
S
TODAY’S SHIPS HAVE COMMON SECURITY WEAKNESSES
Ship connections to cheap Wi-Fi in port, bypassing all protection
Admin interfaces exposed to the internet for anyone to use
Operation Technology (OT) devices connected to insecure on-board Wi-Fi
Functions of onboard Firewalls disabled
Malware incidents generally not reported – only remote help available from HQ
Lack of network segregation
Anti-virus signatures that have never been updated
Systems that haven’t been patched for years
Undetected virus infection
Default passwords across entire fleets

Page 11
 Our Services

SEAWALL CONSULT SEAWALL SCAN SEAWALL TEST

Our security experts An essential starting point An in-depth test
will offer risk evaluation and cost effective way to where our team will
and advice on the best scan obvious vulnerabilities. perform a penetration
solution for your ship. This is performed remotely, test of the ship
and we highly recommend a onboard.
regular scan for continuous
protection.

Page 12
 SEAWALL FIX SEAWALL PROTECT SEAWALL TRAIN
A basic protection against A monthly subscription that Creating a security culture
common vulnerabilities provides constant network awareness with
faced by your ship. Our security protection for your best in class training.
security experts will be on vessels, updated daily against
board to fix, patch, clean new threats, whether they
up and preparetion for are in port or underway.
effective monitoring.

Page 13
 What is A
Penetration Test
With the Seawall Test, a penetration test is
performed by our team of expert penetration testers
who will be put on your ship to review the security
of all your networked systems, using advanced
testing tools. We will simulate the risk posed by
an informed insider, including employees, service
providers, and other internal users. The test results,
in the form of a detailed report, will specify all your
systems’ vulnerabilities, with clear instructions
on how to fix them – sorting these vulnerabilities
according to their risk level to clearly indicate which
vulnerability requires immediate fixing first. All this
is done within a typical 8-hour turnaround in port.

Page 14
PENETRATION TEST SAMPLE REPORT
The sample report from a Penetration
Test in the next page (pg 16-17) shows
threats faced by a company. The
analysis shows the highest risk to the
company is of a remote compromise
while the chart shows a breakdown of
the risks by category.

Page 15
 RC REMOTE COMPROMISE
This vulnerability would allow remote compromise of the target system. This would allow a malicious
user the ability to gain full control of the system or application and any data held within it.
ERR UNINTENDED ERROR
This vulnerability is unknown or unintended errors were found to occur. This is systemic of
unknown problems with the systems tested that have until now not been made aware to the teams
who support them.
ID INFORMATION DISCLOSURE
This vulnerability discloses further information, potentially sensitive, that would allow an attacker to
better target their attacks allowing far greater chances of success.
PE POTENTIAL ESCALATE
This vulnerability may allow or lead to the potential for a user to escalate their level of access
far beyond that which was granted, potentially allowing them to abuse the application or system
they have access to.
PH PHISHING
This vulnerability could lead to “phishing” or “pharming” type attacks, whereby legitimate users of
the systems could be tricked into disclosing sensitive information that could be used as part of a
fraud or theft.
DDOS DISTRIBUTED DENIAL OF SERVICE
This vulnerability would result in a reduction in or loss of service on the target system whereby the
legitimate users of the systems would be denied access by the malicious attacker.

Page 16
Penetration Test Sample Report

Page 17
Page 18
Why Seawall?
Pay For Only What You Need
Seawall is priced on a per ship basis so it is accessible to companies
of all sizes.

Wide Coverage
Seawall protects against over 7.5m different attacks and we
continually build and update our defenses to offer
you the best coverage.

Flexibility
Choose and mix our products according to what your ship needs.

Made For Ships

Seawall is designed to cater to the needs of the shipping industry,
using technology that has been tried and tested.

Page 19
FAQs
Q: Will Seawall defend me against all security threats?
A: SEAWALL PROTECT is intended to defend you against cyber threats from your internet
connection. It does not defend you against accidental or deliberate actions by your onboard
crew who have direct access to your IT systems. We recommend SEAWALL TRAINING for your
crew – this helps them understand how to work safely on computer systems to help you
manage your risk.

Q: Am I defended against zero-day threats?

A: A zero-day threat is an attack against a vulnerability previously unknown to security
researchers. Because SEAWALL uses industry-leading security software backed by an
international team of security researchers, we have some of the best protection from
zero-day in the business:our threat intelligence partner research team is amongst the top
performers in detection of and protection against new threats. This gives us unparalleled
speed in rolling out enhanced protection against new threats

Page 20
Q: What happens if I am attacked?
A: While SEAWALL significantly reduces your risk, no security is 100% effective and attacks will
very occasionally get through. In a crisis response situation, SEAWALL PR and legal teams are
ready to provide a quality response, our cyber security response team can advise remotely or
be deployed to the nearest port (at additional cost), and SEAWALL insurance policies to cover
losses (within coverage limits).

Q: Why is your gateway on shore, not on the vessel?

A: Managing security onshore gives significant operational and safety benefits. By managing
security across your fleet in one place, we can update protection swiftly and effectively
when new attacks are discovered – and every minute counts. We can ensure consistent
coverage, so no boat gets left behind. And by taking your gateway off the bridge, we guard
against accidental disabling of your security by any untrained crew.

Page 21
 Best InPARTNERSHIPS
Class

Pragma DNV GL Maritime HFW Navigate Response

Specialist cyber security Academy A sector-focused law Crisis communication
consultancy focused An award-winning firm with shipping for the shipping
on helping companies training provider – being one of its focus, industry – on call
understand their digital providing cyber security offering legal support 24/7, delivering
risk exposure. training for crew and and advice. immediate support
onshore personnel. and expert advice in
times of crisis.

Page 22
 MEET THE TEAM

PETER SCHELLENBERGER GEOFF LEEMING MANISH CHAWDA

Managing Director Partner Partner
OSERV Pte Ltd Pragma Pragma

Page 23
 Seawall by OSERV

www.oserv-maritime.com
+65 6221 2523
askus@oserv-maritime.com
91 Bencoolen Street #03-02/03
Sunshine Plaza
Singapore 189652

Scan to view our website

©2018 by OSERV Pte. Ltd.