By FMC Commissioner William P. Doyle in the Maritime Professional:
The maritime industry must redouble its efforts to secure IT systems and data.
In June, Maersk Line A/S’s information systems were severely disrupted by the so-called Petya virus. FMC provided Maersk with relief to help them get through the difficult situation. In Mid-July, a researcher penetrated a ship’s internet system through its very small aperture system (VSAT). The ship was operating in the South America trade.
An internet security researcher identified as “x0rz” discovered that many shipboard VSAT systems can be penetrated through the public internet, making the findings live in real time on Twitter. Thus, ships can be tracked and identified through services like Shodan. Shodan is a search engine that allows users to find electronic devices and computer systems connected to the internet, i.e., power plants, traffic signals and even ships. x0rz found that some ships’ systems are not securely configured thus allowing a remote attacker to gain access using default credentials.