MARITIME

CYBER SECURITY
“It’s not a question of whether you’ll get hit
but when you’ll get hit.”
 SEAWALL CONSULT
SEAWALL PROTECT
SEAWALL FIX
SEAWALL PR
SEAWALL TRAIN
SEAWALL TEST
SEAWALL SCAN
SEAWALL LEGAL

SEAWALL MARITIME CYBER SECURITY

First integrated risk management solution for the peril of cyberattack for the global
shipping community. Five crucial elements of cyber protection have been identified:
technical, operational, IT backup, legal and media crisis management.
Page 3
 Vulnerability Example: projected
Cyber-attacks in 2018
A matter of ‘When’, Not ‘If’?
December 5, 2017
Ardian Berisha
While governments point fingers at each
other for failing to detect, prevent and/or
effectively respond to attacks, the cyber-
crimes are generating far-reaching impacts.
The rise in cyber-attacks, as a result of the
growth and development of the internet,
has created problems for almost every
industry worldwide, affecting the US, UK,
EU and Russia the most.
Based on the most recent reports, cyber-
attacks are going to be more destructive in
2018. The continued pressure placed upon
organizations to operate with an online
presence brings the risk of encountering
Page 4
myriad cyber threats. Information Security
and IT teams, therefore, will witness many
rapidly evolving threats, and many new,
advanced extortionist methods.
Richard Ford, a chief scientist at Forcepoint
stated that “this has been a tough year, and
2018 is going to be a tougher year”, in terms
of cyber-attacks. He claims that the increased
digital footprint will further continue to
endanger the survival of the organizations
because of the lack of awareness and
shortfall in
technical expertise.  
Referring to Ford, due to the necessity
to keep pace with continually evolving
technology, one can expect that the year
2018 will witness a significant rise in phishing
emails and email compromise.
www.pecb.com
Vulnerability Example:
Hackers took ‘full control’ of
container ship’s navigation
systems for 10 hours
Sunday, November 22, 2017
Tanya Blake, editor, Safety at Sea
In February 2017 hackers reportedly took
control of the navigation systems of
a German-owned 8,250 teu container
vessel en route from Cyprus to Djibouti
for 10 hours.
Suddenly the captain
could not maneuver,
an industry source who did not wish to be
identified told Fairplay sister title Safety
At Sea (SAS). “The IT system of the vessel
was completely hacked.”
There are three German shipowners that
operate eight vessels between 8,200 and
8,300 teu, according to IHS Markit data, one
of which confirmed knowledge of the attack
to SAS but denied it was a vessel from their
own company.  
While details are limited, according to the
source, the 10-hour attack was carried out
by “pirates” who gained full control of the
vessel’s navigation system intending to steer
it to an area where they could board
and take over.
The crew attempted to regain control of
the navigation system but had to bring IT
experts on board, who eventually managed
to get them running again after
hours of work.
www.fairplay.ihs.com
Page 5
 HACKED AT SEA: CONCERNS GROW FOR SHIP,
PORT CYBER SECURITY
Monday, February 5, 2018
For a few weeks last
summer, the goods moving
through one of its terminals
slowed to a crawl because
of a global cyber attack that
originated 4,500 miles away.
The terminal’s operator,
APM Terminals, is a
subsidiary of the world’s
largest container shipping
company, A.P. Moller-Maersk
Group. The company, which
transports roughly 20
percent of the world’s cargo
containers, was among the
hardest hit by the NotPetya
ransomware. NotPetya
sprouted in hacked accounting software in Ukraine in
late June, and by exploiting a weakness in Microsoft
Windows operating systems, quickly went global as it
infected corporate networks and locked down the data of
contaminated computers. Hackers would usually restore
access after a ransom payment is made, but NotPetya
was engineered to cause chaos more than extort funds,
cyber security experts say.
Maersk and many other global firms affected, such as
FedEx and pharmaceutical giant Merck, were not specific
targets of the attack, but that didn’t matter. In a “heroic
effort” over 10 days, Maersk reinstalled 4,000 servers,
45,000 personal computers and 2,500 applications,
chairman Jim Hagemann Snabe said at the World
Economic Forum meeting in Davos last month.
www.newsdeeply.com
Page 7
VULNERABILITY OF SHIPS
Modern seagoing ships are vulnerable to 21st century attacks
‘Ransomware’ attacks that encrypt entire
Data theft of manifests to allow
networks and demand a ransom in return
targeted attacks
for the decryption key
Remote control of satellite
Denial of service attacks forcing
communications systems giving full access
ships to go offline
to all onboard systems
Supervisory control and data aquisition Unauthorised remote control of onboard
(SCADA) attacks on legacy technology operational technology systems
attacks on legacy technology

Page 8
RISK
S
TODAY’S SHIPS HAVE COMMON SECURITY WEAKNESSES
Ship connections to cheap Wi-Fi in port, bypassing all protection
Admin interfaces exposed to the internet for anyone to use
Operation Technology (OT) devices connected to insecure on-board Wi-Fi
Functions of onboard Firewalls disabled
Malware incidents generally not reported – only remote help available from HQ
Lack of network segregation
Anti-virus signatures that have never been updated
Systems that haven’t been patched for years
Undetected virus infection
Default passwords across entire fleets

Page 11
 Our Services
SEAWALL CONSULT SEAWALL SCAN
Our security experts An essential starting point
will offer risk evaluation and cost effective way to
and advice on the best scan obvious vulnerabilities.
solution for your ship. This is performed remotely,
and we highly recommend a
regular scan for continuous
protection.
Page 12
SEAWALL TEST
An in-depth test
where our team will
perform a penetration
test of the ship
onboard.
 SEAWALL FIX SEAWALL PROTECT SEAWALL TRAIN
A basic protection against A monthly subscription that Creating a security culture
common vulnerabilities provides constant network awareness with
faced by your ship. Our security protection for your best in class training.
security experts will be on vessels, updated daily against
board to fix, patch, clean new threats, whether they
up and preparetion for are in port or underway.
effective monitoring.

Page 13
 What is A
Penetration Test
With the Seawall Test, a penetration test is
performed by our team of expert penetration testers
who will be put on your ship to review the security
of all your networked systems, using advanced
testing tools. We will simulate the risk posed by
an informed insider, including employees, service
providers, and other internal users. The test results,
in the form of a detailed report, will specify all your
systems’ vulnerabilities, with clear instructions
on how to fix them – sorting these vulnerabilities
according to their risk level to clearly indicate which
vulnerability requires immediate fixing first. All this
is done within a typical 8-hour turnaround in port.

Page 14
PENETRATION TEST SAMPLE REPORT
The sample report from a Penetration
Test in the next page (pg 16-17) shows
threats faced by a company. The
analysis shows the highest risk to the
company is of a remote compromise
while the chart shows a breakdown of
the risks by category.

Page 15
 RC REMOTE COMPROMISE
This vulnerability would allow remote compromise of the target system. This would allow a malicious
user the ability to gain full control of the system or application and any data held within it.
ERR UNINTENDED ERROR
This vulnerability is unknown or unintended errors were found to occur. This is systemic of
unknown problems with the systems tested that have until now not been made aware to the teams
who support them.
ID INFORMATION DISCLOSURE
This vulnerability discloses further information, potentially sensitive, that would allow an attacker to
better target their attacks allowing far greater chances of success.
PE POTENTIAL ESCALATE
This vulnerability may allow or lead to the potential for a user to escalate their level of access
far beyond that which was granted, potentially allowing them to abuse the application or system
they have access to.
PH PHISHING
This vulnerability could lead to “phishing” or “pharming” type attacks, whereby legitimate users of
the systems could be tricked into disclosing sensitive information that could be used as part of a
fraud or theft.
DDOS DISTRIBUTED DENIAL OF SERVICE
This vulnerability would result in a reduction in or loss of service on the target system whereby the
legitimate users of the systems would be denied access by the malicious attacker.

Page 16
Penetration Test Sample Report

Page 17
Page 18
Why Seawall?
Pay For Only What You Need
Seawall is priced on a per ship basis so it is accessible to companies
of all sizes.

Wide Coverage
Seawall protects against over 7.5m different attacks and we
continually build and update our defenses to offer
you the best coverage.

Flexibility
Choose and mix our products according to what your ship needs.

Made For Ships

Seawall is designed to cater to the needs of the shipping industry,
using technology that has been tried and tested.

Page 19
FAQs
Q: Will Seawall defend me against all security threats?
A: SEAWALL PROTECT is intended to defend you against cyber threats from your internet
connection. It does not defend you against accidental or deliberate actions by your onboard
crew who have direct access to your IT systems. We recommend SEAWALL TRAINING for your
crew – this helps them understand how to work safely on computer systems to help you
manage your risk.

Q: Am I defended against zero-day threats?

A: A zero-day threat is an attack against a vulnerability previously unknown to security
researchers. Because SEAWALL uses industry-leading security software backed by an
international team of security researchers, we have some of the best protection from
zero-day in the business:our threat intelligence partner research team is amongst the top
performers in detection of and protection against new threats. This gives us unparalleled
speed in rolling out enhanced protection against new threats

Page 20
Q: What happens if I am attacked?
A: While SEAWALL significantly reduces your risk, no security is 100% effective and attacks will
very occasionally get through. In a crisis response situation, SEAWALL PR and legal teams are
ready to provide a quality response, our cyber security response team can advise remotely or
be deployed to the nearest port (at additional cost), and SEAWALL insurance policies to cover
losses (within coverage limits).

Q: Why is your gateway on shore, not on the vessel?

A: Managing security onshore gives significant operational and safety benefits. By managing
security across your fleet in one place, we can update protection swiftly and effectively
when new attacks are discovered – and every minute counts. We can ensure consistent
coverage, so no boat gets left behind. And by taking your gateway off the bridge, we guard
against accidental disabling of your security by any untrained crew.

Page 21
 Best InPARTNERSHIPS
Class

Pragma DNV GL Maritime HFW Navigate Response

Specialist cyber security Academy A sector-focused law Crisis communication
consultancy focused An award-winning firm with shipping for the shipping
on helping companies training provider – being one of its focus, industry – on call
understand their digital providing cyber security offering legal support 24/7, delivering
risk exposure. training for crew and and advice. immediate support
onshore personnel. and expert advice in
times of crisis.

Page 22
 MEET THE TEAM

PETER SCHELLENBERGER GEOFF LEEMING MANISH CHAWDA

Managing Director Partner Partner
OSERV Pte Ltd Pragma Pragma

Page 23
 Seawall by OSERV

www.oserv-maritime.com
+65 6221 2523
askus@oserv-maritime.com
91 Bencoolen Street #03-02/03
Sunshine Plaza
Singapore 189652

Scan to view our website

©2018 by OSERV Pte. Ltd.