Scribd Logo
Upload

Welcome to Scribd!

  • Кибербезопасность на судах .

    Uploaded by

    sergey kuznetsov
    11 views3 pages
    This document is a cyber security workbook for ship crews published in 2019 by BIMCO, ICS, and Witherby Publishing Group. It provides guidance to help shipping crews identify cyber risks, protect onboard systems, and respond to cyber attacks. The workbook covers topics like vulnerable ship systems, types of cyber attacks, prevention and training recommendations, procedures for detecting and responding to incidents, and considerations for both operational technology and business systems.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document is a cyber security workbook for ship crews published in 2019 by BIMCO, ICS, and Witherby Publishing Group. It provides guidance to help shipping crews identify cyber risks, protect onboard systems, and respond to cyber attacks. The workbook covers topics like vulnerable ship systems, types of cyber attacks, prevention and training recommendations, procedures for detecting and responding to incidents, and considerations for both operational technology and business systems.

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as doc, pdf, or txt
    11 views3 pages

    Кибербезопасность на судах .

    Uploaded by

    sergey kuznetsov
    This document is a cyber security workbook for ship crews published in 2019 by BIMCO, ICS, and Witherby Publishing Group. It provides guidance to help shipping crews identify cyber risks, protect onboard systems, and respond to cyber attacks. The workbook covers topics like vulnerable ship systems, types of cyber attacks, prevention and training recommendations, procedures for detecting and responding to incidents, and considerations for both operational technology and business systems.

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as doc, pdf, or txt
    of 3

    Cyber Security Workbook for On Board Ship Use, 1st

    Edition, 2019
    Just Published
    Рабочая книга по кибербезопасности для использования
    на борту судна, 1-е изд., 2019.
    This publication has been produced by BIMCO, ICS
    (International Chamber of Shipping) and Witherby
    Publishing Group.

    Цена, руб.: 17000 в РФ

     –   + 
    1
     
    В корзину

    Год издания: 2019 eng


    Издатель: BIMCO, ICS, Witherby Publishing Group

    Introduction

    In recent years, the shipping industry has undergone a digital revolution:


    internet connectivity on board has become common and ship’s systems are increasingly digitised and integrated.
    With this growing level of connection, comes greater risk. Ships are now a common target for hackers worldwide
    and it has become crucial that the entire crew has an understanding of how and when cyber attacks can occur.
    Using detailed, step by step checklists, Cyber Security Workbook for On Board Ship Use provides a ship’s crew
    with the practical skills to identify cyber risks and to protect vulnerable onboard systems. It also gives guidance
    on how best to detect, respond and recover in the event of a cyber attack.
    View YouTube Video
    См. MSC.428(98) * - Управление киберрисками в морской отрасли в системах управления безопасностью
    (СУБ) = Maritime Cyber Risk Management in Safety Management Systems.
    В ней говорится, что в утвержденных СУБ должно учитываться управление киберрисками и
    функциональными требованими МКУБ (ISM Code).
    ИМО призывает администрации обеспечить надлежащее устранение киберрисков существующих СУБ не
    позднее первой ежегодной проверки Документа о соответствии компании после 1 января 2021 г.
    *) указанная резолюция не опубликована в Сборнике № 57 резолюций ИМО .

    Contents

    Section 1 – Introduction


    Section 2 – Identifying Risks
    2.1 Vulnerable Ship Systems
    2.2 What is a Cyber Attack?
    2.2.1 Attacker Profiles
    2.2.2 Types of Cyber Attack
    2.3 Cyber Security Risk Management
    Section 3 – Protection, Prevention and Training
    3.1 Prevention of Malware Attacks
    3.2 Software Updates
    3.3 Endpoint Protection
    3.3.1 Anti-virus
    3.4 Passwords
    3.5 Cyber Security and the SMS
    3.5.1 Cyber Security and the Ship Security Plan (SSP)
    3.6 Crew Training
    3.6.1 Cyber Security Familiarisation
    3.6.2 Ship Cyber Response Drill
    3.6.3 Crew Training Cyber Security Checklist
    Section 4 – Detect, Respond and Recover: General Principles
    4.1 Detecting a Cyber Incident
    4.2 Detecting a Cyber Incident Checklist
    4.3 Incident Response
    4.3.1 Cyber Recovery Plan
    4.4 Responding to a Cyber Incident On Board
    Section 5 – Detect, Respond and Recover: Ship’s Business Systems
    5.1 Onboard Business Computers
    5.1.1 USB Ports and Drives
    5.1.2 Personal Devices and USB Ports
    5.1.3 Onboard Business Computer Checklist
    5.2 Network Segregation On Board
    5.3 Network Segregation
    5.4 Wireless Networks
    5.4.1 Business WiFi
    5.4.2 Crew WiFi
    5.4.3 Guest Access
    5.4.4 WiFi Network Security
    5.4.5 Virtual Private Network (VPN)
    5.4.6 Networks (Wireless and Wired)
    5.5 Satellite Communications Equipment
    5.5.1 Satellite Communications
    5.6 Cellular Data Connections
    5.7 Connecting to Shore WiFi in Port
    5.7.1 Shore WiFi in Port Checklist
    Section 6 – Detect, Respond and Recover: OT Systems
    6.1 Understanding OT Systems
    6.1.1 OT Systems Checklist for Crew
    6.2 ECDIS Security
    6.2.1 Recognising Genuine NAVTEX Messages
    6.2.2 ECDIS Cyber Security Checklist
    6.3 GNSS Security
    6.3.1 Cyber Security Checks on the Nav Bridge during Watchkeeping
    6.4 Engine Department Considerations
    Section 7 – OT Cyber Security: Onshore Office and IT Department Considerations
    7.1 Ship’s Architecture and the IDMZ
    7.2 Asset Management
    7.3 How is Data Transmitted?
    7.3.1 Convertor Security
    7.4 OT Systems Risk Assessment
    7.5 Securing OT Systems
    7.6 OT Systems Checklist for IT Department/Onshore Office
    Annexes
    Annex 1 – Regional Regulatory Guidance
    Annex 2 – Checking for Windows Updates
    Annex 3 – Creating User Accounts
    Annex 4 – Checking for Segregated Networks
    Annex 5 – How to Check that Anti-Virus Software Updates are Applied
    Annex 6 – Understanding NMEA 0183
    Annex 7 – EXAMPLE Cyber Security Familiarisation Checklist for New Crew Members
    Annex 8 – Abbreviations/Definitions
    Annex 9 – Further Resources

    You might also like