Superyacht captains and owners offered free cyber-security test

Superyacht captains and owners have been offered a free five-day assessment of their cyber-security risks, courtesy of a new partnership formed to combat cyber-crime.

Cybersecurity specialist Atlas Cybersecurity is working with technology and onboard entertainment firm VBH to analyse yachts’ cyber risks, ahead of the International Maritime Organization (IMO) Cyber Security Regulation, which comes into effect in 2021.

A spokesperson for VBH told Superyacht Investor: “The cyber-crime risks for superyachts are increasing, as the use of cloud-based data becomes ever more common and people become ever more confident on using the internet. Also, as onboard systems become increasingly complex, it becomes harder to keep track of open ports.”

Military-trained analysts

The security assessment by a team of military-trained analysts includes investigation of suspicious and malicious activity, with immediate action to address risks. No private files or information are accessed during the assessment. It relies on artificial intelligence and advanced analytics to analyse metadata – effectively data about data – produced by these systems.

Analysts study both IT and operational technology (OT) networks aboard the superyacht and any anomalies that are detected. The experts then provide insight and advice on what level of security is required.

The risks include not just financial fraud but direct threats to the safety of the vessel. The IMO warns of attempts to con captains by sending them fake fuel invoices, running into to tens of thousands of dollars, pretending to be from known suppliers. Owners have been targeted by fraudsters pretending to be brokers fraudulently inviting the transfer of funds. In the worst, hackers may have the capability of taking control of yachts, as happened to a commercial vessel recently. See more threats listed below.

‘How to protect owners …’

Atlas co-founder and CEO Benjamin Dynkin said: “The results of the cyber-security assessment will make it very clear whether a superyacht is running any risks onboard: We provide a detailed report showing exactly what issues there are and what action is required. It explains how to protect owners and their families, guests and crew. The fact that these technologies are also used by Fortune 500 companies illustrates that they are a proven product as these leading firms accept nothing less.”

A ship’s onboard IT and OT systems can be hacked just as easily as systems ashore, confirms the IMO. “Such security breaches have the potential to do considerable harm to the safety and security of ships, ports, marine facilities and other elements of the maritime transportation system,” according to the organisation. “IMO has taken the initiative to raise awareness across the industry on how to tackle risks by promoting a maritime cyber risk management approach.”

Meanwhile, more information about the free assessments is available here. Also, don’t miss captain Iain Flockhart’s latest opinion column View from the bridge, where he argues that the superyacht sector does not treat  the threat from cyber-security seriously enough.

Superyachts’ cyber security threats:

1)      Taking control of vessels

2)      Conning captains by sending thousands of pounds worth of fake fuel invoices pretending to be from known suppliers

3)      Fooling owners by pretending to be brokers fraudulently inviting the transfer of funds

4)      Blackmailing owners and guests into paying six-figure sums after the capture of compromising CCTV images.

Source: IMO.