Page 206 - ΝΑΥΤΙΚΑ ΧΡΟΝΙΚΑ - SEPT 2025
P. 206
Horizon from the bridge
ing is the deliberate manipulation messaging services or applications,
of Automatic Identification System such as WhatsApp or WeChat, con-
(AIS) data to deceive AIS tracking stitute risky behaviour.
systems about the identity, posi- 4. Insecure network connections: Con-
tion and other information of a necting insecure equipment to criti-
ship. GNSS spoofing involves the cal vessel networks creates a risk of
transmission of fake or tampered spreading malware or inadvertently
satellite signals to deceive a Global providing remote access to critical
Navigation Satellite System (GNSS) equipment to threat actors. Ena-
receiver. Reports from the US Coast bling the vessel’s computer hotspot
Guard Navigation Center indicate and connecting personal devices
an increase in this activity during such as computers, mobile phones
2023 and 2024 in areas of geopo- or tablets to connect to the inter-
litical conflict, such as the eastern net, or connecting personal devices
Mediterranean, the Black Sea, the of crew members or guests to the
Red Sea, the coastal waters of vessel’s internet network, either
China, and the Persian Gulf. via Ethernet cable or Wi-Fi, without
proper security procedures should
Seven “deadly sins” of insecure behaviour be avoided.
1. Payments to unverified parties: 5. Unauthorised remote access: Pro-
Payments made to fraudulent par- viding remote access to unknown
ties pretending to be legitimate or unauthorised parties. Crew mem-
suppliers, such as making payments bers should avoid responding to
before checking the accuracy of unplanned or unauthorised requests
bank account details or complying from any third party claiming to be
with requests to change the benefi- a vessel or equipment manufacturer
ciary’s bank account before checking to provide a remote connection to a
the validity of the requester. Ideally, vessel system. Other risky behaviours
checking and confirming the validity that should be avoided include pro-
of the requester should be done ver- viding remote access to an unknown
bally over the phone. IP address or leaving remote connec-
2. Insecure use of removable devices: tions open long after the intended
Poor control of removable devices task has been completed.
such as USB, external hard drives, 6. Dangerous software downloads:
or mobile phones creates the risk Downloading unapproved, unwanted,
of spreading malware. This risk is or dangerous software that may
particularly serious in cases where contain malware or serious vulnera-
the removable device is transferred bilities. Downloading software from
between information technology (IT) unknown or untrusted sources must
and business technology (OT) sys- be avoided. The most common dan-
tems. Risky behaviours include con- gerous software downloads in 2023
necting the same removable device and 2024 included PDF editors,
alternately to personal computers image editors, and computer games.
(PCs), third-party devices, com- Crew members often download PDF
pany IT equipment or OT systems, or image editors with the good inten-
e.g., Electronic Chart Display and tion of trying to edit a document
Information System (ECDIS), Global needed to complete ship or port
Maritime Distress and Safety System operations. However, this inadvert-
(GMDSS), or other operational pan- ently introduces cyber risk.
els and human-machine interfaces 7. Supply chain attacks: This occurs
of OT systems, without scanning the when a shipping company inadvert-
removable device for malware. ently provides access to a threat
3. Insecure links: Clicking on insecure actor through a shipping supplier’s
links that lead to suspicious or mali- computer systems. Examples of risky
cious websites. Clicking on links in behaviour that should be avoided
emails from unknown or untrusted include over-trusting connections to
sources or clicking on links sent via third-party systems without validat-
204 NX
