Stoyno Stoynov, Borislav Nikolov
Nikola Vaptsarov Naval Academy (Bulgaria)
Abstract. Daily cyber-attacks on ships’ IT and OT systems are not a rare occurrence anymore. This has been taken into account in recent years and the IMO has issued directives and circulars with recommendations for increasing the cybersecurity of ship information systems as part of the overall ship security system. The effect of a successful cyber-attack of any kind, on elements of the ship’s IT and OT systems, can have a disastrous impact not only on the ship itself but also on the environment. While modern ships can be designed and all modern methods implemented to reduce and prevent the possibility of cyber-attacks onboard existing ships, it is not possible to achieve this security level and it is necessary to implement various solutions. At the same time, the ships’ crew is declining worldwide and most ships do not have IT officers or trained staff onboard to maintain the ship’s information systems. Because of that, the solutions that need to be put in place to increase the security of ship’s information systems must be easy to implement, use, and maintain. This article examines the need and some technical solutions that can be used to improve the cybersecurity of ship’s IT and OT systems in response to the existing cyber-attacks and threats in the global shipping and maritime industry.
Keywords: ship’s information technology systems; ship’s operational technologies systems; unified threat management; cybersecurity; cloud-based service; virtual appliance