Cybersecurity in yachting will become, if it’s not already, essential. Owners, worldwide navigation and complex types of ships are by now integrating on-board technologies in an intelligent way.
Looking at the various companies Haruspex seemed interesting. We spoke to its CEO Marcello Montecucco and expert Professor Baiardi.
Engineer Montecucco, what are the key points of your technology?
It automatically creates a digital model of the ICT infrastructures and the attackers, and uses it to predict which components will be attacked and with what probability of success before it actually happens. This suite simulates attacks against a system hundreds of thousands of times covering all possible cases and without disturbing in any way the normal operation of the system.
It automatically identifies the countermeasures to apply before the attacks, alternating the choice of countermeasures and the evaluation of their effectiveness until all attackers are blocked. This guarantees maximum effectiveness while minimising the number of countermeasures. Generally Haruspex intervenes on about 2% of existing vulnerabilities with a major reduction in security costs. It also works out, even if the countermeasures calculated were not applied, the how long the system would resist the attack.
It integrates and improves on the partial analyses of cyber security offers with traditional approaches such as penetration tests and vulnerability assessments that do not give complete results and do not guarantee to reduce cyber risk.
It makes it possible to customise both predictions and countermeasures to apply on the basis of the critical areas in the systems considered, the type of attacks it faces and the planned investment in security.
It can also carry out “what-if” analyses to evaluate the effect of modifications or unknown vulnerabilities. These analyses are possible both for existing infrastructures and for those still in the planning stage to anticipate future security problems with a “security by design” approach. It detects and correlates attacks in real time, suggesting the countermeasures to apply dynamically when the infrastructure is attacked. This makes it possible to minimise the impact of more costly countermeasures. It can detect false alarms (false positives and false negatives).
It is the only system in the world to supply “ICT Stress Curves“, which display immediately for how long an infrastructure will be able to resist attacks. Using stress curves, the suite guides and supports the choices of the SOC.
Professor Baiardi wise cyber security becoming increasingly important in yachting? Only on board or also in port?
The Guardian said something interesting at the end of an article on cyber attacks on ships: “Nobody bothers to close a window they don’t know is open.” Technological evolution and the adoption of smart technologies to command and control complex systems in sectors from industrial production to automotive and communications, has led to the design and construction of ships where the control of the ship and navigation is handled by a computer system.
This system receives information from a set of sensors (state of the engines, the helm, firefighting systems, the outside world) and presents this to personnel on board and then retransmits their decisions to a set of devices through a series of actuators. Sometimes navigational decisions are taken autonomously by other computer systems that pilot the ship automatically. Further information for personnel comes from the GPS but this information too is received and handled by computer systems.
As in other sectors, the main reason for increasingly complete automation is substantially economic because an increase in automation makes possible a reduction of the personnel needed to manage a complex system such as a production line or a ship. We can simplify by saying that the industry 4.0 trend has arrived also in the maritime sector both on board ships and in ports. As has already happened in industry 4.0, if one of the computer systems involved in the detection-decision-execution chain, for example the ECDIS in the maritime sector, is controlled by outsiders it is possible to upset the operation of the entire system and supply false information to personnel or the automatic systems to influence their decisions had repercussions that range from loss of the ship to collisions, or failure of firefighting or anti-flooding systems.
In the case of yachting, in addition to general problems of ship security and the interaction with port systems we have some specific problems. For example, it could be very easy to supply false information to the leader yacht into areas under the control of pirates or kidnappers. This may not be a problem for a military vessel but could easily be one for a yacht. Other interesting computer attacks can involve the privacy of people. Using the various computer apparatus and corrupting its operation it is possible to spy on conversations on board all steel images. Similar attacks have occurred in the past in offices or commercial areas and a large variety of computer devices makes them possible also on board a ship.
The possibility of attacking yachts has already been demonstrated experimentally in 2012. Currently there is an increase in the requests for assessment from insurance companies before stipulating policies on yachts. Companies operating in the sector speak of a “dramatic” increase in the number of requests. Trade publications also expect that to guarantee cyber security in the future every crew will include one member who is an expert in cyber security.