What would you do if a hacker took over your ship?

You are on the bridge, with the ship’s course shown on the digital screen. But why does the ship keep turning west?

Everything looked normal on the computer screen in the dark garage—but outside, the land was dangerously close. What’s happening?

Downstairs in the engine room, the workers reported over the radio that everything was fine, but they wondered why the bridge had changed direction. The engines are revving and the ship is accelerating. The engine room can’t do this. What now?

Cybersecurity is a hot topic for the whole world Marine industry, as well as in academia. Recently, a joint team conducted a brand new cybersecurity course at NTNU in Ålesund.

Probably the first of its kind

The Norwegian University of Science and Technology (NTNU) in Ålesund’s program for the maritime industry has just offered a new course entitled “Maritime Digital Security” (in Norwegian).

For two months, course participants looked at digital threats. They assessed the risks of existing digital threats and practiced realistically Cyber ​​attack on a cruise ship. The main focus is on managing the risk of cyber attacks and building resilience.

“Where information technology and people meet, there’s room for digital vulnerability. Marie Haugli-Sandvik and Erlend Erstad said that security breaches can occur through ship systems, through port systems and through the people who operate or monitor them.

Both are PhDs. candidates in the Faculty of Ocean Operations and Civil Engineering at NTNU. They are studying how the maritime industry can be better equipped to handle cyberattacks.

Two PhDs. candidates have developed and are currently running the maritime digital security course, which appears to be the first of its kind in Norway.

The course was included as part of a doctoral thesis they were about to complete.

Grow in the same industry

“We developed this course in close collaboration with the industry,” says Erstad. “We listened to what they wanted, looked at their needs objectively, and then tested the best solution we could come up with.”

“It’s better to have an overarching vision and different approaches to new projects and methods. Older businesses can also benefit from a new look. NTNU is a good place to try. new ideas. As researchers, we can help meet pressing industry needs and discuss solutions with them for the future,” says Haugli-Sandvik.

Inadequate training in cybersecurity

Haugli-Sandvik conducted a survey this winter with 293 deck officers from 11 large ship owners offshore in Norway.

• 83% say they have attended some form of cybersecurity training.
• Fifteen percent responded that they had never been trained.
• Two percent don’t know if they’ve been trained.

“82% of deck officers say they have received training in the form of e-learning and/or they have participated in digital safety campaigns submitted by their employers,” she said.

To a large extent, the employer is responsible for this training, in the form of courses. This proves that industry wants to take responsibility, Haugli-Sandvik believes. But there are many generic and standardized IT security courses.

“But most of the training is not directly operational and/or adapted to the maritime industry,” says Haugli-Sandvik.

This is exemplified by the fact that 66% of deck officers surveyed said they were unsure or disagreed that they were trained enough to deal with on-board cyber incidents.

Main Consequences

Digital IT events can have consequences for vessel operations. They can affect administrative systems for vessel manifests, passenger lists, digital certificates and sailing permits, etc. This can delay or impede operations.

Companies experiencing these problems can experience serious financial consequences and damage to their reputation.

The Norwegian National Security Service (NSM) points out that activity in the cyber world can be so complex that we don’t really notice and covert activity can be hidden for a long time. How should ship crews react when potential threats are discovered?

How can a ship’s crew make a good advance judgment or make concrete decisions in the short time frame of a few minutes before the ship runs aground?

Knowing what to do, to prevent this from happening, and to practice what to do if it happens, is vital to the industry.

Deck and Cybersecurity Officer

Haugli-Sandvik’s doctoral thesis examines how deck officers face cyber risk at sea.

“My project is part of my work at one of NTNU’s 12 centers for research-driven innovation. This center, SFI MOVE (Marine Operations in a Virtual Environment), works with the way operations work. What the future maritime might look like through the use of digital twins, machine learning, and land-based control centers,” she said. “I’m working on how to develop targeted risk communication, training and guidelines for maritime cybersecurity. I’m also looking into what tools we should develop to deal with risks. new networks we might encounter at sea.”

On the other hand, Erstad is looking at cyber resilience at sea.

“I’m looking at the best way navigators can resist, prepare, and overcome, Cyber ​​attack against integrated navigation systems on ships,” he said.

Erstad said researchers have benefited from working with researchers at the Cyber ​​SHIP lab at the University of Plymouth in the UK, which also works with maritime cybersecurity.

To practice real-life actions and situations in a safe environment, NTNU has opened a Network Scope, (in Norwegian) developed specifically for the maritime sector. Scope Network allows practitioners and researchers to uncover vulnerabilities in the marine navigation and control systems for ships.

simulated event

Larger course assignments based on train simulations at NTNU in Ålesund. These emulators also have a unique design when it comes to realism. Participants take their seats in ship simulations, designed to resemble a bridge on a larger ship moving in the North Sea.

“We created a simulation scenario that is close to what actually happens on a ship, as well as what happens in ship-to-land communication. But even though the scenario uses marine bridge simulations On a large scale, the focus is mainly on getting a good discussion going,” Erstad said.

The exercise also included participants from DNV, marine insurers Hull Club Norway, NORMA Cyber, Solstad, public organizations such as the Norwegian Coastal Administration and the University of Science. The Norwegian Domestic App, as well as from the University of Plymout, were invited as observers and resource persons in the simulation.

“We learned the most from the dialogue between the actors during rehearsal and in the evaluation that followed, especially because then you could see what was rehearsed and what was being done,” says Erstad. the event body from a different perspective”.

Strengthen weak link

Professor Kevin Jones heads the Maritime Cyberthreats Group and the Cyber ​​SHIP Lab at the University of Plymouth. He pointed out that a cyber attack can cause major problems for the global economy and trade.

“When the large container ship ‘Ever Given’ ran aground in the Suez Canal, it was caused by weather and wind. While this was not a cyber attack, the incident shows that the consequences can affect a vulnerable global system,” Jones said.

90% of world trade is predicted to be related to maritime transport, through the maritime supply chain. It is quite possible to believe that a similar incident could occur due to digital vulnerabilities, due to unauthorized access to computers and control systems.

“The weak link is people and we have to strengthen this link. People are the resource on board that can handle such a situation,” Jones said.

Adaptive skill development

Specific exercises and courses with participants, helpers, and observers underpinned the two Ph. the candidate’s view that it is important to tailor skill development to the particular circumstances of the moment.

The course provides a clear practical approach to risk management from a digital perspective. This is also included as part of NTNU’s master’s program in maritime operations management.

“It is important for businesses in the maritime sector to be familiar with their values, the digital threats and vulnerabilities they present. Managers need to know their employees will be able to. deal with digital threats and understand their need for skills in working with digital security,” Jones said.

The next course in Maritime Digital Security is scheduled for this fall. The offer will then be tailored to an even greater extent for managers, middle managers, operations (sailing) and administrative staff in the maritime sector, but will also be very useful for other industries.

Related research has been published in the journal Maritime Magazine WMU.