Cruise Lines Up Cybersecurity to Prevent IT Breaches and Ransomware Attacks

October 6, 2021

As cruise lines become more frequent targets of ransomware and other IT breaches, greater attention is being given to maritime cybersecurity.

According to Georgios Mortakis, Vice President, Enterprise Technology Operations and Chief Information Security Officer for Norwegian Cruise Line Holdings, cruise ships are as susceptible to cybercrimes as land-based facilities.

“Besides being a floating city, a cruise ship is multiple data centers,” Mortakis said, noting that the complexity and amount of IT needs of a ship depends mainly on its size.

Regardless of scale, however, cruise ships tend to be more elaborate from the technology point of view as they usually have several systems working at the same time.

“It ranges all the way from how, in your cabin, you can select entertainment or dining reservations for the evening, to how is the vessel navigating through propulsion, navigation and automation systems” Mortakis explained.

Ransomware

Over the past year, ransomware attacks and its attempts made headlines in the cruise industry, leading to systems, including those used for bookings, going offline and, in some cases, cruises being cancelled.

While this particular cybercrime isn’t something new, the recent incidents made the issue more visible for people outside the technology field, Mortakis noted, adding that the problem isn’t exclusive to the cruise industry.

“In essence, everybody is in scope as far as being attacked by ransomware. It’s an extorsion … if you are running systems – as we are – you are definitely in scope.”

One of the defenses against the attacks, is a practice known as cyber hygiene, which creates precautionary measures that help ensure the health of software and hardware.

Simulating attacks on the cruise lines’ systems is also a welcome practice, in order to identify and understand possible vulnerabilities.

The strategy for the companies ultimately demand “a proper risk assessment, to understand how much of a hygiene effort you need to put into a balance of cybersecurity awareness and training, and simulations,” according to Mortakis.

Data sharing with other attack victims is also a tool to avoid future cybercrimes.

“There are lots of common denominators that goes above and beyond the industry”, he said noting the necessity for “coordination, communication and partnership with others in the cybersecurity field.”

Cruise Industry News Email Alerts

EMAIL NEWSLETTER

Get the latest breaking cruise news. Sign up.

CRUISE SHIP ORDERBOOK

54 Ships | 122,002 Berths | $36 Billion | View

New 2024 Drydock REPORT

Highlights:

Mkt. Overview
Record Year
Refit Schedule
120 Pages
PDF Download
Order Today

New 2024 Annual Report

Highlights:

2033 Industry Outlook
All Operators
Easy to Use
Pre-Order Offer
Order Today

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.