As cruise lines become more frequent targets of ransomware and other IT breaches, greater attention is being given to maritime cybersecurity.
According to Georgios Mortakis, Vice President, Enterprise Technology Operations and Chief Information Security Officer for Norwegian Cruise Line Holdings, cruise ships are as susceptible to cybercrimes as land-based facilities.
“Besides being a floating city, a cruise ship is multiple data centers,” Mortakis said, noting that the complexity and amount of IT needs of a ship depends mainly on its size.
Regardless of scale, however, cruise ships tend to be more elaborate from the technology point of view as they usually have several systems working at the same time.
“It ranges all the way from how, in your cabin, you can select entertainment or dining reservations for the evening, to how is the vessel navigating through propulsion, navigation and automation systems” Mortakis explained.
Over the past year, ransomware attacks and its attempts made headlines in the cruise industry, leading to systems, including those used for bookings, going offline and, in some cases, cruises being cancelled.
While this particular cybercrime isn’t something new, the recent incidents made the issue more visible for people outside the technology field, Mortakis noted, adding that the problem isn’t exclusive to the cruise industry.
“In essence, everybody is in scope as far as being attacked by ransomware. It’s an extorsion … if you are running systems – as we are – you are definitely in scope.”
One of the defenses against the attacks, is a practice known as cyber hygiene, which creates precautionary measures that help ensure the health of software and hardware.
Simulating attacks on the cruise lines’ systems is also a welcome practice, in order to identify and understand possible vulnerabilities.
The strategy for the companies ultimately demand “a proper risk assessment, to understand how much of a hygiene effort you need to put into a balance of cybersecurity awareness and training, and simulations,” according to Mortakis.
Data sharing with other attack victims is also a tool to avoid future cybercrimes.
“There are lots of common denominators that goes above and beyond the industry”, he said noting the necessity for “coordination, communication and partnership with others in the cybersecurity field.”