Ships infected with ransomware, USB malware, worms

We’ve taken the standard precautions, virus software, passwords, backups and so forth. I’ve taken a few additional steps as well, for example create my own back-ups.

The principles of computer security are similar to general ship security, 100% not possible, evaluate risks, mitigation efforts etc. Lots of material on the basics available.

The company needs to have a reasonable system in place.

To overcome virus infections and also ransomware I use Active@ Boot Disk which is a very complete and easy to use nifty little program. The self-contained boot environment by-passes the operating system allowing to boot unbootable, crashed or hostage held PC’s. However, it is necessary to have the discipline to make new images at regular intervals.

With the software you can create disk images which can be reinstalled in very little time. Just format the computer’s drive and boot it again via the Active@ boot disk or USB stick and reinstall the previously made image. That is all there is to it, no rocket science or high level IT skills required.

Especially on a ship, with no direct shore support available, such a simple backup possibility is, I think, a must. I have both a boot disk and a USB stick with the boot software, I like to always have spares around…

1 Like

for the windows based crap it should all be windows embedded then a reboot will remove any virus

Guard P&I issues advice on cyber security in shipping:
http://www.gard.no/web/updates/content/26742440/it-is-time-to-strengthen-your-onboard-cyber-security-procedures

An embedded operating system sounds like a very sensible approach for ECDIS.

1 Like

Not entirely true Transas (an American company) bought over an Russian defence outfit which used PC to run simulators as opposed to the mini and mainframe computers. My previous employer had a reasonable simulator running 62 PCs…

Chief (Unlimited), 2:1 Honours (that’s a Masters in American), I KNOW IT stuff!

Nice photo of the hand sketches of the mountains and courses and distances in the good old Hansen’s Handbook which was the Inside Passage Bible. It is a fantastic aid to steering by eye and maintaining an approximate position areas where the visual references often look very similar. In the GPS and electronic chart plotter era, visual “marks” and Hansen’s Handbook have fallen out of favor. Most guys under 50 have never heard of it.

I believe that Captain’s Nautical is still selling photocopies of Hansen’s Handbook.

I know what you mean regarding Singapore. On a voyage to the USA my Sat B went down and fortunately the very talented electrician I had was able to cannibalise some electronic parts from other equipment to get the system up and running again. Yes it is possible to send the information required by the NOA by Sat C to the agent ashore to be assembled into the form required but the task of doing it is really time consuming and expensive in agency fees.
The USB port for the ECDIS was protected by a locked cover and only used by the Second Mate and myself with a dedicated Stick in my care.
Remember how long it to for them to get around updating DP systems from XP when it was no longer supported to. Windows 10.

I lost sat comms that was used by email on a coast-wise trip a few years ago. I sent an email telling the company via SAT-C and the reply was simply OK, let us know when it’s fixed, no plan to assist with comms at all. Worse they sent the reply to the regular email address so I never saw the reply till later.

Turned out we did manage to get the SAT comms up on our own using parts from another system. We were down for about 12 hrs or so.

Having to send messages via SAT-C was very time consuming and inconvenient to say the least. The whole system assumes email ability and functions poorly without.

I have consulted my computer security gurus.

They say that embedded operating systems are not really an effective cure for ECDIS security. Limited access chips and a limited access operating system would be far too expensive. Any type of custom USBs and connectors are expensive and still easy to defeat.

Good antivirus software with frequent updates is the best defense.

you dont need updates for industrial systems, plenty of old Windows NT version running equipment all over the world, that includes DP systems.
You can still get support, just that its not free.

Antivitus software comes out after the baddies invent the problem, you are always behind the 8 ball.
If embedded systems are too expensive for control systems, then you you have another problem. I think you will find vendors will move to it regardless.

The computer gurus tell me that embedded systems are a partial defense, but still subject to security breaches, particularly by Nation State hackers with lots of resources.

I’m told most computers have an older 386 management chip that has a backdoor that is routinely exploited by national intelligence services. They can access your data or take control of your computer anytime they want to.

I’m told that the best security is good, frequently updated virus protection, but even that will not prevent intelligence services, and really committed hackers from finding a way into a computer.

Would said person be prone to seasickness and be of a smaller stature?

2 issues here, PC’s that are on the internet and ones that are not but need updates.

With our IT tech, this is standard: All equipment software should be backed-up, catalogged, and put in the safe. All personal computers should be scanned before allowing interface into the vessel’s internet. Personal USBs, hard drives, etc…are prohibited and USB locks are installed on all critical equipment. Passwords should be controlled by one individual, and kept in Master’s safe. Technicians with new software must have HIL test certification for current update.

Lord Nelson

…our guy had both arms and, at least as far as I know, both eyes. Although he used to tilt his head back and forth when he was stumped by the field stations so, mayyyyybeeeee…

That would require installing safes on a lot of boats in my company… and a lot of locksmith charges when illiterate coonasses forget the combos.

Otherwise this is good though.

1 Like