Inland Towing Cyber Threats

Maritime cybersecurity efforts should not be limited to just international deep draft fleets or large towing operators but practiced by every vessel operator with an interest in protecting vital client and company commercial data.

The single largest cybersecurity threat to the US inland towing industry is the number of unpatched laptops & servers running onboard towing vessels and located at shoreside facilities.  Unpatched servers, or those which have not installed and are not operating with the most recent patch, create a serious vulnerability that could allow attackers to hijack vessel and company servers.

Microsoft periodically issues patches that are meant to plug security gaps in complex software solutions which they manufacture.  Workboat operators must assure that their IT techs, or IT contractors, are updating software on a regular basis to prevent hackers from penetrating into company or vessel systems.  Unfortunately it takes little time for hackers to develop tools and methods to exploit update weaknesses which makes pre-emptive action that much more critical on the part of your company’s IT solution provider.

USCG Vice Admiral Michel reported at the Command, Control, and Interoperability Center for Advanced Data Analysis held at Rutgers University in early 2015 that a hacker had brought a port in the Eastern US to a halt.  If a hacker can deliver to that type of effect upon a major US port than it should go without saying that part and parcel of marine industry best practices should include the updating of all software patches.

A recent General Accounting Office report on cybersecurity weaknesses demonstrated that maritime security has been focus on physical security on vessels and port facilities while placing little emphasis on the damage hackers could inflict upon US ports and waterways through the use of simple GPS jamming devices.