Rise in cyberattacks on yachts leads to new legislation

Share
New regulations came into force on January 1st and require vessels to prove they have cyber security resilience, these have been welcomed by the industry

Superyachts and motor yachts are increasingly under attack from cyber criminals who sense rich pickings, according to cybersecurity company C3IA Solutions. The company says attacks in the maritime sector shot up by 40 per cent in just 12 months pre-Covid and continued to rise through the pandemic.

In reaction to the trend, new regulations came into force on 1st January 2022 and require vessels to prove they have cyber security resilience. This International Maritime Organisation (IMO) code currently relates to vessels in excess of 500 gross tons but all yachts with computer systems are at risk.

Jim Hawkins from C3IA Solutions says: “We have been particularly busy working on motor yachts and superyachts across the world but also in the UK. With attacks having increased dramatically in recent years owners and operators are much more aware of the risks. While the new IMO code relates to large vessels, it might in future be amended to encompass much smaller boats and it is always best to be prepared.

“Superyachts’ systems require updating and protecting just like any other system in a home or office. But there are added risks on yachts which makes them more vulnerable. These include the rotation of crews and stays in boatyards. Charter boats also have a rotation of those using them and the more people going on and off boats necessarily means more opportunities for criminals to take advantage and plant listening devices or computer malware.

“Our teams are experienced in technical surveillance counter-measures (TSCM) - known as bug-sweeping - and are doing more work on yachts in order to provide assurance to the owners. Other teams carry out penetration testing – something we can do remotely – to test the security of onboard IT systems.

“Obviously with the rich and famous owning and using the yachts they are a high value targets for hackers. The data and information contained on them could be extremely valuable. The new code is now being enforced and will help burst the myth that by being at sea you are somehow less vulnerable to attack.

“Insurers too are becoming more concerned and often now demand proof of cyber resilience before offering cover. Testing should be a routine activity for all yachts and it is extremely positive that the maritime sector is catching up with cyber security requirements,” he adds.

Share

Featured Articles

VCARB & Dynatrace Accelerate AI For F1 Racing Performance

As real-time monitoring becomes crucial in motorsport, F1 team VCARB partners with Dynatrace to implement AI analytics and security systems

Apple's Siri: How The Most Private AI Assistant Works

After a lawsuit, Apple is eager to prioritise privacy in Siri through its on-device processing, minimal data collection and advanced security protection

How The UK’s AI Plan Will Impact The Cybersecurity Sector

The UK’s £14bn AI investment requires enhanced cybersecurity measures as Kyndryl and Vantage Data Centres prepare for infrastructure expansion

Darktrace to Acquire Cado Security in Cloud Defence Push

Cloud Security

Sophos MDR Reports 37% Customer Growth in Cybersecurity Push

Cyber Security

Netskope Data Shows Phishing Success Rate Tripled in 2024

Cyber Security