Dear customers,
Thank you very much for using ORCA service.
A case was reported of a vessel that operated its chart system and business system on the same network, which resulted in a navigational problem when a fault occurred.
This is explained below.
Overview:
A case in which the installation of improper software on a business PC interfered with the functions of a Chart PC.
How this problem arose:
-A vessel had a PC for Chart software (for updating ECDIS) placed in the business network and was operating it.
-A crew member installed software on a PC on board without permission from the management company, and this software performed a malicious port scan on all terminals in the vessel’s network.
-As a result, the file-sharing port of each terminal was attacked, making its functions disabled.
-A Chart PC was also attacked in the same way and consequently the Chart update function was unavailable.
-The crews on the vessel failed to recognise this fact.
-The vessel was inspected by the PSC on arrival at port and it was found out that the required sea charts had not been updated.
-A subsequent investigation revealed that the cause of the inability to use the Chart update function was attributed to the malicious software.,
Risks pointed out:
-A case where a crew member installed software that was not authorised by the company on a work PC, resulting in the introduction of malicious software.
-A case where malicious software operated within the business network, resulting in a Chart PC in the same network also not functioning.
Rectification policy:
(1)Cyber training thorough education for crew members
This situation was treated as a Non-Conformity on the SMS manual because it was stated in the SMS manual that no software other than approved software should be installed.
(2)Separation of the network for business and Chart
The situation was deemed to be caused by the Chart system being in the business LAN, which was a contributing factor to the failure, so network segmentation was to be implemented.
Explanation of network segmentation:
In a ship’s network, this is a cyber security method whereby systems of high importance are not operated in the same network, but are divided into separated networks.
This makes it possible to ensure that problems that occur within a network do not affect other networks in a chain reaction.
This method is also explained in IACS E26 ‘Cyber resilience of ships’ in 4.2.1 and 4.2.2 as CBS (Computer Based System) network segmentation.
Network segmentation can be achieved by laying new physical wiring, but we recommend that virtual LANs are configured using ORION L2 and L2SW for network segmentation.
In the case of using a virtual LAN, no new wiring is required and it is also possible to deal with future expansion.
For more information, please see the attached file.
If you have any questions about this case, please do not hesitate to ask.
Best regards,