Videoworks: cybercrime under control protecting superyachts
Tuesday, March 20, 2018 11:04 AM
Thanks to the increasing amount of digital technology on board super yachts, it is now easier than ever for owners, guests and crews to stay connected anywhere and anytime.
But the same technology exposes yacht systems and their passengers to the growing threat of cyber-related crime. These risks have to be well understood,managed and monitored.
The task is pressing. In May 2018, the General Data Protection Regulation (GDPR) will introduce obligations that impact companies offering services and products within the EU.
With over 25 years of experience as IT integrators in the yachting sector, Videoworks is ideally placed to analyse, define and specify bespoke cyber security solutions into new build and refit projects.
The cost of connection
Most onboard systems are interconnected and managed by VLAN, often via the same Int
ernet entry/exit point (VSAT, 3G, 4G, etc). This means all traffic goes through the same portal, so a hacker gaining access via a malicious email is a risk for the entire network, from AV systems through to alarms, air conditioning, engine management, security doors, navigation and monitoring systems.
This is not just scare mongering. In a controlled experimentin 2013, students from the University of Texas were able to “spoof” the GPS signals of a superyacht and send the vessel veering off course without rousing any suspicions whatsoever. In a different trial in 2017, a cybercrime specialist working for a mobile device company hacked into another yacht's WiFi connection and gained control of vital functions, including the navigation system and onboard CCTV.
Yacht owner to protect their on-board business
But the safety of the vessel is not the only issue. Many yacht owners conduct private and professional business while on board. This makes their personal data such as e-mail addresses, photos, videos or even bank account details, vulnerable to malware and phishing, a threat highlighted last year by the worldwide
ransomware attack on Windows-based computer systems.
As almost everybody on board uses the Internet connection, the risk could come from an unsuspecting
crewmember downloading a virus that self-installs and spies on passwords, or even hijacks the smart phones and computers using the network. All in a single click!
The industry emphasis to date has been on prioritising performance over security, but the threat of cyber
crime requires both. At Videoworks we know that protecting onboard systems and personal data involves more than just installing a firewall and antivirus, or occasional software updates and patches. Creating solutions tailored to individual performance and security needs also requires the knowledge and experience of a skilled IT integrator to combine the best products from established brands.
Kerio Control, for example, is an all-in-one threat and connection manager able to protect the yacht’s server via an Intrusion Prevention System (IPS) that monitors both entering and exiting net communications. In addition to next-generation firewall capabilities, the device offers Load Balancing to guarantee high-speed transmission for the most important traffic types, and optimal Internet connections by distributing traffic across multiple links. A Web Filter further allows administrators to deny or limit access to applications, websites and Internet services, protecting users and infrastructuresby preventing visits to known malicious sites, or those engaged in phishing and identify theft.
There is no fail-safe, single protection against a determined cyberattack. Instead, a layered approach is required to mitigate the security risk by making it much harder for hackers to penetrate the network.
Already on board a huge superyachts line-up
Videoworks integrated Kerio Control into their rack systems aboard multiple superyacht projects by Benetti, Baglietto, Perini Navi, Ferretti, Admiral and CCN, among others. Combined with Cisco’s “high network” devices such as Aironet Access Points, Catalyst Switches, 4000 series routersand next-generation
ASA FirePOWER firewalls, itprovides robust,integrated threat defense and security management before, during and after a security breach.