Maritime Very Small Aperture Terminals (VSAT) are two-way satellites used to transmit and receive real-time data but, despite their important role in ship connectivity, they can pose cybersecurity risks as access points to ships’ infrastructure and data, while also being targets themselves. Access to a ship’s OT could enable cyberattackers to gain information that could facilitate pirate attacks. At the same time, VSAT connections contain data that could be stolen, from nautical charts to personal details such as passport and credit card numbers. Cyberattacks can range from stealing the data to disrupting shipping.
Cybercriminals can attack VSATs via unsecured passwords, open ports and unupdated firmware, breaking into the IT infrastructure gear, exploring segmentation and OT layer access issues, and taking control of OT devices. Hackers will scan for open ports in telecoms equipment to gain access to ship IT networks and attack vulnerable OT networks. Weak passwords can also be exploited using “brute force” techniques.
To improve cybersecurity discipline and best practices Reperion, a cybersecurity company, recommends measures such as cybersecurity policies and procedures to ensure good cyber hygiene across organizations. VSAT scanners can improve cybersecurity discipline through constant checks, providing protection against 90% of attacks. Finally, intrusion detection systems and endpoints could be introduced on the ship to protect against insider attacks and improve OT protection.
Andrew Sallay, CEO and co-founder of Reperion, emphasizes that ships are relatively isolated and are often not refreshed, resulting in legacy technology, weak passwords, lack of endpoint protection, over-reliance on VPNs and poor configuration management. Sallay believes that investment in cybersecurity measures can lead to cost savings by reducing maintenance on older and vulnerable technologies, avoiding cyber-attacks and minimizing delays to deliveries.
Jessie Hamill-Stewart, a PhD candidate in cybersecurity at the universities of Bristol and Bath, adds that terminals remain vulnerable to third parties wishing to gain unauthorized access to propagating malware, intercepting or even manipulating data. Hamill-Steward believes that by improving the user experience and reducing the amount of human intervention required to manage the connectivity, it is possible to eliminate user-related errors and misconfigurations and enhance the resilience of the maritime SATCOM system.