“It’s that easy,” said Globetech CTO Stein Erik Andersen. “It’s scary,” said the client.
This brief exchange of words was part of a larger round table dialogue when Globetech invited to one day seminar in Kristiansand recently. Shipowners from various parts of Norway attended the event that was filled with brief sessions and sharing of experiences and challenges related to onboard ICT security.
Globetech CTO Andersen scared most attendees with his practical analysis of digital security issues on ships. Andersen demonstrated how security breaches are exposed online and how easily available tools can be used to orchestrate an attack against a vessel or a company.
“Fake e-mail accounts and fake text messages are part of the hackers’ default set up. They often use some specific public information to lure more important information out of you,” says Andersen.
He used LinkedIn as an example:
“Many captains will post which vessel they are on. If you do a quick search on LinkedIn, you are likely to find the captain of a specific vessel. Most captains will also post which university they graduated from. So, if you send an e-mail from a fake university account, which contains an invitation to a reunion for old classmates, it is very likely that the captain will open the document you have attached,” said Andersen.
“If that document contains some kind of malware set up to exploit a known vulnerability, you could gain control over the entire vessel,” said Andersen.
He stressed that a small hacker effort could have enormous consequences and reminded that there are even darker parts of the internet where more advanced and more malignant operations can be ordered.
Cross-company learning
“This serves as a reminder of the importance of ICT security. It is something we are very aware of and continuously working on,” says Øyvind V. Rasmussen, HSEQ Manager at Awilco.
He was a returning attendee of the Globetech’s seminar.
“It is always useful to spend a day with Globetech in Kristiansand. They have the expertise we rely on, and they also arrange for their customers to discuss and share experiences, in order for us to learn something that could prove valuable for all,” says Rasmussen.
IT Manager at Siem Offshore, Terje Engebretsen, also appreciated the common interest in cross-company learning.
“Our industry has some very particular challenges. It is always good to come together to discuss different approaches and solutions,” says Engebretsen.
General Manager at Globetech, Hans Eirik Onarheim, confirms the statements above.
"We have facilitated this seminar for the last few years, and the experience and feedback from our clients has been purely positive. The importance of collaboration and cross-company learning cannot be underestimated, and these round table discussions have added value both for Globetech and our clients, says Onarheim.
"The planning for next year’s event is already ongoing and we are excited", he continuous.
Clients and Globetech team together. The seminar included a presentation and talk with Terje Marcussen, General Manager of Vipers and serial entrepreneur. With a genuine passion and engagement the topic of corporate culture and change management was an inspiring session.
