Oil cargo ships at sea

Case Study

On the Right Tack – Staying Ahead of IMO Regulations, Cyber Threats, and Competitors

LNG Global Shipping Provider | Europe

This LNG global shipping provider based in Europe was looking for a proactive approach to maritime cybersecurity and compliance regulations. They sought to understand the cybersecurity risks on its vessels, improve the cybersecurity protection of its onboard vessel networks, and get aligned with the upcoming IMO 2021 regulation requirements. See how partnering with Mission Secure helped improve their competitive position with oil and gas clients.

Improved Onboard Vessel Cybersecurity
+
Alignment with IMO 2021 Regulations
=
Stronger Competitive Position with Oil and Gas Clients

fleet of gas carriers at sea two col

The Customer

The customer is an international owner, operator, and manager of LNG shipping services, providing support to global energy companies as part of their LNG logistics chain. With a consolidated fleet consisting of 35 LNG/FSRU carriers, the customer is focused on consistently delivering operational excellence across their entire fleet. Their main commitment is to protect the value of the cargo so their customers can deliver on their promises and protect their reputations. Thus, safety and cybersecurity are top concerns.

We are keeping our standards high; environmental standards, quality standards, and safety. And cybersecurity is very much a component of properly ensuring the safety of our vessels, people, and customers’ cargo.”
–Vessel Master

The Challenge

Knowing that their LNG/FSRU shipping customers now seek to engage with shipping partners that can demonstrate expert safety and cybersecurity results, the customer was compelled to demonstrate an improved cybersecurity infrastructure within its own IT environment and on its vessels.

To get started, the customer looked to baseline their existing cybersecurity posture and partnered with Mission Secure to conduct an in-depth IT / OT systems assessment, which included: vessel network walkdowns, external penetration testing, and an IMO 2021 cybersecurity framework scoring exercise. One key finding of the assessment was that vessel IT and OT networks are relatively flat and intertwined. A lack of internal segmentation and protection control measures can leave essential ship systems vulnerable to malicious actors who aim to penetrate a vessel’s network.

Additionally, the assessment concluded that since the customer’s crews constantly rotated vessels, they lacked onboard cybersecurity controls that offered simple access to views of each vessel’s network, including network assets, number of connections, and potential vulnerabilities that could leave the ship exposed to cyber threats.  The customer’s IT and vessel crews lacked the ability to enforce access controls for third-party vendors who could directly access and interface with critical vessel control systems onsite and remotely for upgrades and maintenance. Additionally, those vendors could easily change configurations and might inadvertently disrupt other in progress onboard operations.

The Proactive Solution

After reviewing the IT/OT systems assessment findings, the customer elected to deploy the Mission Secure Platform to:

  1. More thoroughly harden their vessel’s operational control system networks against cyber threats, and
  2. Address IMO 2021 security standards to address the urgent need to support safe and secure shipping, which is operationally cyber resilient.

The Mission Secure Console Appliances were designed into the vessel networks as control points for segmentation and to allow the customer’s IT organization to protect onboard control systems.

The customer relied on Mission Secure’s services team to install all Mission Secure Platform components, which included the Mission Secure Console and Console Appliances on each vessel. Following installation, a series of hardware functionality checks and a run-through of all vessel systems were conducted to ensure proper functionality prior to vessels leaving port. Network monitoring was installed and a network segmentation plan was designed and deployed on each vessel. These installations:

  • Protect vessel networks from inbound traffic from untrusted, connected third-party networks
  • Protect onboard, networked critical control systems from unauthorized or unintended local area network traffic
  • Protect external networks from outgoing traffic from a possible vessel network intrusion

After deployment of the new cybersecurity platform, the customer initiated a second penetration testing exercise executed by Mission Secure cybersecurity research personnel. With the Mission Secure Platform in place on vessel networks, all penetration attempts were successfully prevented-even those that were previously used to breach vessel networks during the initial OT assessment.

Customers are putting a lot of trust in us, and I think this is due to our meticulous safety record. Partnering with Mission Secure to assess, plan, and implement improved vessel cybersecurity has us well on our way to demonstrating IMO 2021 compliance.”
–Marine Assurance Coordinator

How Improved Vessel Cybersecurity and Regulation
Alignment Led to a Competitive Advantage

Onboard Vessel Cybersecurity icon

Improved Onboard Vessel Cybersecurity

Industry Standards icon

Alignment with Industry Standards -IMO 2021

Ahead of the Competition icon

One Step Ahead of the Competition

Improved Onboard Vessel Cybersecurity

With the Mission Secure Platform deployed on its vessels, the customer’s IT organization and ship’s crews can now ensure the protection of their vessel networks. They can observe and map onboard network connections and activity to determine how devices communicate with each other internally on the vessel’s network, and externally via the onboard satellite communications network for Internet access. They can automatically identify and block unnecessary vessel network activity that can adversely impact network operations, performance, and threaten the onboard critical control systems. Ship’s crews can defend against intrusions through the use of logical security zones and protections configured to block and alert on any and all unauthorized and unknown traffic and/or protocol communications. The customer now realizes the following cybersecurity benefits:

maritime control room two col
Comprehensive Network Monitoring

Continuous monitoring of network IP levels, network mapping and asset discovery, as well as logging and notification of unauthorized access attempts and network scans through configuration rules. In one example, the local engineering team onboard one vessel discovered a connection unknown to the corporate IT team. The ship’s crew had connected to a PLC cabinet that operated several onboard pumps to provide remote access for a third-party vendor. The Console Appliance was deployed to act as a barrier between the third-party remote access and the main ship network until network rearchitecting could be initiated in port.

Zero Trust Segmentation and Protection of Onboard Critical Control Systems and Services

Establishment of a zero-trust cybersecurity model where only authorized traffic is permitted and all other traffic is denied. This model includes protecting the vessel network against brute force cyberattacks, denial-of-service (DoS) attacks, misconfigurations that could cause denial-of-service, and unintended/accidental operator actions. In one example, the customer discovered and blocked unauthorized NetBIOS traffic from a third-party Windows device that the customer had no control over that was flooding one vessel’s onboard network with NetBIOS traffic.

Alignment with Industry Regulations, Standards, and Frameworks

The customer is now in much closer alignment with global cybersecurity regulations, specifically IMO 2021, and others such as ISO 27001 and best practices from the NIST Cybersecurity Framework. Additionally, in working with Mission Secure for on-going 24/7 managed services, Mission Secure can work with the customer to maintain compliance as regulations evolve over time.

Safety and cybersecurity are not based on frameworks or checklists; for us, it is a habitual action. We have lower downtime than our competitors due to the preventative maintenance we implement on our vessels. Cybersecurity is a key program in minimizing downtime risk as well. We are extremely pleased with our partnership with Mission Secure to improve our overall operational cybersecurity.”
–Vice President of IT
aerial view of gas carrier ship at sea two col

One Step Ahead of the Competition

Cybersecurity and safety programs are important considerations to oil and gas companies when selecting and working with shipping partners to transport their hydrocarbon products. The customer understands this fact well and works to stay one step ahead of competitors based on the strength of their cybersecurity and safety programs. Working with Mission Secure to protect their onboard vessel control systems puts the customer ahead of their competition and helps them expand business with key existing oil and gas clients and steal business from competitors.

Mission Secure Products and Services Used by this Maritime Shipping Provider

Mission Secure OT Cybersecurity Assessment:

This assessment included vessel network walkdowns; network monitoring, packet capture and assessment; penetration testing of the IT and on vessel OT networks; resulting cybersecurity findings and recommendations report and executive presentation; and go forward design guidelines.

Mission Secure OT Cybersecurity Platform:

These platform deployments included the Mission Secure Console and Console Appliances on each vessel and were purpose-designed and easily installed without any disruption to vessel operations providing vessel control system network visibility, protection, and segmentation.

Mission Secure 24/7 Managed Services:

The customer is now in the process of bringing on Mission Secure for 24/7 Managed Services to manage visibility, protection, threat hunting and incident response support for their on-vessel control system networks.

Safeguard Your Vessel’s Critical Operations

Stop cyber threats head-on and safeguard your operations
with 24/7 military strength and industrial-grade protection.

Get a Demo