5 minute read
Cyber security
NORMA
paves the way
The Norwegian Maritime Cyber Resilience Centre (NORMA Cyber) was established on 1 January 2021. The centre provides cyber security services for the Norwegian shipping and maritime sector. More than 30 shipowners and operators have already become members,representing more than 800 vessels. NORMA Cyber is a joint initiative between The Norwegian Shipowners’ Mutual War Risks Insurance Association (DNK) and the Norwegian Shipowners’ Association. Lars Benjamin Vold, (above left) Managing Director NORMA Cyber, explains
Society has become more vulnerable as a result of new technology. We have seen several examples of cyber-attacks both nationally and internationally, and the shipping industry is as exposed to this risk as all other sectors. The Norwegian shipping and maritime sector needs to protect itself and therefore DNK and the Norwegian Shipowners’ Association are joining forces in a powerful initiative to prevent and deal with cyber threats against shipping, both against ships and against the shipping companies’ land-based organisations.
DNK has for several years provided a successful loss prevention programme focused on physical threats such as war, terrorism, and piracy, through their Intelligence and Operations Centre (IOC).
Throughout the last few years DNK has also provided services focused on cyber security. But by establishing NORMA Cyber, DNK is increasing this effort significantly. The centre will provide a system for effective information sharing, incident support and other proactive services.
Through this initiative the aim is to combine the members’ need for defending their own infrastructure with DNK’s work within loss prevention.
Since DNK is a mutual club, these interests are fully aligned. Together with the extensive collaboration with Norwegian authorities and other relevant entities, this gives a unique set-up which you can’t find anywhere else in the world of shipping.
We also see that some of these services are much more efficiently delivered from a centralised organisation than enables each member to build capabilities and competence independently.
It is obvious that we all become more efficient if security matter are managed on a collaborative basis.
Norwegian shipping and the maritime industry have long traditions when it comes to co-operation and information exchange within security and contingency preparedness. NORMA Cyber is now continuing that work with the services that it provides.
NORMA Cyber already provides regular updates to its member about relevant cyber threats and mitigation. The centre has also detected activity which is relevant for its members.
The centre has observed certain threat actors that specifically target the maritime sector and shipping. These are both nation states and cyber criminals with different motivations and goals.
RISE IN RANSOMWARE
Ransomware has increased significantly in recent times. From July 2020 until January this year we saw 17 maritime companies internationally suffering from ransomware attacks. Over the last 12 months it has also been observed that ransomware groups, in addition to encrypting data, also threaten to leak data.
This is done to pressure the compromised companies even
further to pay the ransom. Despite several law-enforcement operations which have taken down some of the activity, new groups and ransomware variants keep popping up.
Currently, most of the attacks on the shipping and maritime sector is hitting land-based IT infrastructure. But, as connectivity continues to increase on vessels and new digital and autonomous solutions are being used, the vessels are potentially also becoming much more vulnerable.
The consequences for vessels is obviously much higher than for land-based infrastructure.
For this reason, it is critically important to adopt an holistic approach when it comes to defending vessel and land-based systems and technology.
As vessels are increasingly connected the need for cyber security within this area is increasing. But the threats will likely come through land-based systems. Simultaneously, there are few indications that the number of pure land-based cyber threats is about to decrease.
The capacity that NORMA Cyber is now building is both innovative and important and the centre will be the first of its kind in the world.
On the one hand, we want to lay the foundation so that our industry continues its innovation work where digitalisation is crucial for sustainable development. On the other, we must ensure the security of new technology by applying the necessary competence and quality. This is best done by pooling resources in a joint effort against cyber threats
SECURITY OPERATIONS SERVICE
From June NORMA Cyber will also provide a managed Security Operations Centre (SOC) service for its members. The centre is already building up extensive competence within the area and is running a Proof of Concept with three larger shipping companies. The aim is to deliver a so-called Manged SOC service that is tailored for the shipping and maritime sector.
This will be the most proactive service where we monitor relevant systems to detect threats and provide early notification and mitigation advice to the member.
We need to move away from a situation in which members call to tell us about an ongoing incident, to a situation where we can call our members with an early notification This will hopefully avoid incidents from escalating. The full potential is also to investigate across several fleets and the digital activity observed and be even more proactive.
NORMA Cyber aims to deliver this service without distributing any hardware to the vessels or land-based organisations but rather through using technology that the members already have invested in.
BUILDING COMPETENCE
NORMA Cyber has hired several personnel with extensive cyber security competence during the last year. It will have eight employees from April 2021 and the latest recruits have extensive experience from vessel systems both on the IT side and on the vessel system side. The most important component when it comes to delivering quality for the members is competence. NORMA Cyber is now building up a unique team that consists of personnel with experience from cyber security, shipping, and vessel systems among other areas. By the end of this year, the centre will be staffed by a multi-disciplinary team of between 10 and 14 personnel.
Throughout the last few years DNK has
also provided services focused on cyber
security. But by establishing NORMA
Cyber, DNK is increasing this effort
significantly.
