Image
NEW: Introducing our Ammonia-Prepared notation and Rule Note
To support ship owners, Bureau Veritas is developing new Rules for ammonia as fuel and requirements for a class notation (Ammonia-Prepared).
May. 10 2021
Image
CyberWatch by Bureau Veritas: June 2024
INCIDENT
Black Sea AIS spoofing incident
In a recent large-scale AIS spoofing event, nearly 80 vessels in the Black Sea transmitted incorrect AIS positions. The affected ships notably appeared to be located at airports in Crimea and Novorossiysk, all while moving at improbable speeds. While the Black Sea has seen AIS spoofing incidents before, it is uncommon to see so many vessels involved.
👉 Read more
THREAT
Malware intrusions in European cargo shipping
Slovakian cybersecurity consultancy ESET flagged intrusions targeting shipping companies in Norway, Greece, and the Netherlands. Based on the use of Korplug malware, ESET has attributed the campaign to the China-based Mustang Panda threat group.
👉 Read more
PUBLICATIONS
MTS-ISAC releases Annual Report
The Maritime Transportation System Information Sharing & Analysis Center (MTS-ISAC) have published their annual review. The report flags rising cyber risks associated with the geopolitical context and the sector’s ongoing digital transformation, but also highlights fruitful collaborations in the industry.
👉 Read more
REGULATION
Maritime Cyber Risk Management Guidelines update
The revised guidelines resulting from MSC-108 should harmonize requirements within existing frameworks and clarify what to expect during cyber risk management surveys and inspections. The summary report by Bureau Veritas Marine & Offshore below includes a table listing the finalized and/or adopted texts.
👉 Download the summary (PDF)
France issues autonomous crafts decree
The French government issued decree number 2024-461 regulating the operation of autonomous ships and maritime drones and amending existing laws to incorporate these technologies. The decree outlines procedures for registration, identification, safety inspections, sanctions, and operator training, as well as region-specific adaptations for overseas territories.
👉 Read more
US Coast Guard incident reporting controls
In February, the US Coast Guard issued Navigation & Vessel Inspection Circular number 02-24 providing guidance on incident reporting. The circular includes rules for cyber incident reporting to various bodies, notably the Federal Bureau of Investigation and the Cybersecurity & Infrastructure Security Agency (CISA).
👉 Download the document (PDF)
TOOLS
Singapore Online Cyber Health Tool
In response to rising cyber threats, the Singapore Shipping Association and the national Maritime & Port Authority rolled out an online risk calculator. This self-assessment tool is based on questions drawn from the NIST framework, adapted to the reality of vessel systems and fleet operation.
👉 Read more
Microsoft releases OT forensic tool
Performing asset discovery in Industrial Control Systems environments remains a challenge for many players that is seldom addressed by popular cyber security tools. By releasing the open-source ICSpector framework, Microsoft aims to facilitate this kind of OT-specific incident response.
👉 Read more
