The Coast Guard released this week a best practices Safety Alert in the wake of what is categorized as a growing cybersecurity threat landscape amid expanded reliance on technology to support vessels.
The Cybersecurity and Infrastructure Security Agency (CISA) is encouraging vessel and facility owners and operators to review the Coast Guard’s Safety Alert 06-19, which officials said could aid the maritime community in strengthening defense mechanisms.
Best practices initiatives include heightened awareness regarding segment networks, which allow an adversary to easily maneuver to any system connected to that network and conversion to subnetworks making it difficult for an adversary to gain access to essential systems and equipment. The alert also highlighted the benefits of eliminating generic log-in credentials for multiple personnel in favor of network profiles for each employee while limiting access/privileges to only those levels necessary to allow each user to do his or her job. The Safety Alert is also warning service members to be wary of external media -noting it is critical any external media is scanned for malware on a standalone system before being plugged into any shipboard network.
The guidelines also recommend users install anti-virus software and keep it updated.