USB memory sticks have been commonplace for several years now. Their appeal lies in the fact that they are small, readily available, inexpensive, can be used over and over again, and can offer high capacity and portability of information between computers. USB drives offer convenience, but also come with potential security risks to our business and to your private computer and data.
The fact that USB memory sticks can be re-used is an advantage, but this is also one of the main reasons why they are a security risk. People tend to use the same USB stick on numerous computers, moving data from one to another. If one of those computers are infected with malware, you risk copying the virus to the USB stick and then onto another computer.
A global survey from last year estimates that half of the computers in countries like China, Turkey and Taiwan are infected with malware. Meanwhile, the lowest rates of malware infections globally are in the Nordic nations and in Japan, where only around 20% of machines are infected.
In my view, this indicates that three or four out of ten computers worldwide are infected with malware, so using the same USB stick on numerous computers poses a high risk of infecting both the USB drive and the computer.
A malware infection can cause many problems for the daily use of your personal computer. If the infected pc is an Odfjell computer, the daily operation of the vessel will definitely be affected.
Here are some of the many things malwares can do:
Slow down your computer. Once a piece of malware is in action, it begins to consume a large chunk of your computer’s memory. Many types of malware also replicate themselves and fill your hard drive, so there’s little room left for legitimate programs. This loss of space can lead to a sluggish computer, making it difficult to carry on with business as usual.
Restrict access to your files. Certain types of malware can damage or delete files and programs on your computer. Unless your data is backed up on another hard drive or cloud server, you won’t be able to regain access to files after a cyber attack. If the attack is on a computer on the administrative network on board, or even worse, on a computer connected to technical systems on board, the effects could be very serious.
Steal your sensitive information. Information theft is one of the most serious and costly results of malware. If pieces of malware such as spyware and trojans get installed on your device, hackers can collect your personal or company information. It could be very dangerous if, for example, pirate groups got access to information about the preventive measures our vessels are taking.
Spread throughout your network. Worms are an especially disruptive type of malware for businesses. Once this malware infects a computer, it replicates itself and spreads throughout the entire network, which means a worm could damage not just one computer, but the entire network. This is why we have segmented the networks onboard – one network for private use (crew-net), one network for administration (computers for Management Level Officers) and one separate network for technical computers.
Disrupt daily operations. Nearly every type of malware will affect normal business operations in one way or another. In the worst case, it could affect the handling of critical operations on board the vessel, like the navigation and cargo handling system, machinery management and power control systems. Our ships do have other monitoring systems, but failure on technical computers can cause confusion and delay handling of incidents and operations.
In the third version of the manual “The Guidelines on Cyber Security Onboard Ships” that was released on March 4th this year, the Baltic and International Maritime Council (BIMCO) reiterates:
Areas containing sensitive OT or IT control components should be securely locked, security and safety critical equipment and cable runs should be protected from unauthorized access, and physical access to sensitive user equipment (such as exposed USB ports on bridge systems) should be secured.
Let me also highlight a few points from the Odfjell IT Policy, stated in SMM 171402 IT Instructions.
Chapter 17: Private Laptops, Mobiles and Storage Devices, states:
Private storage devices like USB sticks or USB hard drives shall not be used to transfer files between computers onboard.
Chapter 19 Technical Computers states:
Technicians, external visitors should sign a document 1714F1 (on arrival at vessels or by accepting purchase order) stating they have an updated antivirus on their laptop and that they have scanned their USB stick before they use it onboard the vessel.
No portable USB storage devices like memory sticks or Hard Drives are allowed to be connected to any technical computer onboard without being scanned for viruses by an updated antivirus software.
Lately, we have had several vetting observations on vessels regarding the accessibility of USB drives on OT (technical) computers - bridge, engine and cargo computers. To force policy compliance, we are now in the process of installing USB locks on all OT computers on board all vessels.
Jan Ottemo
Senior Security Administrator
