This post is also available in: heעברית (Hebrew)

An oil spill such as the one that has drenched Israel’s coastline in tar, can be replicated by hackers that remotely take control of a vessel’s systems.

Ports and ships have become an increasingly attractive target for hackers, and the damage from a single attack can reach several million dollars for each incident. Attacks on vessels’ operational technology networks and systems have increased by 900% in the past three years, cybersecurity platform Mission Secure reports.

Over this backdrop, the year 2021 has ushered in a new era for maritime cybersecurity. The International Maritime Organization, a UN body responsible for regulating shipping, began implementing a series of regulations aimed at lowering the risk of cyberattacks on the high seas. As of January 1, all vessel owners and operators are required to comply with what is known as Resolution MSC.428(98), which aims to ensure that safety management systems are up to par.

As more and more devices onboard vessels are digitized, the US Coast Guard also recently issued a new set of guidelines intended to counter cyberattacks at facilities regulated by the Maritime Transportation Security Act (MTSA), a major legislation enforced in 2004 and impacting some 470,000 US facilities. 

As the maritime sector focuses on the growing cybersecurity threats facing the industry,

an Israeli startup is bringing the defenses of ships and ports up to speed. Cydome has launched an end-to-end cybersecurity solution intended to bring vessels and ports into compliance with the new global regulations.

“Cybersecurity, safety and risk management are of utmost importance as computer systems and technology play an increasing role in systems and equipment throughout the maritime environment.” Nir Ayalon, CEO and founder was cited by themedialine.org.

The startup’s cybersecurity system is a hardware appliance with software that connects to the vessel’s network. Once installed, the solution maps all of the vessel’s assets — such as its communication system, engine and generator — seeking out vulnerabilities and patching them. The company conducts automated, built-in cybersecurity checkups, validating ongoing compliance with maritime regulations. It monitors the assets’ behavior, identifies irregularities, and alerts on immediate risks.