Smooth sailing with secure networking for one of the world's largest cruise lines

While cybersecurity is getting more complicated across the board, the challenges that the maritime industry faces are especially unique. Cruise ships require persistent connectivity for recreation, financial transaction processing, health care operations, customer data, and ICS control systems for navigation — all compelling targets for cyber-attacks. Vessels’ reliance on third parties for support only increases the risk of breaches.

Nevertheless, most cruise lines are short on technical capability, and have little or no cybersecurity budget, let alone the organic human capital.

This was certainly the case for the cruise line that Moran Cyber was called in to support. The shipboard network, which controls critical maritime systems such as fuel, propulsion, and navigation, was complex and poorly architected.

“Our audit firm looked at the flat, Layer 2 shipboard network and proclaimed it a security risk for our maritime systems,” explained Alex Soukhanov, Director of Moran Cyber. “There was no segmentation of the individual control systems. A vendor for our propulsion systems could also see what  was happening with our navigation systems. Obviously, this is an unacceptable risk in today’s cyber threat environment.”

In addition to the lack of segmentation and un- restricted access for third-party vendors, network congestion was causing downtime issues and legacy systems had no inherent security. It was no wonder that the vessels failed an internal security audit.

But the audit’s recommendation that they dry dock all of the ships for three to four weeks for a complete networking overhaul, including millions of dollars’ worth of upgrades per ship, wasn’t a realistic option. “There is too much revenue at stake even with a small amount of downtime,” said Alex. “Plus, the cost of new networking hardware and software was prohibitive, and we didn’t have — and couldn’t hire — the staff to support hundreds of new firewalls.”

When the client pushed back against these costs, the audit firm searched for a new approach. They found it in Tempered’s Airwall Solution.

“Tempered provided us with a solution that was tested and vetted by an owner and operator of a large fleet of ships,” explained Alex. “It filled an immediate need to micro-segment networks that were flat by design, and control access by multiple vendors.”

What’s more, Tempered’s advanced Host Identity Protocol-based architecture eliminates the need for layers of devices, including internal firewalls and network access controls, drastically reducing complexity and operating requirements. As a result, the capital outlay was a fraction of the cost of alternative solutions, the deployments could be done on ships while at sea, and no additional security staff needed to be hired to support the enhanced security.

Lower Cyber Risks: Moran Cyber protected maritime systems from unauthorized access and cyber threats, and also decreased the attack surface by 90% by segmenting and isolating maritime systems from the general network.