Cyber Security Workbook for On Board Ship Use

前言

缩写/定义

致谢

第1节-简介

1.1 Cyber Security Risk Management - IMO Requirements and Guidelines

1.1.1 Supporting Regulatory Guidelines

1.1.2区域规管指引

1.2航运网络展望

1.本手册的目的

1.4检查清单

1.5 Designated Roles and Responsibilities

Part One - Onboard Practical Considerations

第2节-识别风险

2.1脆弱的船舶系统

2.2 What is a Maritime Cyber Attack?

2.3的威胁

2.3.1网络攻击类型

2.3.2社会工程

Section 3 - Protection, Prevention and Training

3.1防止恶意软件攻击

3.2软件更新

3.2.1 Updating programs that are not part of the Operating System

3.3 Endpoint Protection/Security Suite

3.3.1 Endpoint Protection更新

3.3.2 Checking if the Endpoint Protection Suite is up to date

3.4个密码

3.4.1创建密码

3.4.2密码长度

3.4.3管理密码

3.4.4密码交接

3.4.5万能钥匙

3.4.6用户名

3.5网络安全与短信

3.5.1 Cyber Security and the Ship Security Plan (SSP)

3.6 Crew Considerations and Training

3.6.1船员培训的关键方面

3.6.2 Cyber Security Familiarisation for Crew

3.6.3非船员培训

3.6.4 .设计培训计划

3.6.5 Unintentional Cyber Breaches by the Crew

3.6.6 Planning a Crew Training Session

3.6.7网络安全演练

3.6.8社交媒体

3.6.在网络安全模式下旅行

3.7 Ship Inspections and Port State Control

3.7.1 .港口国监督检查

3.7.2其他检查

Section 4 - Detect, Respond and Recover: General Principles

4.1检测网络Events

4.1.1介绍

4.1.2 Useful Tools Available to Help Detect Possible Malware

4.2Events响应

4.2.1第三方支持

4.2.2网络恢复方案

4.2.3备份

Section 5 - Ship's Business Systems

5.1车载商务电脑

5.1.1 USB接口和驱动器

5.1.2 USB端口阻断器

5.1.3个USB清洗站

5.1.4片

5.1.5个人设备和USB接口

5.2机上网络隔离

5.2.1隔离网络

5.2.2实现隔离网络

5.2.3 Maintaining a Segregated Network

5.2.4网络隔离的好处

5.2.船上5个易受攻击的系统

5.3无线网络

5.3.1商务WiFi

5.3.2机组WiFi

5.3.3 Guest访问

5.3.4 WiFi网络安全

5.3.5 VPN

5.4 Satellite Communications (Satcom) Equipment

5.4.1卫星通信密码

5.4.2 Satcom Visibility on the Public Internet

5.4.3卫星通信软件更新

5.4.4 Physical Security of the Satellite Terminal

5.4.5 Software Security of the Satellite System

5.5 Mobile (Cellular) Data Connections

5.6 Connecting to Shore WiFi in Port

5.6.1船员在岸上连接WiFi

5.7客船

第6部分- OT系统

6.1了解OT系统

6.2 Engine Department Considerations

6.3货物管理

6.4 ECDIS安全

6.4.1更新

6.4.2物理安全

6.4.3 ECDIS恢复

6.4.4 Recognising Genuine NAVTEX Messages

6.5 GNSS安全

6.5.1 GNSS输入数据

6.6其他桥梁系统

6.6.1 VDR

6.6.2 AIS

Part Two - Shore Management Considerations

第7节-关键考虑因素

7.1 Cooperation Between the Office Departments and their Suppliers

7.1.1 IT Department and Technical Department

7.1.2确保供应链安全

7.1.3 .网络安全工作组

7.2 Cooperation Between the Office and the Ship's Crew

7.2.1 Maritime Cyber Security Management

7.2.2 Cyber Security and the Safety Management System (SMS)

7.2.3 Cyber Security and the Ship Security Plan (SSP)

7.2.4 Onboard 资源 According to Ship Type

7.3船舶网络架构

7.3.1 IDMZ

7.3.2 Data Diodes (Unidirectional Gateways)

Section 8 - OT Systems Management

8.1 OT Asset Management and Risk Assessment

8.1.1资产管理

8.1.2资产风险评估

8.2 OT系统安全

8.3 Securing the Ethernet IP Network Used by OT Systems

8.3.1转换器安全

8.4 Intrusion Detection Systems (IDS)

第9节IT系统管理

9.1远程接入

9.2漏洞扫描

9.3渗透(渗透)测试

9.4 Endpoint Detection and Response (EDR)

9.5备份容灾

9.6 Uninterruptible Power Supply (UPS) for IT/OT Systems

检查清单

Checklist 1 - Cyber Security Familiarisation for New Crew Members

Checklist 2 - Cyber Security Crew Training

Checklist 3 - Detecting a Cyber Incident

Checklist 4 - Responding to a Cyber Incident On Board

Checklist 5 - Onboard Business Computer

Checklist 6 - Network Segregation

Checklist 7 - Networks (Wireless and Wired)

Checklist 8 - Satellite Communications

Checklist 9 - OT Systems for Crew

Checklist 10 - ECDIS Cyber Security

Checklist 11 - Cyber Security Checks on the Navigation Bridge

Checklist 12 - Asset Management and Risk Assessment

Checklist 13 - OT Systems for IT Department

检查表14 -远程访问

附件

Annex 1 - Cyber Security Assessment

Annex 2 - Creating a Cyber Security Plan

附件3 -创建用户帐户

Annex 4 - Checking for Segregated Networks

附件5 - NMEA 0183

Annex 6 - Regional Regulatory Guidance

附件7 -进一步资源