Cyber Security Workbook for On Board Ship Use 2021 Edition (eBook)

Published Date

October 2020

Also available in other formats:

Cyber Security Workbook for On Board Ship Use 2021 Edition (eBook)

(Excludes any applicable taxes)

This workbook is a practical, straightforward and easy to understand guide to support the Master and the ship’s crew with cyber security risk management.

Now in its second edition, the workbook provides detailed guidance on all aspects of cyber security protection, defence and response (including brand new sections on remote access, intrusion detection systems and engine department considerations).

Fully revised, comprehensive checklists are also included to assist with the practical, day-to-day management of onboard cyber security. This workbook is an essential tool in helping to ensure that cyber risks are appropriately addressed in onboard safety management systems (as required by IMO Resolution MSC.428(98)). It will also benefit shipowners, ship managers, ports and their IT departments.

'Cyber Security Workbook for On Board Ship Use' is referenced in ISGOTT Sixth Edition as a source of practical guidance for Masters and ship’s crew (ref: ISGOTT 6, section 6.4, para.3)

Be the first to review this product

In recent years, the shipping industry has undergone a digital revolution: internet connectivity on board has become common and ship’s systems are increasingly digitised and integrated. With this growing level of connection, comes greater risk. Ships are now a common target for hackers worldwide and it has become crucial that the entire crew has an understanding of how and when cyber attacks can occur.

Using detailed, step by step checklists, Cyber Security Workbook for On Board Ship Use provides a ship’s crew with the practical skills to identify cyber risks and to protect vulnerable onboard systems. It also gives guidance on how best to detect, respond and recover in the event of a cyber attack.

This publication has been produced by BIMCO, ICS (International Chamber of Shipping) and Witherby Publishing Group

Section:1 – Introduction
1.1 Cyber Security Risk Management – IMO Requirements and Guidelines
1.1.1 Supporting Regulatory Guidelines
1.2 Cyber Outlook for Shipping
1.3 Purpose of this Workbook
1.4 Checklists
Section:2 – Identifying Risks
2.1 Vulnerable Ship Systems
2.2 What is a Cyber Attack?
2.2.1 Attacker Profiles
2.2.2 Types of Cyber Attack
Section:3 – Protection, Prevention and Training
3.1 Prevention of Malware Attacks
3.2 Software Updates
3.3 Endpoint Protection
3.3.1 Anti-virus
3.4 Passwords
3.5 Cyber Security and the SMS
3.5.1 Cyber Security and the Ship Security Plan (SSP)
3.6 Crew Training
3.6.1 Ship Cyber Security Drill
3.6.2 Cyber Security Familiarisation
3.6.3 Crew Training Cyber Security Checklist
Section:4 – Detect, Respond and Recover: General Principles
4.1 Detecting a Cyber Incident
4.2 Detecting a Cyber Incident Checklist
4.3 Incident Response
4.3.1 Third Party Support
4.3.2 Cyber Recovery Plan
4.3.3 Backups
4.4 Responding to a Cyber Incident On Board
Section:5 – Detect, Respond and Recover: Ship’s Business Systems
5.1 Onboard Business Computers
5.1.1 USB Ports and Drives
5.1.2 USB Cleaning Stations
5.1.3 Personal Devices and USB Ports
5.1.4 Onboard Business Computer Checklist
5.2 Network Segregation On Board
5.2.1 Existing/Simple Networks
5.2.2 Segregated Networks
5.2.3 Achieving a Segregated Network
5.2.4 Maintaining a Segregated Network
5.2.5 Benefits of Network Segregation
5.2.6 Vulnerable Systems On Board
5.3 Network Segregation Checklist
5.4 Wireless Networks
5.4.1 Business WiFi
5.4.2 Crew WiFi
5.4.3 Guest Access
5.4.4 WiFi Network Security
5.4.5 Virtual Private Network (VPN)
5.4.6 Networks (Wireless and Wired)
5.5 Satellite Communications Equipment
5.5.1 Satcom Passwords
5.5.2 Admin Password Security
5.5.3 Confirming that the Satcom System is Not Available from the Public Internet
5.5.4 Is the Software Running on the Satcom System Kept Up to Date?
5.5.5 Applying Updates to Satellite Terminals
5.5.6 Physical Security of the Satellite Terminal
5.5.7 Software Security of the Satellite System
5.5.8 Satellite Communications
5.6 Cellular Data Connections
5.7 Connecting to Shore WiFi in Port
5.7.1 Crew Connecting to WiFi Ashore
5.7.2 Shore WiFi in Port/Shore Cellular Data Checklist
Section:6 – Detect, Respond and Recover: OT Systems
6.1 Understanding OT Systems
6.2 Engine Department Considerations
6.3 OT Systems Checklist for Crew
6.4 ECDIS Security
6.4.1 Updates
6.4.2 Physical Security
6.4.3 ECDIS Recovery
6.4.4 Recognising Genuine NAVTEX Messages
6.4.5 ECDIS Cyber Security Checklist
6.5 GNSS Security
6.5.1 GNSS Input Data
6.6 Cyber Security Checks on the Navigation Bridge during Watchkeeping
Section:7 – OT Cyber Security: Onshore Office and IT Department
7.1 Ship’s Network Architecture
7.1.1 IDMZ
7.1.2 Data Diodes (unidirectional (single direction) gateways)
7.2 OT Asset Management and Risk Assessment
7.2.1 Asset Management
7.2.2 Asset Risk Assessment
7.2.3 Asset Management and Risk Assessment Checklist
7.3 Securing OT Systems
7.4 Securing the Ethernet IP Network Used by OT Systems
7.4.1 Converter Security
7.5 Remote Access
7.5.1 Remote Access Checklist
7.6 Intrusion Detection Systems (IDS)
7.7 OT Systems Checklist for IT Department/Onshore Office
Annex 1 – Regional Regulatory Guidance
Annex 2 – Checking for Windows Updates
Annex 3 – Creating User Accounts
Annex 4 – Checking for Segregated Networks
Annex 5 – How to Check that Anti-virus Software Updates are Applied
Annex 6 – NMEA 0183
Annex 7 – Example of a Cyber Security Familiarisation Checklist for New Crew Members
Annex 8 – Planning a Crew Training Session
Annex 9 – Further Resources

Cyber Security Risk Management – IMO Requirements and Guidelines

In 2017, the International Maritime Organization (IMO) adopted Resolution MSC.428(98) on Maritime Cyber Risk Management in Safety Management Systems (SMS). This Resolution states that an approved SMS should take into account cyber risk management in accordance with the objectives and functional requirements of the ISM Code. It encourages administrations to ensure that cyber risks are appropriately addressed in the SMS no later than the first annual verification of the company’s Document of Compliance after 1 January 2021.

Resolution MSC.428(98) identifies cyber risk as specific threats that companies should address in the same way as any other risk that may affect the safe operation of a ship, its crew and the protection of the environment.

Cyber risk management should be an inherent part of safety and security and should be considered at all levels of the company, including senior management ashore and onboard personnel. In the context of a ship’s operation, cyber incidents should be considered as having the potential to result in physical effects and potential safety and/or pollution incidents. Company plans and procedures for cyber risk management should, therefore, be incorporated into existing security and safety risk management requirements contained in the ISM Code and ISPS Code.

Supporting Regulatory Guidelines

Version 4 of 'The Guidelines on Cyber Security Onboard Ships', which was produced and supported by BIMCO, CLIA, ICS, INTERCARGO, INTERMANAGER, INTERTANKO, IUMI, OCIMF and the WSC, provides guidance on maritime cyber risk management. While primarily aimed at addressing the safety consequences of cyber incidents on board ship, the principles and protection measures in the Guidelines are equally applicable to all organisations in the maritime industry.

The Guidelines are aligned with IMO Resolution MSC.428(98) and the IMO’s guidelines. They provide practical recommendations on maritime cyber risk management and should be read in conjunction with this workbook.

Cyber Outlook for Shipping

While shore based advances in internet connectivity have been substantial over the last 20 years, shipboard access to the internet has not developed at the same rate. However, due to the increased availability of affordable VSAT communications this is improving and the world fleet is increasingly better connected. In the Futurenautics Crew Connectivity Survey in 2015, it was estimated that the average availability of internet access across all fleet sectors stood at 43%. According to a survey by ICS, by 2019, this figure had almost doubled to 82% and it continues to rise.

However, with the comparatively rapid increase in internet connected ships comes an increased risk of cyber incidents. Existing PCs on board are often dated and are networked with no added security protocols. On board, dedicated cyber security procedures and adequate crew training are often lacking.

The split of ship’s systems into IT (business computers, personal devices, etc) and OT systems (ECDIS, cargo control systems, etc) may mean a divide in how cyber security for these systems is approached: staff responsible for IT security may prioritise data protection and preventing network vulnerabilities, whereas OT staff may view safety and continued reliability of operations as paramount. However, this workbook highlights the interconnectedness of these systems on board and the holistic approach to cyber security that must be taken. It offers practical advice on security measures that can be used to protect the ship as a whole.

Purpose of this Workbook

This workbook has been designed as a practical, straightforward and easy to understand guide to support the Master and officers on board ship. It is designed to facilitate understanding and good collaboration between individual ships, onshore IT departments and equipment manufacturers. The workbook may also be useful to the wider maritime industry.


Checklists have been provided to assist in day to day cyber risk management on board.

The checklists throughout this workbook are intended to be used on board ships by any officer. However, it is recommended that the role of inspecting cyber security, completing and verifying the appropriate checklists and identifying and reporting cyber security issues ashore is clearly defined in the SMS.

Along with the Master, the Ship Security Officer (SSO) has a responsibility to ensure adequate cyber security under the broad requirements of the ISPS Code. However, in practice, the responsibility for cyber security may also be delegated to an appropriately qualified officer. The officer should ensure they have a knowledge of the various cyber systems on board, including the satcom, all networks and all critical items of equipment.

BIMCO, ICS and Witherby Publishing Group
Title: Cyber Security Workbook for On Board Ship Use 2021 Edition (eBook)
Edition: Second
Number of Pages: 130
Product Code: IT103542
Published Date: October 2020
Binding Format: Hardback
Book Height: 300 mm
Book Width: 240 mm
Book Spine: 30 mm

Bought this product? Why not review it?

If you have a question about this product, please contact us directly.

Windows eBooks:


To access the eBook, you need to install our free Windows eBook Reader.

The application can be downloaded from:


Standalone eBooks are supplied with 1 licence + 1 backup and are not transferable between platforms.


Remote Desktop Services (Terminal Services) and virtual environments are not supported.


The Windows eBook Reader works with Windows XP or later OS (but not Windows RT).

See more details.


Cloud (online) eBooks:


The Cloud (online) eBooks use Microsoft Silverlight browser plugin to deliver the best possible reading experience with the ability to work in offline mode.


It is an annual subscription service (i.e. each eBook is purchased for 1 year of use).

Online licences are not transferrable to Windows or iPad (or vice-versa).


Silverlight is compatible with the major web browsers used on Windows and Mac OS X operating systems.

However it is not supported on Linux, Android, Windows RT and iPad devices and therefore the Cloud eBooks use an HTML site in these instances.

The HTML site is more restricted than the Silverlight version.


See and more details.


Note for Mac Users:


Mac users can read Windows eBooks with Boot Camp or using virtual machines such as Parallels Desktop, Virtual Box, ...

Alternatively, Cloud (online) eBooks are accessible on Mac, including the Silverlight plugin with offline mode.


Note for Linux Users:


Linux users can read Windows eBooks using a virtual PC.

Alternatively, the HTML version of the Cloud (online) eBooks is accessible.


Note for Tablet Users:


Tablets owners can use the HTML version of the Cloud (online) eBooks.