icon_arrow_down icon_arrow_left icon_arrow_left_large icon_arrow_right icon_arrow_right_large icon_arrow_up icon_bullet_arrow icon_call icon_close icon_facebook icon_googleplus icon_grid_off icon_instagram icon_login icon_mail icon_menu icon_message icon_minus icon_pinterest icon_plus icon_quote_end icon_quote_start icon_refresh icon_search icon_tick_on icon_twitter icon_video_play icon_youtube

Sign up to our mailing list for the latest Boat International & Events news.

SIGN UP

Missing your newsletter?

If you’ve unsubscribed by mistake and would like to continue to hear about the latest Boat International & Events news, update your preferences now and let us know which emails you’d like to receive.

UPDATE NOW
No, thanks

Reinforcing superyacht computer network security

Defending the network

Just as it doesn’t take a CIA operative to access your network, it doesn’t take an MI6 communications room to keep all but a very determined and well-equipped intruder at bay.

Hernando Giraldo, of Great Circle Systems, a Nevada-based integrator of IT hardware and software with offices in Fort Lauderdale, Florida, pointed out that just buying a consumer-grade wireless router and installing it, without at least changing the default settings, is a clear invitation to intruders of all sorts.

Just knowing the model of the router can allow even the least sophisticated hacker to log on within a few moments of finding the signal. This situation probably applies mostly to smaller yachts, which may not have the benefit of employing an IT contractor to install and maintain the yacht’s network.

While it might be unlikely that a casual intruder would seriously compromise a yacht’s security through its wireless network, a ‘disgruntled former employee’ could seek malicious satisfaction from a safe distance.

One industry source who preferred not to be identified told the story of an unhappy former crew member who left with the boat’s passwords stored on their laptop. Failing to change network passwords when someone leaves a yacht’s employ is like letting them take the keys to the boat with them. In this case, it provided an open door to crack the password for the owner’s on-board email account.

Passwords should be changed often, and they must be changed when a crew member leaves. If a password is easy to remember, it’s just as easy for a determined intruder to crack.

Failing to change network passwords when someone leaves the yacht’s employ is like letting them take the keys to the boat with them

Combinations of letters and numbers in upper and lower case offer the best protection but are difficult to remember. Just don’t write it on a label stuck to a computer and you should be fairly safe. The bad guys always look for the simplest way in first, so don’t leave the front door unlocked for them.

‘If someone wants it badly enough, they will get it,’ says Giraldo. He suggests purchasing ‘business-class’ hardware, which offers more robust security features than inexpensive, consumer-grade products and allows the integration of even more barriers between authorised users and passers-by.

Antoine Guy of Synchronicity, and Sophia Antipolis, France, IT consultant, offered the following advice on configuring even the simplest wireless network to provide enough barriers to force a casual intruder to find easier pickings: ‘The idea is to make the basic set of WiFi parameters not trivial, not transparent, and not broadcast so a hacker can get this info by simply scanning the cloud,’ he says. ‘These parameters must be set up in the device to connect to the cloud.

‘Disable Access Point SSID broadcasting,’ the name of the yacht’s WiFi network. ‘If this information is not broadcast in the clear, it is difficult to obtain.

‘Change the default network SSID into a non-trivial one. Don’t use the boat name or an equivalent.

‘Set up the access point [router] to ask for an encrypted WPA key,’ WPA encryption is secure, unlike the older WEP standard, which can be broken using free software, ‘and try not to use a trivial key such as the boat name. A hacker will try that option immediately.

‘Don’t write down the default WPA password everywhere. It’s usually printed on a sticker at the back of the access point device, so remove that sticker.

‘Lock the network rack or location where the access point is located. Do not trust people who [say] they won’t give the key to a friend. They will.

‘Set up the Access Point to use a non-trivial Wi-Fi channel number – such as five, six or seven – not the usual one, eleven or thirteen.’

Following Guy’s advice will keep most network snoopers away. But for a very small minority of them, there are freely available software tools to chip away at the firewalls.

Upgrade your account
Your account at BOAT International doesn't include a BOAT Pro subscription. Please subscribe to BOAT Pro in order to unlock this content.
Subscribe More about BOAT Pro