icon_arrow_down icon_arrow_left icon_arrow_left_large icon_arrow_right icon_arrow_right_large icon_arrow_up icon_bullet_arrow icon_call icon_close icon_facebook icon_googleplus icon_grid_off icon_instagram icon_login icon_mail icon_menu icon_message icon_minus icon_pinterest icon_plus icon_quote_end icon_quote_start icon_refresh icon_search icon_tick_on icon_twitter icon_video_play icon_youtube

Hello,

We want to make Boat International the best destination for owners and lovers of superyachts, and we need your help to tell us more about yourselves and what interests you.

Our reader survey covers work, income, interests and hobbies, and most importantly – yacht ownership. We will use your responses to inform the boats we write about, the subjects we cover, and the advertising you will see.

It will take 5-10 minutes to complete. All answers are completely anonymous, and the responses are collected by our research partner, Tapestry.

Thank you in advance for your help.

GO TO THE SURVEY
No, thanks

Why cyber crime is the biggest threat to superyacht security

After a decade helping protect navies around the world, Andy Cuff now helps superyacht owners stay cyber-safe with his company Computer Network Defence. Here he explains why cyber crime is the biggest threat to the security of a superyacht and its owner’s wealth…

The implementation of physical security for superyachts has always been carefully considered as they transport their ultra high net worth passengers around the world. Prevention of kidnapping, piracy and theft at sea remains as important now as it has been for hundreds of years.

But sadly, cyber security and information security are all too often neglected, or the threat underestimated. As a result, a variety of different attack vectors are being developed; by criminals for the potential financial reward, by nation states for information about the influential passengers, and by academia because it’s a glamorous subject for students to research. The interest in superyacht cyber security within the underworld is rising exponentially and their owners need to be prepared.

As the majority of newer superyachts rely upon a Controller Area Network (CAN) Bus to connect the various on-board systems, from the engines through to the navigation and control, this remains the Holy Grail for the remote attacker.

To make matters worse, Industrial Control Systems and Supervisory Control and Data Acquisition have a terrible track record for security, which has resulted in numerous successful and devastating attacks. Make no mistake — the threat is real.

Already numerous cars have been hacked via the CAN Bus, including models from Tesla and Jeep, and there has been a publicised hack which claimed to take full control of a superyacht. Fortunately, the vessel in question was moored alongside a jetty and the physical security of mooring ropes saved the day.

There have been a number of cases of hackers being able to spoof a vessel’s GPS in order to take it off course, though as yet they have not been able to create a large diversion before being neutralised. One major hurdle here is that the attacker would need to be physically close to the vessel to overpower satellite signals.

There have been theoretical hacks in which attackers used Wi-Fi-fitted drones with cloud-based quantum computers to crack a vessel’s Wi-Fi access points while the vessel was at sea. However, it is far easier to crack the Wi-Fi whilst the vessel is moored, and plant some malicious code that will call home via satellite once the vessel is at sea.

I remain objective in our analysis of the current attack vectors, and there is much hype and scaremongering as some of the above examples demonstrate. However, where cyber security is concerned, superyachts remain a soft yet extremely lucrative target.

I have been providing cyber security to various navies for more than a decade. The work goes beyond traditional cyber security and also covers information security, countering such threats as mobile phone interception and hidden eavesdropping devices. It’s an ever-increasing problem that won’t go away until the vessels are secured, at which point the attackers will move onto the next easy target.

Superyacht owners often ask me if my team of consultants can hack into their vessels remotely, to identify the weak areas. This approach is helping to turn forward-thinking superyachts into the cyber bastions of the high seas.

Upgrade your account
Your account at BOAT International doesn't include a BOAT Pro subscription. Please subscribe to BOAT Pro in order to unlock this content.
Subscribe More about BOAT Pro