Introduction
The computing technology aboard a superyacht can be divided into 2 main categories, Operational Technology for systems used for controlling the boat in the background and Information Technology (IT) which are systems used mostly in the foreground by crew and guests.
Within the Information Technology (IT) area, we have office automation, for running the boat, such as email and other administrative applications, alongside that we have welfare IT for guests and crew to keep in touch with the outside world through email, social media and browsing the Internet. Finally, we have Smart technologies, which tell us when a CCTV camera detects a person rather than just motion, or let the Stew know that the tumble drier has completed it's cycle, not to mention the streaming entertainment onboard.
On more modern superyachts, Operational Technology (OT) would be used for controlling engines, radar, navigation systems, though even older superyachts would have had OT systems retro-fitted, such as GPS, VINS, AIS and Satellite Communications.
There have been cases of ships being taken off course through the manipulation of GPS, of insecure navigation systems revealing the exact location of a vessel 24 hours per day and even one reported case in the South of France, of a superyacht being hacked through it's guest wi-fi, engines started and the only thing which stopped it being taken taken was that it was tied up alongside.
Our first priority is to prevent the bad guys hacking into your superyacht in the first place. But what if they did? It is vitally important to prevent them moving from computer to computer (laterally). The best way to prevent lateral movement, is to hide different networks using segregation. Where possible we will separate IT and OT from each other and then also segregate the guest wi-fi, so that if a guest falls victim to a phishing attack, or someone hacks into it, the other systems won't be exposed, please see our security architecture service below.
Our Experience
Since 2004, CND has been delivering maritime cyber security capability to naval forces, including the European Union Naval Force and the British Royal Navy. This maritime experience combined with the provision of cyber security to businesses and high net worth individuals, creates a "sweet spot" for securing superyachts.
Superyachts bring with them the usual threat of remote attack experienced by any other Internet connected vessel. However, they also have some other interesting soft spots which must be secured, not least of which are the high net worth clients and owners who they carry on board.
We have responded to superyacht owners, management companies and crew with a variety of services, some are bespoke to superyachts and others have been adapted from our land based services. Please review these services below and don't forget to download our superyacht brochure which also includes some of our bespoke services.
