IT & NETWORK SECURITY SOLUTIONS - Protecting your business in the Digital Age
Simplified cyber security protection from ships and shore
Marlink’s ultimate vision for you is a fully automated and standardised IT environment and converging IT and Operational
Technology (OT) operations. Our communication experts have the ability and experience to understand your requirements
and consult on the ideal blend of services to meet them.
Broadband connectivity at sea and the increasing use of digital systems for everything from navigation to container
inspection has led to reduced operational cost and improved efficiency of vessels at sea, it has also created a new type
of threat to the shipping industry – cyber risk. Furthermore, increasing communication provisions for crew have
resulted in additional risks. With seafarers now bringing an average of three communication devices onboard each,
insecure personal devices may provide an additional vulnerability in the vessel’s IT system.
Whether in regard to the protection of data, potential damage and loss, liability, or the impact on insurance and risk,
companies need to be aware and well covered as they seek to balance digital opportunity with new cyber threats.
In the rapidly developing maritime environment, a holistic approach to security is needed that enables response to
new and ever-evolving risks. To help ship operators protect themselves from potential business disruption caused by
a cyber attack, Marlink offers a number of solutions to support your business’ digitalisation and enable you to focus
on your core business.
Protecting a Maritime IT & OT network against cyber
threats requires a combination of proven tools and
processes.
Established means such as a firewall and anti-virus
(PROTECT) need to be complemented by deployment of
more advanced network-based hardware and software
solutions (DETECT and RESPOND) as well as training.
This will help to ensure never being in a position of having
to pay hackers a ransom, a fine to national bodies or
suffering from a severe loss of reputation. In order to
secure the entire network, a security assessment has to be
conducted at each layer and a continuous cyber security
process implemented.
2
Cyber Security Framework
ADDRESSING CYBER RISK - MARLINK’S SOLUTIONS PORTFOLIO
SEC
UR
ITY
LA
YE
RS
PROTECT DETECT RESPOND
Company-wide IT policy
KeepUp@SEAComprehesive IT management PROTECT DETECT RESPOND
All single PCs SKYFILEANTIVIRUSEssential antivirus layer onboard PROTECT DETECT RESPOND
Data Encryption
VPNSOLUTIONSSecure end-to-end transmission PROTECT DETECT RESPOND
Vessels/LAN X CHANGECentralised communication platform PROTECT DETECT RESPOND
ShoreShore based gateway
DATAMANAGERPROTECT DETECT RESPOND
3
Key benefits
• 24/7 Network protection and support
• IT Infrastructure and software management
• Antivirus End-Point Protection
• Cyber Competence Expertise
• Smart, integrated, remote communications management
Key facts
• Spam & viruses are contained in >70% of all global emails
• There are over 500,000,000 known malware programs,
with over 390,000 new variations detected each day
• On average, advanced attackers are on a network for
more than three months before being detected
• The EU GDPR Regulation mandates a 72 hour Cyber
incident notification window to authorities - potential
penalty is 4% of revenue or €20m (whichever is higher)
• Business disruption costs of a network outage caused
by a cyber-attack are likely to exceed $50k per vessel
per day
• Hull insurances exclude consequences of cyber attacks
• 80% of security breaches are caused by human error
Sources: Allianz Safety Shipping Review, FireEye M-Trends 2017
Our comprehensive portfolio of cyber security solutions means whatever your business, we can provide the best-fit, most suited option for your requirements
Maintain full control and ensure IT security
Marlink offers a range of solutions which can be combined together to effectively protect your vessel from cyber risk.
Marlink’s VPN SOLUTIONS securely connect vessels to shore to keep data transmissions over the public internet
private, protected and uncompromised. Marlink VPN solutions provide secure connectivity through standard authentication
and encryption technologies, including (site-to-site) IPSec VPN and OpenVPN.
DATA MANAGER helps you to protect your Communication and Digital Solutions through a Global Network-Based Firewall solution, managed via a secure and simple online portal. The tool is available for VSAT and MSS connectivity
services, as well as Universal Card data traffic. DATA MANAGER can be used to customise individual firewall configuration
to allow desired IP traffic, compress and block selected media content of visited web pages and filter web access.
XCHANGE acts as your Smart Onboard Device providing integrated communications and user access management.
XChange separates Crew and Corporate networks physically, which secures your corporate system from threats caused
by crew´s private equipment. The multi-stage firewall ensures that only wanted traffic is routed to and from your vessel
and your entire onboard IT infrastructure remains secure, while its settings may be managed remotely. Using XCHANGEUNIVERSAL REMOTE ACCESS (URA), all devices on board can be remotely accessed from any PC onshore via a secured
HTTPS connection.
All the while, your onboard computers remain protected from harmful viruses thanks to SKYFILE® ANTI VIRUS. Once
installed, the program fully automatically distributes these updates to all anti-virus clients while compressing signature
updates by up to 50%. This makes the software ideal for a remote, satcom environment. New for 2018, SkyFile Anti Virus will detect and block even new ransomware which is not yet recognised by the signatures thanks to behavioral monitoring.
As a fully comprehensive IT Infrastructure & Software Management solution, KEEPUP@SEA enables you to standardise,
simplify and automate your entire onboard IT environment across the fleet. The highly sophisticated IT operational
platform has a proven track record of increasing IT Network Resiliency by improving operational stability, reducing
operational costs and reducing support costs and efforts to a minimum; all while maintaining the necessary flexibility to
handle future growth and changes.
4
Your Cyber Security partner for end-to-end protection
5
GLOBALNETWORKl Secured global backbonel Private IP Addressing
SEALINKl Secured linkl Backup services
X CHANGEl Onboard firewalll Network & user management
CONNECTIVITY
ON LAND AT SEA
SOFTWARESUITE
APPLIANCES
GLOBALNETWORK
DATACENTER
DATAMANAGERl Onshore firewalll Web filtering
KeepUp@SEAl Software compliancel IT asset monitoring
SKYFILEANTIVIRUSl Computer antivirusl Ransomware protection
VPNINTERCONNECTl Site-to-site encryption l Efficient Remote Maintenance
X CHANGEl Secured URAl Shore to ship content delivery
PROTECT DETECT RESPOND
Marlink Virtual Private Network (VPN) solutions offer
protection from sniffing attacks during data transmission
over public internet and may be combined with encryption.
This solution is suitable for secure conections to your
Company Head Quarters. Marlink provides two VPN solutions:
• On Demand VPN to establish a secure remote connection
to equipment or computers on-board, typically used for
debugging, maintenance and configuration
• Permanent VPN to secure regular transport data
traffic to a corporate network
Data Manager provides a variety of versatile features to
make managing data traffic more efficient, including web
compression, web filtering, enhanced firewall and more.
Managed via a secure and simple online portal, the
solution combines complex and powerful IP management
capabilities with administrative simplicity for ease of use
and secure communications.
6
Key Benefits: • Standard security protocols: integrate with
existing VPN servers (IPSec, OpenVPN)
• Remote maintenance: essential and inexpensive
tool for managing onboard networks
• Universal Connectivity: supports Sealink VSAT,
Fleet Xpress, FleetBroadband, Iridium OpenPort
• Saves time and costs: no need for additional
hardware or onboard intervention
Threat Solution
Example Scenarios
VPNSOLUTIONSScope: Data Encryption
A third-party intercepts confidential data sent
over the public internet
Marlink provides several satellite optimised end-to-end as well as terrestrial
VPN Solutions routing traffic over secure
private network lines
u
A crew member visits undesired / dangerous
websites
Data Manager blocks 26 types of categories of
websites / content
A crew member downloads dangerous files from the internet
Data Manager blocks downloads of selected file types (e.g. EXE, PDF, ZIP)
u
u
PROTECT DETECT RESPOND
Key Benefits: • Security: full security package to protect your terminals from internet attacks • Flexibility: customisable features like firewall, web compression and web filtering• Universal Connectivity: supports Sealink VSAT, Fleet Xpress, FleetBroadband, Iridium OpenPort• Simplicity: no installation required, all standard web browsers supported • Concealed Network: hides your vessel from
public Internet and potential cyber attackers
DATAMANAGERScope: Shore
PROTECT DETECT RESPOND
7
Marlink’s integrated communication management platform,
XChange has been expertly designed to empower your
connectivity to manage all satellite networks (VSAT and
MSS). Among its many features, within the context of IT
and Network Security, XChange supports the following:
Segregated LAN Management - The network can be split
into multiple local networks (LANs) typically separating
business from crew communication and avoiding infection
caused by private equipment.
User Access Management - XChange acts as a gateway
permitting or declining access to applications depending
on preset group policies and access rules - managing who
is able to communicate, through which terminal, at what
time and for how long.
Multi-Stage Firewall - XChange includes 3 firewall stages,
which filter IP-based data communication based on ports,
IP protocols and addresses:
• Level 1: Terminal level Firewall - block certain traffic
types per terminal (VSAT, MSS)
• Level 2: User-group Firewall - determines traffic type
per specific users or groups of users
• Level 3: Combined with Data Manager - provides a
triple layer of firewall protection
Universal Remote Access (URA) - provides secure access
to all devices connected to an XChange. IT equipment on
board can be accessed from any location in the world
and changes implemented, such as firmware updates,
with one click.
XChange Cloud - Avoiding exposure to risks by the public
internet, XChange Cloud is a Secure Content Delivery
infrastructure from Shore to Vessel. This service streamlines
and enhances business, logistical and vessel operations
by providing a reliable, easy to manage platform to share
and automatically synchronise important files of any size
or type throughout a fleet.
Key Benefits: • Secure: multi-stage firewalls guard what traffic
is routed to and from the vessel
• Access Control: set group policies on access
rules, time frames and time limits
• Split networks: separate and prioritise business
critical communication over crew data traffic,
thereby reducing cyber threats to operations
• Full Remote Management: administer XChange
remotely or locally
• DMZ Content Delivery: transfer and synchronise
files using XChange Cloud
PROTECTX CHANGE
Threat Solution
A malware infection spreads from the crew welfare to the operational
business network
XChange splits the physical network
into multiple LANs ensuring business remains unaffected
A crew member connects an unauthorised device
onboard, which may potentially be infected
by viruses
XChange can limit access to known pre-entered
MAC addresses of approved devices only
An onboard device is accessed remotely via
a public, static IP exposing the device to
cyber attackers
Instead of using a public IP, URA uses secure
authentication and an encrypted connection to remotely access devices
Example Scenarios
Scope: Vessels/LAN
u
u
u
PROTECT DETECT RESPOND
SkyFile® Anti Virus is Marlink’s complete anti-virus
software package, providing remote onboard PCs
with protection against viruses and other external
threats. Fully automatic anti-virus updates,
notification and version verification ensure you keep
your computers and LAN safe even while at sea.
Augmented specifically for satcom connectivity,
SkyFile® Anti Virus combats a wide range of threats
such as viruses, Trojan horses and other malicious
software (malware).
SkyFile® Anti Virus works seamlessly with one of
Marlink’s most popular solutions - SkyFile® Mail to
deliver daily malware signature updates. With more than
40,000 mariners utilising the service daily, SkyFile Mail
provides reliable and cost-effective email, fax and SMS
messaging on VSAT, Inmarsat, Iridium and Thuraya.
Viruses and spam are eliminated based on typical
properties (blocked HELO, grey listing, etc.) reducing
email threats - the most growing method of cyber intrusion.
Coming in 2018, ransomware and exploit mitigation tools
will enable even more advanced endpoint protection.
Eliminate malware, prevent exploit vulnerabilities and get
a deep clean on any potentially hidden malware using our
premium options.
8
Key Benefits: • Security: Reliable detection using Sophos-based
engine
• Ransomware protection: detects and blocks
even brand new ransomware threats
• Cost efficient: several compressed low data
volume anti-virus updates per day
• Universal Connectivity: Supports Sealink VSAT,
Fleet Xpress, FleetBroadband, Iridium Open Port
SKYFILEANTIVIRUS
Threat Solution
A crew member connects a malware-infected
USB stick to the bridge PC
SkyFile Anti Virus detects and blocks viruses and other malware such as
Trojan horses or spyware using a Sophos-based virus detection engine
New ransomware which is not yet detected
by the anti-virus signatures is executed
on a computer
SkyFile Anti Virus Ransomware Module uses
behavioural monitoring to detect and block even new, previously unknown
ransomware
Fraudulent spam and phishing emails are
received onboard which direct crew members
to websites stealing confidential information
SkyFile Mail scans mail attachments for infections
and moves spam to quarantine before
delivery to the vessel
Example Scenarios
Scope: All single PCs
u
u
u
PROTECT DETECT RESPOND
KeepUp@Sea powered by Marlink Group company, Palantir
AS is a unique IT operational platform and solution to
standardise, simplify and automate your vessel IT environment,
permitting remote management, fast migration and effective
operation of IT services across the fleet.
The KeepUp@Sea solution provides expert advice, system
design, installation services, hardware deliveries, logistics,
and operational services. From a security perspective, the
KeepUp@Sea solution performs the following functions:
• Incident prevention barriers: preventing threats from
causing unwanted or critical situations
• Consequence reduction barriers: preventing or reducing
the consequences/losses and damage caused by a
Cyber incident
The KeepUp@Sea Dashboard presents a complete overview
of the health status for defined critical hardware components
onboard the fleet. It can be customised to monitor business
critical elements closely, such as verifying scheduled
backups and anti-virus definitions; while also providing a
clear, dashboard overview of the current versions and status
of all fleet-wide software and applications assigned.
Asset InventoryKeepUp@Sea Inventory helps to manage and maintain
your vessels’ IT assets and proactively alerts you of certain
non-compliance issues. IT Managers may monitor all installed
software versions across the fleet’s servers and PCs and
identify outdated installations so that action can be taken;
minimising the risk of infection. Unauthorised installations
can also be identified. The solution ensures compliance and
can reduce costs by identifying unnecessary licenses to be
discontinued.
KeepUp@Sea BackupThe vessel-optimised backup solution provides proactive
protection of business-critical data and safeguards recovery
procedures if needed. The restoration algorithm will also
ensure very limited IT skills are needed to restore data onto
the server. Even when doing a complete reinstallation, or
replacing hardware, KeepUp@Sea Backup can ensure
important data is automatically synchronised right back
to the relevant onboard PCs.
9
Key Benefits: • IT resilience: automated system restoration in
case of a Cyber Security incident
• Standardised IT Platform: harmonised computer
and server configuration across the fleet
• Full configuration control: track changes,
upgrades and the operational status of vessels’ IT
• Reduce onboard staff workload: routine tasks
are automated and no specialised onboard IT
competence is required
• Full system compliance: built on Microsoft
operating systems for easy migration, roll-out
and change management
KeepUp@SEA
Threat Solution
Outdated software contains security
vulnerabilities which allow attackers to enter
the network
KeepUp@Sea monitors software on all PCs onboard. Updates to mitigate known vulnerabilities can swiftly be
distributed to the fleet
A crew member has modified a PC’s
configuration for a leisure application without
approval of the IT department
KeepUp@Sea will present installation activity via
the monitoring tool and support automatic
reinstallation, removing unapproved applications
A malware has modified the IT system and/or
deleted important business documents
KeepUp@Sea Backup saves all business critical
information to external device(s) enabling
restoration of content to a previous non-infected state
Example Scenarios
u
u
u
Scope: Company-wide IT policy
PROTECT DETECT RESPOND
10
Today’s shift towards increasing interconnectedness at sea is
continuing to enable significant efficiency gains and new capabilities
for maritime operations. Running in parallel to this trend is an
increase in vulnerability to cyber-attacks within the maritime industry.
Although historically not considered part of the critical infrastructure
sector, considering that now more than 90% of global trade is
carried by sea, maritime has increasingly become a cyber target,
as proven by recent high-profile, damaging cases.
To remain safe and competitive, ship operators should aim to employ
not just a short-term incident resolution, but a blend of tools and
complementary solutions to cover all aspects of the Protect, Detect
and Respond process.
Marlink’s more than 70 years’ experience in the maritime sector has
been harnessed into designing sophisticated, but straightforward
and easy to roll-out solutions to precisely fit this purpose.
The Human Element
In addition to technical cyber security solutions, it is essential to
create awareness among staff through regular training and a clearly
defined IT system usage policy. Whilst the technology and solutions
onboard are essential elements to addressing cyber security, only
by combining training, technology, regular reviews of business
processes and implementation of the correct policies can a
shipping company hope to reduce its cyber risk level.
Creating a secure culture
Protecting Your Business in the Digital Age• Comprehensive solutions portfolio
• Focus on ongoing protection, detection and response
• Efficient, quick deployment technology
• Remote management from shore
• Optimisation for satellite environments
• Customer consultants located in regional offices worldwide
• Support available 24/7/365
• Regional, cultural and technical understanding
11
Over 20,000 vessels sail with Marlink’s services onboard today.Join the smartest, fastest growing broadband partner.
Marlink Service Desk
EMEA: +33 1 70 48 98 98Americas: +1 310 616 5594+1 855 769 3959 (toll free)Asia Pacific: +65 64 29 83 11
Email: [email protected]: www.marlink.com
365/24
No.1maritime VSAT provider
$500 millionin revenue
World-Class Infrastructurefor secure and resilient communication services
Partnerof all Satellite Network Operators
Global Service Network1250+ service points and 130+ countries serviced
1000+ employeesin 20+ countries
Global Customer Support7 customer care centres, 7 warehouses
70 yearsof unrivalled expertise
5000+maritime VSAT
+
540+land VSAT
SEALINK
SEALINK