{"id":51,"date":"2026-03-31T17:04:16","date_gmt":"2026-03-31T08:04:16","guid":{"rendered":"https:\/\/bos-jp.com\/en-en\/?post_type=service&p=51"},"modified":"2026-04-15T16:27:13","modified_gmt":"2026-04-15T07:27:13","slug":"cybersecurity","status":"publish","type":"service","link":"https:\/\/bos-jp.com\/en\/solution\/cybersecurity\/","title":{"rendered":"Maritime Cybersecurity"},"content":{"rendered":"

Maritime Cybersecurity <\/strong>–<\/h2>\n

Maritime Cybersecurity
\nOur affiliate, Athena Dynamics Pte Ltd (ADPL) in Singapore, has organized a global specialized IT team (GHA\/gha: Good Hackers Alliance) that can comprehensively implement cybersecurity measures for onboard network systems, from Identification \u2192 Defense \u2192 Detection \u2192 Response \u2192 Recovery, using remote access via satellite communication.<\/p>\n

\u25a0Specific Cyberattack Methods<\/p>\n

\u2022 Ransomware hijacking of ship management systems
\n\u2022 GPS spoofing to falsify location information (a type of cyberattack that misleads GPS location information by transmitting false GPS signals, disrupting ship routes or causing collisions)
\n\u2022 Theft of crew members’ personal information through phishing scams, etc.<\/p>\n

Based on reported cases to date, the following onboard systems are the main targets of cyberattacks.
\n\u27a3 IT (Information Technology) systems such as PCs for office work on ships
\n\u27a3 OT (Operation Technology) systems such as navigation equipment, engine control devices, and cargo monitoring devices<\/p>\n

We can remotely access and conduct Asset Discovery (asset survey) of vessels operated by ship management companies, in accordance with the IMO-mandated cybersecurity standard UR E26.<\/p>\n

Furthermore, if you install cloud-based software (XDR agent) on the ship’s network from land, our Security Operation Center (SOC) can provide full support, from implementation to operation, maintenance, and 24\/7\/365 continuous monitoring.<\/p>\n

There are two mandatory IACS requirements applicable to vessels whose construction contracts are signed on or after July 1, 2024 (for newly built vessels):<\/p>\n

UR E26 “Cyber Resilience of Ships”<\/strong>
\nUR E27 “Cyber Resilience of Onboard Systems and Equipment”<\/strong><\/p>\n

\"\"<\/p>\n

– For newly built ships \u2013<\/strong><\/p>\n

\"\"<\/p>\n

– For Existing Vessels –
\n<\/strong>The mandatory requirements of IACS UR E26\/27 mentioned above do not apply to existing vessels. However, since cyber risks are the same, cybersecurity measures for the onboard network are necessary.
\nAs a countermeasure, we propose a straightforward modification of the onboard network using the following procedure (3 steps + Site installation).<\/p>\n

Overview of Onboard Network Modification Work:\"\"
\n\"\"<\/p>\n

Phase 1 – Network Asset Discovery<\/h3>\n

A Network Asset Discovery (onboard network asset survey) must be conducted, and the verification and evaluation report must be submitted to the relevant classification society using the specified form to obtain certification. We conduct this survey remotely using satellite communication lines and report the evaluation (this can be done even on a ship at sea).<\/p>\n

\"\"* Process Management for Onboard Asset Surveys (Dashboard Example)<\/p>\n

Phase 2 – Vulnerability Assessment and Penetration Testing (VAPT)<\/h3>\n

Onboard Network Configuration<\/strong>
\nOur IT staff will remotely access the onboard network to conduct Vulnerability Assessment and Penetration Testing (VAPT) of the ship’s network system.
\nWe will also verify the weaknesses in the ship’s cybersecurity (for OT & IT) and conduct a system evaluation.<\/p>\n

\n
\"\"<\/div>\n
\"\"<\/div>\n<\/div>\n

PHASE 3 \u2013 Improved Security Levels<\/h3>\n

Onboard Network System Modification and Installations<\/strong>
\nFor OT network modifications, we propose the following two products:<\/p>\n

1\uff0eUSB Sanitization in Vessel – Advance<\/h4>\n

\"\"This device prevents viruses from being introduced via USB devices when manufacturer technicians install the latest data on OT equipment. (Numerous successful implementations on ocean-going vessels and Singaporean government ministries.)<\/p>\n

2. USB Cleaning Kiosk – Basic<\/h4>\n

Basic detection and threat removal from USB<\/p>\n

\"\"<\/p>\n

3\uff0eOT Protection via Uni-Direction Data Diode<\/h4>\n

\"\"This prevents the acquisition of confidential information via bidirectional communication (approved by IACS classification society).<\/p>\n

Furthermore, the cyber status of operating vessels can be continuously monitored 24\/7 from land (Operating Care Center). We promptly provide individual vessel cyber information to the Security Operation Centers (SOCs) of shipowners and ship management companies.
\n\"\"<\/p>\n

\"\"Cyber Health Dashboard accessible from the vessel, shore office, or shore Security Operation Center (SOC)<\/strong><\/p>\n

\u25c6Maritime Cyber Awareness Training for Seafarers
\n– Certified online Cyber Security Awareness for Seafarers<\/h4>\n

\"\"<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"– Maritime Cybersecurity – Maritime Cybersecurity Our affiliate, Athena Dynamics Pte Ltd (ADPL) in Singapore, has organized a global specialized IT team (GHA\/gha: Good Hackers Alliance) that can comprehensively implement cybersecurity measures for onboard network systems, from Identification \u2192 Defense \u2192 Detection \u2192 Response \u2192 Recovery, using remote access via satellite communication. \u25a0Specific Cyberattack Methods \u2022 Ransomware hijacking of ship management systems \u2022 GPS spoofing to falsify location information (a type of cyberattack that misleads GPS location information by transmitting false GPS signals, disrupting ship routes or causing collisions) \u2022 Theft of crew members’ personal information through phishing scams, etc. Based on reported cases to date, the following onboard systems are the main targets of cyberattacks. \u27a3 IT (Information Technology) systems such as PCs for office work on ships \u27a3 OT (Operation Technology) systems such as navigation equipment, engine control devices, and cargo monitoring devices We can remotely access and conduct Asset Discovery (asset survey) of vessels operated by ship management companies, in accordance with the IMO-mandated cybersecurity standard UR E26. Furthermore, if you install cloud-based software (XDR agent) on the ship’s network from land, our Security Operation Center (SOC) can provide full support, from implementation to operation, maintenance, and 24\/7\/365 continuous monitoring. There are two mandatory IACS requirements applicable to vessels whose construction contracts are signed on or after July 1, 2024 (for newly built vessels): UR E26 “Cyber Resilience of Ships” UR E27 “Cyber Resilience of Onboard Systems and Equipment” – For newly built ships \u2013 – For Existing Vessels – The mandatory requirements of IACS UR E26\/27 mentioned above do not apply to existing vessels. However, since cyber risks are the same, cybersecurity measures for the onboard network are necessary. As a countermeasure, we propose a straightforward modification of the onboard network using the following procedure (3…","protected":false},"author":1,"featured_media":246,"template":"","class_list":["post-51","service","type-service","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/bos-jp.com\/en\/wp-json\/wp\/v2\/service\/51","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bos-jp.com\/en\/wp-json\/wp\/v2\/service"}],"about":[{"href":"https:\/\/bos-jp.com\/en\/wp-json\/wp\/v2\/types\/service"}],"author":[{"embeddable":true,"href":"https:\/\/bos-jp.com\/en\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bos-jp.com\/en\/wp-json\/wp\/v2\/media\/246"}],"wp:attachment":[{"href":"https:\/\/bos-jp.com\/en\/wp-json\/wp\/v2\/media?parent=51"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}