Is the Superyacht Industry prepared for Cyber-attacks?
We talk weak links and GCHQ training in this month’s Talking Tech.
Having interviewed Nick our conclusion is that we are far behind land-based organisation, even basic training such regularly offered to small business by local police forces is more than the current level of awareness and training on Superyachts.
Within this edition of Talking Tech, we meet security and cyber security expert Nick Clarke from Akula Yachts. Akula is superyacht specific company that focuses on security and cyber security, as well as crew training. The Akula Cyber Security team aims to protect clients through a combination of technical audit, penetration testing, and education. The idea is to work with the client AV/IT installer or provide independent advice and analysis.
We know that Cyber Security is a big topic within the superyacht and megayacht world, as technology is advancing; more and more people have the resources, the knowledge, and abilities to hack. Yachts and superyacht owners and their guests are incredibly vulnerable to cyber attacks because of their high profile, high wealth and yachts are connected 24/7 making them the perfect target for hackers.
With some many points of entry on Superyachts from Suppliers, suppliers support system such as virtual access, Crew many of whom remain un-vetted and guests who regularly bring devices onboard and link to local wifi the backdoors into yachts remain wide open.
Owners who move offshore into VSAT only connections might have slightly better protection but ultimately it all depends on how good training and vetting was onshore. The human element remains the weakest link!
In theory with the advanced in drone technology carrying wifi access to the yacht combined with computing power offered by companies like Amazon who can make cracking Wifi a task of hrs compared to the 350 years, it would take the average laptop.
Many yachts remain on outdated WIFI system making the task even easier.
The threat of Cyber Attacks, in general, is relatively high. The Government has urged Britain businesses to better protect themselves from cyber criminals. According to the Government website, nearly 7 out of 10 attacks on all firms involved viruses, spyware or malware.
– In 2016 we saw 18 million new malware sample captured (that’s an average of 200,000 per day).
– According to an FBI report June 2016, more than 4,000 ransomware attacks occurred every day since the beginning of 2016.
– The amount of phishing email containing a form of ransomware grew to 97.25%
– 78% of people claim to be aware of the risks of unknown links in emails – but click anyway.
– 57% of organisations that suffered from successful cyber attacks in 2016 are not making any change to their security measures.