Best Practices for cybersecurity on-board ships

Information systems and computer networks have gradually invaded the world of shipping and are now ubiquitous on ships: navigation systems, computers used by the crew, cargo loading management systems, platform management systems (propulsion, electricity, fluids), etc.

Publish the 10 October 2016 Updated 10 October 2016
best-practices-for-cyber-security-on-board-ships_anssi-english

This tremendous evolution has involved the emergence of new risks, still underestimated by shipping companies: network intrusion, data theft, remote takeover of computer systems, etc.

Protection against these threats can however be achieved most of the time through simple reflexes.

The measures presented in this guide, accessible to non-specialists, contribute to significantly raise the level of computer security on-board ships. The first measures address the crew and, for the most part, should be applied by all its members. The following ones are rather aimed at IT systems managers. This distinction, however, depends on the distribution of roles and responsibilities regarding information systems within the company, between the ship and the headquarters.

Each company is thus invited to make these various recommendations its own and to adapt them to its context and its specific organization.