ChatGPT is revolutionizing maritime IT/OT security with the use of its artificial intelligence-powered text generator, allowing for the creation of persuasive and individualized phishing emails. As phishing emails are often the entry point of a larger, disruptive attack such as ransomware, this rolls out a red carpet for maritime cybersecurity.
One egregious example of such a ransomware attack on a vessel occurred in 2020, when two ships were compromised by Hermes 2.1, a ransomware strain, via the AZORult trojan. The ransomware was deployed through an email attachment, paving the way for attackers to infect the administrative network and the IT segment, which includes crew and passenger internet access, Ethernet connections, and the entertainment system, and thus pivoting into the vessel’s operational technology (OT) environment.
ChatGPT helps attackers by manufacturing malicious code. Crafting code for maritime protocols usually requires a complex proficiency. ChatGPT, however, levels the playing field, inflating the realm of attackers to include those with lesser computing skills. One example of a phishing email developed by ChatGPT offers links leading to malicious portions of the internet, disclosing one’s login credentials or infecting their computer with malware.
Herein lies major concern as network segregation can oftentimes be tough to achieve onboard a vessel, despite its salient role in keeping the OT environment secure from malicious IT networks. OT components aboard a vessel can encompass the Automatic Identification System, which broadcasts the vessel’s identification and present coordinates and cargo, as well as the Container Tracking System which keeps track of containers’ contents and movement via GPS.
Generally, IT and OT networks are configured in one of four ways: flat networks, firewalls, host agents, and remote access servers. Flat networks afford immediate access between IT and OT components, posing significant risks; firewalls sometimes have overly permissive rules, allowing attackers access; hosts present direct connections to OT assets; remote access servers provide an alternate OT environment with limited connections.
ChatGPT serves as an invaluable force multiplier for malicious actors, broadening the number of threats to vessels and fatally expediting infiltration. Cybersecurity countermeasures, such as staff education and phishing awareness campaigns, must be strongly employed in order to protect OT onboard vessels from deplorable breach.
Reperion is a company that helps protect maritime OT security through solutions that detect potential threats on the IT network, generate alerts, and filter out suspicious communications and activities before they can make their way to the OT network. Founded in 2016, Reperion has saved many vessels from advanced cyberattacks through its built-in, patented capabilities.
Dmitry Mikhaylov is the chief executive officer at Reperion. Dmitry is a Russian-born serial entrepreneur, investing in cybersecurity and fintech startups with offices in both Manila and Singapore. His skills are proven through his extensive experience in the logistics industry from 2009 to 2016 in Moscow, where he rose up the ranks to become a CEO. He has also founded several startups such as Payment Gateways, Inc., an online payment gateway system. Dmitry has a Master’s degree in Business Administration from Moscow State Institute of International Relations.
