Published: 6 August 2017
Cyber security continues to be headline news. At sea and onshore, we rely on electronic devices and systems to run our business successfully. Any disruption could be extremely serious, but BP Shipping is on the case.
Modern shipping faces a new kind of threat. For a vessel, one of today’s major challenges comes from cyber attacks on any of the systems that control its engines, manage its cargo or keep it on course and clear of other ships.
There are relatively few examples of cyber incidents within BP Shipping. One reason, says IT and Security (IT&S) manager Michael Jones, is the company’s current policy not to connect its ships’ Automation Systems to the outside world through its Satellite Systems, which reduces the number of potential risks.
“The Automation Systems are designed to run without connectivity, so linking them to the external networks is not critical to operations,” he explains. The current threat mainly comes from disruptive malware.
Cyber space warriors
The recent disruption to the National Health Service (NHS) from a ransomware attack is a warning to everyone to remain vigilant in cyber space. When opened, malicious software, or malware, encrypts a user’s computer data and a ransom demand appears on their screen.
It takes just one person’s computer to become infected for the malware to spread rapidly across an entire system. BP’s IT&S team works hard to keep everyone’s security up to date, but as users, we also have our part to play.
Think before you click. Be vigilant. Don’t open emails, pop-ups or attachments from people you don’t know.
If you suspect it, report it. Report anything even if you’re not sure it’s suspicious or unusual activity.
Update your security and anti-virus settings regularly by downloading the security patches for your operating system (i.e. Windows) as soon as they’re available. This happens automatically on corporate machines.
Onboard, if you’re connecting to an Automation system, use one of the ship’s dedicated USB drives. Make sure you follow the guidance given around
removable media and third-party engineers. Scan USB data sticks before and after opening them.
Be discreet in public and online. Keep your personal data secure.
Protect your passwords. Do not share passwords or two-step verification codes
Classify your information and keep it secure.
Maintain a clear desk and screen.
Typically there are 61 million phishing attempts and spam emails across the group in a single month!
Michael tells us that the key to security is awareness. Everyone needs to be mindful of the risks of inadvertently infecting a system through downloads or USB sticks.
An extra dimension for Shipping is the service engineers who come on board to inspect or service Automation Systems. The ships’ officers are responsible for ensuring they follow the correct procedure to confirm that the devices they carry are up to date and checked for viruses before connecting to our systems.
Technology is ever-present in all that we do – from safely discovering and recovering oil and gas, to alternative energy, digital, and lower carbon fuels and products
Our people fuel our business. Between BP Shipping and BP Maritime Services, we boast a variety of skills
Our sponsored cadet training programme – could see you become a trained officer and serve with the BP fleet