Nautical Expert

Motorboat magazine

Is cybersecurity on yachts really a problem?

Is cybersecurity on yachts really a problem?

Updated on March 9th, 2024

Today, perhaps only the inhabitants of the Sentinel Islands have never heard of the problems in the field of Internet security and the importance of protecting computer systems from being hacked. In the rest of the “civilized” world, hackers and cybercrime are on everyone’s lips almost daily.

The yachting industry is no exception. Today we mostly do not know how to properly use the astrolabe, and the mapping agencies of some countries have decided to stop issuing paper charts altogether. We no longer use cash and make instant transactions anywhere in the world. We can see the online status of the yacht’s on-board systems and manage them on the smartphone screen. We now live almost entirely in a digital world. Which, of course, can be hacked one way or another. But how relevant is this issue?

In the maritime world, especially when it comes to superyachts, digitalization is reaching the same incredible proportions as in other industries. But the problem isn’t with the computers themselves. They perfectly (though not always) control the important and secondary systems of the yacht. The problem starts when these computers have Internet access.

Any device connected to a public network is vulnerable to attacks from other devices on that network. Standalone devices that do not have an Internet connection, or at least a wireless hotspot or bluetooth, cannot be accessed without the use of physical intervention or some external media, such as USB sticks.

So, in the absolute majority of cases, one can talk about computer security only when these computers are connected to any public network, one of which is the Internet. Of course, there is also such a scenario when a yacht crew member can use his infected flash drive when working with on-board computers. The virus can be easily introduced and activated from a flash drive. However, for any remote control of infected digital systems, again, it is necessary that they have access to the public network.

Modern superyachts can have many systems connected to the internet. For example, this is required for updating navigation maps or for remote diagnostics and maintenance of engines by the manufacturer. In addition, the network access points themselves are vulnerable to attacks, for example, through the creation of their twins. And with the development of the IoT, the number of connected devices continues to grow.

But one should not think that computer systems are defenseless against intruders. There are many security solutions, both technical and software. Penetrating into the computer systems of a modern superyacht is not so easy. And even ordinary modern laptops with the latest software versions are pretty well protected. That is why up to 90% of hacking cases occur with the assistance of the users themselves.

Through social engineering, phishing programs and Trojans, hackers gain not only control over devices, but also access to bank accounts, transactions, personal and business correspondence. Thus, when they talk about computer security on superyachts, they discuss not only direct threats to on-board systems through discovered vulnerabilities, but also the computer literacy of the users themselves from among the crew and guests.

So, the best protection against computer threats on a yacht is to disconnect devices from the Internet. But today, of course, few people will agree to this, so another option involves maintaining up-to-date versions of the software and raising awareness among the crew.