Maritime threats have returned to the headlines over recent weeks, with more and more reports revealing that the semi-covert war between Israel and Iran is being waged on the seas, almost as often as it is on the ground and in the air.
According to a report by the Wall Street Journal last week, Israel has bombed at least a dozen ships en route to Syria in the past two years, most of which were smuggling Iranian oil. This came on the back of the revelation that an Israeli-owned ship, the Helios Ray, was attacked in the Gulf of Oman last month and with Israeli officials pointing at Iran as being responsible for the recent tar spill that ravaged Israeli shores.
While traditional means like sea mines are the likely weapon of choice in most of these attacks, cybersecurity in ships and tankers has also recently been brought to the fore due to the major implications such a breach could have.
According to an International Maritime Organization (IMO) resolution, as of the beginning of this year, every safety management system on ships must be documented as having included cyber risk management, in line with the International Safety Management Code.
Israeli startup Cydome Security aims to address this exact issue, providing a cyber solution to seamlessly safeguard the maritime IoT ecosystem. The company's solution is designed for systems including guidance, sensors, control, command, communications, and links to coastal infrastructures.
Cydome provides end-to-end security from the kernel level using data and network isolation and offers rapid and automatic threat detection and protection.
"There are plenty of cybersecurity products, but ultimately the maritime sector was until recently relatively vulnerable and suffered from many unreported attacks," Cydome Director of Technology, Eitan Yehuda, told CTech. "With ships having a limited internet connection that is usually also not broadband, that makes cloud solutions irrelevant. In addition, they don't have an IT professional on-board. A tanker that goes out to sea doesn't return for a month-and-a-half and the issue needs to be tended to in the meantime, which is why we have come up with an autonomous solution to solve cybersecurity issues at sea. Another particularly challenging issue is that these ships have 200 edge devices and many subsystems that include a mixture of old legacy systems like engines and sensors and very modern systems like the navigation systems installed on the bridge. Our solution is built bottom-up. We analyze both OT (Operational technology) and IT (Information technology) systems and provide an end-to-end solution that provides security, not just for a specific device but for the entire vessel."
Yehuda, who is also an Associate Director, Cybersecurity Expert at Boston Consulting Group (BCG), is the former Chief Technology Officer and Head of Infrastructure Department at Israeli credit card giant Isracard and served for 25 years in the Israeli military, including as the Head of Information Technology and Cyber warfare unit at Mamram, the IDF's Center of Computing and Information Systems.
Cydome currently employs around 10 people and completed a $2.2 million seed round last December.
"With maritime delivery services on the rise, the number of vessels at sea is increasing and this presents different challenges," explained Avital Sincai, co-founder and COO of Cydome. "Over the last 10-15 years we have seen numerous attacks. Many times these attacks go unreported and are blamed on human error. We entered a new world in 2021 with the new regulations coming into play and many maritime companies are beginning to understand that there is a real problem here."
Yehuda stressed the significance of the new regulation and Cydome's ability to offer an overall solution.
"Regulation has played an important role over recent years. We began receiving requests from the market to not only provide cybersecurity protection, but to also make sure we provide them with what they require to meet the regulation. The most significant cybersecurity regulation is IMO 2021, but there are also additional regulations for tankers, for example," he said. "Another significant issue is visibility. A lot of the information in the vessel ultimately doesn't reach those who are managing these fleets and with our platform being connected to all of the ship's systems we can present them with what devices are active and if there are any problems and how all the systems are connected to one another."
The dangers of cybersecurity attacks on ships was highlighted two years ago by Jason Liberty, Executive Vice President and CFO of Royal Caribbean Cruises. “It is happening. It’s probably happening to everybody in my opinion. I think we get over a million different attacks a day. Our cyber-security budget used to be probably half a million dollars a year, and it’s probably $75 million to $100 million dollars a year today," Liberty said at the time.
"You can only imagine what damage could be caused if someone adjusts the navigation system of a 200-meter long vessel when it is close to an oil rig or even if someone just opens a valve on an oil tanker. This could result in strategic damage," noted Cydome CEO Nir Ayalon.
Ayalon said Cydome is putting a special emphasis on research and the need to identify threats and possible solutions, including how to conduct disaster recovery when necessary.
"This is a critical year for us with the regulation now in play so we are setting ourselves very ambitious goals and are hoping to complete many installations. We have a very respectable pipeline," he added. "We want to continue and grow, also from a technological standpoint, with autonomous and remote-controlled vessels also becoming integrative parts of many shipping companies. We see ourselves as the leader in end-to-end protection for naval vessels."
Both Ayalon and Sincai stressed how Cydome considers itself a partner of its clients and not just a service provider. "We don't just approach it as a sale. We want to work together and we try to help with matters unrelated to cyber as well when we map out their needs," said Yehuda.
"Our emphasis is to work with the client," added Sincai. "To understand from the client what is more crucial to them and not just provide a ready-made solution. There are many clients which we helped address vulnerabilities they weren't even aware of. We not only help neutralize outside threats, but also internal issues like employees who aren't taking the right precautions. Our solution is designed around the ship. The regulatory aspect is always evolving so we need to make sure that our product is also adaptable. Our solution is custom-made and is continually being built up."