September 11, 2017 -
Defense industry IT companies have recommended that the Navy use cybersecurity solutions such as behavioral biometrics technology to detect and prevent sea-based cyberattacks, according to a report by Defenses Systems.
The recommendations come in the midst of the Navy’s official investigation into what triggered the recent collision between a U.S. destroyer and Liberian-flagged merchant vessel, which lead to the deaths of 10 Navy sailors aboard the USS John McCain.
The Navy has not yet determined whether the incident was the result of a cyberattack or some kind of IT malfunction, however, many industry experts believe the investigation is likely to examine the potential of a maritime cyber incident.
European firm Balabit is currently working with several U.S. NATO allies to implement a maritime-focused biometric security technology that it plans to provide to the U.S. military.
The technology analyzes an individual’s unique keystroke patterns to track and identify precise movement and typing characteristics of a specific credentialed user.
“We are able to set up a baseline for a unique user based on his keystrokes, something which is unique for all users,” said Csaba Krasznay, Balabit security executive. “Detecting deviation from the baseline helps us know credentials were stolen.”
Cybersecurity experts can analyze the activity of computer users on the ocean to identify potential cyber theft, attempted intrusions or malicious activity.
Krasznay added that these would-be intruders are likely to seek access to sensitive ship navigation technology, data systems or on-board command-and-control networks, with ship-based navigational systems being especially vulnerable.
“In many ways, maritime is not really different from any other outdoor sectors. However, the sector is not as aware of cyber issues,” Krasznay said. “There are no compliance requirements and no threats that have resulted in the implementation of a cyber framework.”
In March 2016, Balabit released Blindspotter 2016.03, a user behavior analytics solution which features several new and unique machine learning algorithms to help security teams quickly identify hijacked accounts or unauthorized account sharing and to prevent large-scale data breaches or compliance problems.