PROVIDING ships OPTIMAL PROTECTION AGAINST CYBERATTACKS
Jansma International B.V., in collaboration with aXite Security Tools, Wijgaart Shipping, and Shipping Technology, has become the first in the world to make a ship completely cyber-proof. The product ensures that, in the event of a hack, the ship’s operational systems cannot be taken over or compromised.
André Jansma, director, and Kaj van Leer, business developer, of Jansma International and MDM (Maritime Data Management) beam with pride as they talk about their world first. Jansma: “You’re the first person we’re telling this news to.” Van Leer: “Today we’re launching our first product: MDM-PROTECT.” MDM is the name of the new company in which both aXite and Jansma International each hold half of the shares. The website goes live on May 8, marking the official launch of MDM.
A team from Jansma International has been working with aXite for a year and a half to develop this innovation and set up the organization, Jansma explains. “Over the past six months, we’ve been able to install, test, and refine our product on one of Wijgaart Shipping’s vessels: the tanker West Virginia. Shipping Technology also played an important role in this process, thanks to their existing knowledge of shipboard technology. In addition, aXite was the ideal partner for this project because they have a wealth of experience with cybersecurity in operational environments,” he explains. “They secure operational systems at airports around the world, such as baggage handling systems.”
A LAYER BETWEEN IT AND OT
“A ship is, in fact, also an operational environment where the internet is being used more and more—for example, for trackpilots, navigation, and autonomous or remote sailing,” adds Kaj van Leer. “At the moment, this isn’t always done in a cyber-secure way. Our device creates a layer between IT and OT (operational technology) and ensures that they are not directly connected to each other. So if your IT system is hacked, the damage is limited because your critical systems are not affected. For example, if a technician arrives at a ship with an infected laptop and tries to upload something via the Wi-Fi network, our product detects that a new laptop is connected and registers that the technician is attempting to access areas he is not authorized to enter. The upload is then immediately blocked, and we receive a notification, allowing us to intervene immediately,” says Van Leer.
“When developing the device,” he continues, “we realized just how many entry points a malicious actor has to gain access to critical operational systems. That was quite a shock to us. Every part of a ship often has its own network router for running updates. For example, if there’s also a coffee machine on board that’s connected via Wi-Fi, a hacker could theoretically even try to gain access to critical operational systems through that device. People really need to be aware of this. It’s almost inevitable that things will go seriously wrong on a ship at some point. Which, perhaps, isn’t a bad thing for raising awareness.”
Start-up phase
MDM-PROTECT will initially be launched on the market exclusively for the maritime sector, but in principle, the combination of hardware and software can also be used to secure wind farms, offshore installations, bridges, and locks, as well as other facilities. Van Leer: “We’re limiting ourselves to the maritime sector for now—which is already a large market—because in the startup phase, it’s not so much the production of the boxes that’s the problem, but rather the installation, monitoring, and reporting. If we were to receive an order tomorrow to deliver a thousand units, we’d be busy installing them for quite some time, because no two ships are alike, and for each ship we have to figure out exactly how the networks are configured. It will take some time to further build out the organization before we can serve hundreds of ships, let alone expand into other sectors.”
In the short term, Jansma and Van Leer expect demand for their product to come primarily from the maritime sector, due to the implementation of the NIS2 regulations. Ships operating in sectors critical to the economy and society, such as energy, must, under these regulations—which take effect in July—demonstrate that they have considered cybersecurity, identified the risks, and taken steps to secure both their IT and operational technology. Jansma: “With our device, you meet those requirements and also help your clients comply with the NIS2 regulations. That was also an important reason for Wijgaart Shipping to make the West Virginia available for our pilot.”
MDM’s mission is to further strengthen the shipping industry in the coming period and make it structurally safer, thereby creating a future-proof and more resilient industry.