© 2016 by CyberKeel ApS.

    CyberKeel

    SERVICES

    For many maritime companies - such as shipping lines, ports, terminals etc - improving cybersecurity materially from the current levels is neither complicated nor expensive.

     

    At CyberKeel we have a unique expertise combining deep insights and experience in the maritime industry with hard-core skills within cybersecurity - and its opposite: the world of hacking. 

    All market participants need to ensure their cybersecurity protocols reflect the question "what do you do when you are hacked?". This is crucial. In today's world, cybersecurity has to take as a given that you will be hacked. It is not possible to keep all attacks at bay.

    Our expertise allows us to assist maritime clients improve security procedures - not just from an IT angle but also from the angle of raising staff awareness. The single greatest cybersecurity threat is the one sitting in a chair in front of the screen providing information, not out of malice but simply because most people are unaware of how hacker manipulate them through social engineering.

    Download our whitepaper here

    Penetration Tests

    CyberKeel provides a comprehensive penetration test aimed at testing a company's cyber security defenses.

    Our technical experts have the prerequisite skills in hacking and penetrating systems from both technical and social angles. The actual penetration test needs to be tailor made to the specific threat level the company want to test, but can include the following:

    • A cyber-attack against company systems:

      • May be performed on production, development or test systems

      • External penetration test from the internet

      • Internal penetration test from within the company intranet

    • Comprehensive social engineering test

    • A cyber-attack attempting to shut down company systems such as distributed denial of of service tests

    • An after-action report containing recommendations for improvements based on the test results

    The company may decide to which extent internal stakeholders, such as the IT department or individual users, should be pre-warned about the test.

    Please contact for a detailed discussion for your individual needs

    Level 2 Security Assessment

    Level 2 Security Assessment focuses on the actual cybersecurity situation in relation to how staff conduct their work on a daily basis.

    Level 2 Security Assessment covers the following aspects:

    • Local onsite checks as to whether global policies and procedures are followed using

      • Interviews with staff, with staff input remaining anonymous

      • Onsite observation of workflow

    • Local onsite checks as to the actual presence of mandated security products

      • End user understanding and usage of security products

      • Actual software update state on individual computers

      • DNS analysis to review presence of unregistrered hardware units

    • Local onsite checks as to the usage of external equipment

      • Presence of USB units, smartphones and thumbdrives

      • Usage of wireless networks

    • Local onsite checks as to the daily use of IT equipment, include habits concerning webusage

     

    The security assessment will be adapted to the circumstances in the individual companies. Please contact us for a further discussion.

    Training

    We provide training services at all levels of complexity, tailor-made not only to the specific audience, but also to the specifics business needs of the participants.

    Courses can be offered as open-participation across multiple companies, as well as dedicated sessions for a single company only.

    An example of a technical training course for systems administrators is:

    Day 1 – Windows Internals and Attacks

    • Windows Architecture.

    • Inner workings client side attacks.

    • In depth view of vulnerabilities and exploits in modern software.

    • Introduction to PowerShell as seen by attackers.

    Day 2 – Privilege Escalation and Lateral Movement

    • Privilege escalation on modern Windows OS.

    • In depth abuse of Windows authentication.

    • Advanced offensive use of PowerShell.

    Day 3 – Endpoint defenses

    • Whitelisting technologies.

    • Antivirus strength and weaknesses.

    • In depth Anti-hacking technologies.

    Day 4 – Persistence and Network Defenses

    • Achieving persistent access to compromised systems.

    • Network Intrusion Prevention Systems.

    • Sandboxing technologies.

    • Threat Intel walkthrough.

    Level 3 Security Assessment

    Level 3 Security Assessment focuses on a technical and forensic analysis of the current state of affairs, as well as a simple test concerning security resilience against social engineering attacks.

    Level 3 Security Assessment covers the following aspects:

    • Detailed analysis of results from existing surveillance tools

    • In-depth scan and analysis of traffic patterns and presence of potential malware

    • Security architecture analysis

    • Single point of failure and redundancy analysis

    • Limited social engineering test

    The security assessment will be adapted to the circumstances in the individual companies. Please contact us for a further discussion.

    Level 1 Security Assessment

    Level 1 Security Assessment focuses on high-level procedural security issues and serves as a foundation for the global standard level desired by the company.

    Level 1 Security Assessment covers the following aspects:

     

    • Review of procedures and processes in place with security and IT staff

    • Asset classification

    • Asset management according to confidentiality, integrity and availability

    • In-depth look at privilege distribution and password management

    • Reviewof firewall and antivirus usage and updating procedures

    • Debate of pros and cons, as well as status, relating to ISO27001 certification

    The security assessment will be adapted to the circumstances in the individual companies. Please contact us for a further discussion.

    Vessel Assessment as per BIMCO guidelines

    The vessel assessment focuses on the cyber security readiness and risk mitigation level onboard vessels.

    The assessment is based on the BIMCO and voluntary IMO guidelines for best practice for vessel cyber security as issued in 2016.

    CyberKeel was one of the contributors to the develoment of the BIMCO guidelines, and the guidelines in full can be found here:

    BIMCO Guidelines