A handful of people connected to the "Maritime World" have reached out to me regarding cybersecurity and their concern of developi certain systems being connected through Internet. I have little to no experience working in the maritime world, and I haven't worked professionally with cybersec other than hardening of operating systems following various benchmarks.
I want to learn more about infosec/cybersec in general, and especiall in the maritime. I therefore humbly ask for your experience, advice or external resources.
well, you are working with low bandwidth sattelite connections often. these have some problems. i am no expert, but for example:
low bandwidth makes it hard to put TLS on everything.
the way sattelites communicate back is not a beam but rather a big surface area it sends the connection to (sometimes spanning 100s of miles if not more?)
there have been people able to intercept a lot of these broad beamed things and read out plantext transfer data / packets.
id say in general its a similar problem from normal cybersec, you got some it and ot on ships, id hope the ot connects to the it, and that connects out. in that case it might be possible with the right bandwidth to encrypt it all and be a little happier...
theres some interesting conference talks on youtube about such sattelite communications and unique hazards that come with it.