A leading shipmanagement company has enhanced cyber security within its onshore facilities with AI-based analytics and improved vessel security
Wallem Group has strengthened cyber security at its onshore facilities and across the managed fleet to prevent cyber incidents and attacks.
It deployed advanced network protection using artificial intelligence (AI) at its shore-based offices to identify and respond to malware and other online threats.
After piloting Darktrace’s Cyber AI Analyst at its Hong Kong headquarters in 2019, Wallem deployed the AI-based solution at its Singapore, Shanghai (China), Clark (Australia), and Mumbai (India) offices as well as its Singapore data centre.
On the ship side, Wallem conducts onboard IT surveys before vessel takeover, restructuring the IT network to align it with groupwide cyber-security requirements. It also performs annual assessments to identify any IT equipment on board the vessel that is due for replacement, proposing a budget for new equipment and recommending value-added services to help strengthen onboard cyber resilience.
Wallem Group general manager Raymond Ho believes cyber security needs to start “at home” in shipping’s corporate offices, as these are more common points of entry for cyber attacks than ship networks.
Wallem can only ensure the cyber security – and more broadly, the safety, efficiency, and sustainability – of its managed fleet if its land-based facilities are well protected from digital threats, said Mr Ho.
“If our offices’ cyber defences are not up to standard, we are spending time and resources resolving breaches that we could otherwise invest in optimising security and vessel performance across our managed fleet,” said Mr Ho. “For us, smooth fleet operations begin with robust cyber security on shore.”
Darktrace’s Cyber AI Analyst combines human expertise with AI to triage, interpret and report on cyber-security incidents, contextualising events, adapting to novel techniques and ensuring consistent end-to-end protection.
By continuously monitoring network activity, analytics learn what is normal for each user, device and application and automatically detects and responds to new threats within seconds to protect against evolving infiltration methods.
Mr Ho points to a case in which Cyber AI Analyst detected malware beaconing on Wallem’s network. According to Darktrace, “beaconing occurs when a malicious program attempts to establish contact with its online infrastructure.”
Thanks to the AI solution, Wallem was able to trace the signal to malware on an employee’s computer, resolving the issue before it escalated into a full-scale network attack.
“Before we used Darktrace’s solution, we could only protect against the risks we expected,” says Mr Ho. “We lacked visibility of the hidden malicious activities on our network and the ability to correlate a series of activities with a potential cyber threat. This has all changed since we started working with Darktrace.”
He explains Darktrace’s cyber analysts trained Wallem’s IT department in interpreting, classifying and investigating potential cyber threats reported by the Threat Visualizer tool, which allows the group to determine the risk level of potential threats and prioritise them accordingly.
Based on the threat patterns identified, Wallem has fine-tuned its network and firewall policies. The group has also segregated its business, bring-your-own-device, and guest wifi networks and updated its IT policy to prohibit non-corporate devices from connecting to its business network.
“While we only use Darktrace’s solution on shore, working with the company has given us fresh insight into security measures and best practice that we can apply across our fleet,” said Mr Ho.
“With our offices now robustly and intelligently protected from evolving cyber threats, we have the capacity and peace of mind to focus on delivering services that facilitate safe, smart and sustainable vessel operations and ultimately serve the ship of the future.”