USCG Cybersecurity
How USCG will inspect ships cybersecurity? The USCG issued CVC-WI-027(1) and defines Poor cyber hygiene which could lead to ship detention:
Since 2021 all cybersecurity threats have been part of PSC examinations. The USCG has issued a circular of what they will examine when basic cyber hygiene procedures are not in place onboard. These include, but are not limited to the following:
a. Poor cyber hygiene
- • Username / Password openly displayed
- • Computer system appears to require a generic login or no login for access
- • Computer system does not appear to automatically log out after an extended period of user inactivity
- • Heavy reliance on flash drive/USB media use
b. Shipboard computers readily appear to have been compromised by ransomware/ excessive pop-ups
c. Officers/crew complain about unusual network issues and reliability impacting shipboard systems
d. Unit/vessel screener received potential 'spoofed' e-mail from master/crew onboard.