The truth about...
As boats and the threats to them get ever more complex, MBY takes a look at some of the latest security issues you might want to consider
Pleasure boat owners of all sizes are considered wealthy and therefore a potential target for anything from theft to possible kidnapping and ransom. Compared to robbing a house or a car, boats present a relatively soft target – they are often left unattended, their security systems are usually quite basic and response times are slow. Common sense and a little effort are the main defence against crime. The gas locker is neither an original nor secure location to hide a cabin key. Nav equipment is valuable, easy to remove and easy to sell so ensure it’s not left in the cockpit. Small outboard engines are a popular target for thieves so secure them with a lock. Little will deter the really determined thief; your job is simply to make stealing from your boat more hassle than it’s worth. There are also sophisticated anti-theft devices like the Dokensip Boat Monitor that alert you if motion sensors are triggered or the boat moves outside a geofence.
Is piracy a genuine risk for leisure boat owners?
Harry Chenevix-trench, operations manager at Blackstone Consultancy, a private security and intelligence specialist, says piracy is certainly a threat in some areas of the world. Most of those classed as ‘red-alert’ zones are outside the scope of smaller motor boats, such as the Philippines, the Gulf of Aden and west Africa. However, some parts of the Caribbean are categorised ‘amber’ (requiring caution) and even the southern and eastern regions of the Med have become increasingly dangerous due to conflicts in Libya and Syria and the increasing use of waters around Sicily and Gibraltar by people traffickers.
How does one mitigate the risk?
Make use of local knowledge and avoid areas deemed dangerous. A check-in system where boats report their position regularly is also worth considering, as is GPS tracking. Be aware of AIS, which transmits not just your position, heading and speed but also boat information like name, size and type. There may be times when it could be prudent to switch this off.
How about in port?
In some areas, harbours and marinas can represent the greatest single concentration of international wealth in the entire country. Guide books, the internet and indeed local knowledge such as marina staff or port security can offer good advice about where and when it is safe to explore.
What else should be considered?
On-board wifi networks that cover the whole boat are a popular option but can mean the signal reaches further than the boat, raising the risk of cyber attack. Maurizio Minossi from Marine electronics specialists Videoworks says, “On-board systems are managed by VLAN, often via the same internet entry/exit point (VSAT, 4G etc). As all traffic goes through the same portal, a hacker gaining access is a risk to the entire network, from AV systems through to alarms, air con, engine management, security doors and navigation systems.”
No it’s not. During a controlled experiment in 2013, students from the University of Texas were able to spoof the GPS signals of a superyacht and send it veering off course without arousing any suspicions whatsoever. In a different trial in 2017, a cyber crime specialist working for a mobile device company hacked into a yacht’s wifi connection and gained control of vital functions, including the navigation system and on-board CCTV. Many owners conduct private and professional business while on board. This makes their personal data such as email addresses, photos or bank account details vulnerable to malware and phishing. A risk could come from an unsuspecting guest or crew member downloading a virus that self-installs and spies on passwords, or even hijacks the phones and computers using the network.
What is the best way to prevent cyber attacks?
Proven security software with endto-end encryption and two-factor authentication helps secure on-board systems. Videoworks recommends systems like its Kerio Control, an all-in-one threat and connection manager able to protect the yacht’s server via an Intrusion Prevention System (IPS) that monitors entering and exiting net communications.
What about crew?
Crew should be trained in digital security protocols so that they don’t inadvertently put the boat and guests at risk by posting photos of it on social media, opening emails from suspicious parties or inserting USB or disc drives into the boat’s systems
Your job is to make stealing from your boat more hassle than it’s worth