Flag/ ISM News

Bringing you the latest news from Flag and Port State Regs. We are now tracking the latest updates from the MLC, IMO, and the larger Flag states so you don’t have to

MLC amendments Dec16 – From 18th January 2017, ships under MLC must display certificates issued by an insurer confirming that financial security is in place for liabilities in respect of crew repatriation and for compensation for death and disability.

2010 Manila Amendments to STCW Dec16 – Everyone should be aware of the requirements for STCW “Refresher” training came into effect as of the 1st January. Although the IMO has called for Port State Control authorities to “take a pragmatic and practical approach during inspections…” up to 1st July 2017, the MCA and the Cayman Islands do not intend to make any regulations to formally extend the transition period which expired on 31st December 2016. So it will be up to the PSC Inspector to decide whether or not to take action if a seafarer does not hold the required certificates. For those vessels having crew who are affected by this.
• Have a copy of the IMO circular on hand during a Port State Control inspection.
• Have on hand evidence that the required courses have been booked.
• Notify your DPA and your insurers that some crew do not have the required certificates.

The IMO circular can be downloaded here MSC1Circ1560
Find the nearest training centers for STCW

Nairobi International Convention on the Removal of Wrecks Nov16
From 20 February 2017, all Cayman Islands ships of 300 GT and above, as well as non-Cayman Islands ships visiting the Cayman Islands, must have wreck removal insurance in place. These ships must also hold a certificate issued by MACI attesting that the ship has wreck removal insurance. Further guidance is expected to follow.

Marshall Islands MSAdvisory_34-16 Use of new satellite mobile communications services – Any MI flagged vessels that intend to use any new satellite service must have their ship radio station licenses amended to authorize the use of the frequency ranges offered by that service. This includes VSAT (Ku, KA, C), Iridium, Thrurya, INMARSAT and additionally any satellite service that may become available in the near and far future under the GMDSS modernization plan.

Are your crew letting hackers on-board?

Imagine having your guest’s / owners identities stolen or laptops infected due to poor on-board digital security. Hacking is now big business. Over the last few years hackers have become ever more sophisticated resulting in bigger data breaches.

Hacking is now big business. Over the last few years hackers have become ever more sophisticated resulting in bigger data breaches.

  • 2013, Yahoo 1,000,000,000 user details stolen
  • 2014, JP Morgan Chase 76,000,000 user details stolen
  • 2016, Friend Finder 412,000,000 user details stolen
  • 2016, Mark Zuckerberg (Facebook CEO), Sundar Pichai (Google CEO) and Jack Dorsey (Twitter CEO) all had their personal accounts hacked.
  • With that in mind, you might want to think about how sensitive the data you hold on your network is and what would be the liability if your yachts network was compromised.
    IT security is a massive topic covering hardware, software and training. The following points are to make you think about your yachts network and crew and to make you start asking the right questions.

  1. Do you have IT Security as part of crew familiarization?
  2. Do you routinely change system passwords when a crew member leaves the yacht?
  3. Is Antivirus / firewall / systems updates Included in the yachts routine maintenance checklist?
  4. Do you have a procedure for when any of the computers on the yacht (Bridge, Crew or Guest) becomes compromised.
  5. Are your bridge computers, Crew WiFi and Guest WiFi all on a separately firewalled networks? If so great, what about the entertainment system?
  6. Do your crew stream / download movies from less than reputable websites. Are those same computers then plugged into the yachts network?
  7. Do you allow your crew to plug their phones into the bridge computers to charge them?
  8. Do you allow USB drives to be plugged into any computer on the yacht?
  9. Do you have offsite backup? What would happen if you were unable to access any of the data on your yachts network just before a port state control?
  10. VPN’s. Yachts are built, to high specifications and the OEM (Original Equipment Manufacturers) installers do excellent work. What you may not know is that along with the engines, air conditioning or AV/IT equipment, OEMs may also be installing VPNs. These are effectively back-doors into your yachts network.
  11. Does any of your yacht’s systems get automatic firmware updates? If yes, what would happen if that system shut down when you were at sea or about to dock?

How Strong is your password
You may not be a network engineer but you can keep a strong password.
This website shows you how secure your password is and explains why.
www.betterbuys.com

Two-Factor Authentication
Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. Normally something you know, like your pin code and something you have like your phone or a bank card. Chances are you already do this for online banking. You should also add this to other accounts such as Gmail or Yahoo as well as Facebook

Useful Links
Free Malware Scanning Software
www.malwarebytes.com
Remote Backup Solution
www.carbonite.com
Get Safe Online (for personal and business advice):
www.getsafeonline.org
Cyber Essentials documents, a free download
www.cyberaware.gov.uk

With thanks to
Akula yachts
www.Akulayachts.co.uk
GoSecure
Gosecure.net

Beware Of The Drones

Earlier this year a vessel was detained after flying a drone from the deck. As a result the Gard P&I Club issued the following alert.

“A vessel entered with Gard was recently detained following the launch of a drone to photograph the vessel proceeding through the Suez Canal.
Shortly after the drone had been launched from a vessel transiting the Suez Canal, the Master was requested by the Canal Authorities (SCA) to drop anchor. During the SCA’s subsequent inspection, they confiscated the drone and its memory card and the vessel was detained in anticipation of further investigations by the Egyptian authorities.” Read more at the Gard website.

Additional sources of information:
US Federal Aviation Administration (FAA): Know before you fly
UK Civil Aviation Authority (CAA): Safety Guide
Transport Canada (TC): Do’s and Don’ts for flying your drone safely and legally.