Nemesis: a unique managed cyber security solution
Nemesis is a unique managed cyber security solution designed for the Maritime Industry. It is an in-house developed Security Information & Event Management (SIEM) System, tailor-made for vessels.
Easy to deploy and extremely cost effective, Nemesis was designed from scratch to address all inherent problems of providing information security on a vessel.
Depending on a vessel’s available infrastructure Nemesis can be deployed on a VM or delivered ready to install as a lightweight preconfigured bundle of hardware and software. These specially designed devices act as nemesis delivery mechanisms, are installed in each vessel, collecting valuable security-related data and intelligence from the vessel’s IT and OT systems.
Cybersecurity designed specifically for the maritime sector
Nemesis has been designed to be compatible with virtually any onboard equipment, modern and legacy included. Contrary to a conventional SIEM and in order to keep satellite communications costs low, Nemesis doesn’t transfer all logs to Aspida’s 24/7/365 Security Operations Center.
Instead logs are collected and preliminarily analysed onboard, escalating detection and response depending on severity, and alerting our experienced Cyber Security Analysts as well as predefined personnel from the ship managing company only when required.
The Nemesis modules onboard communicate with Aspida’s state-of-the art SOC using the vessel’s satellite communication. Currently in production stage protecting vessels and well after prototyping Nemesis is an unprecedented, inexpensive and straightforward response to the growing cyber threat in the Maritime Industry.
A Complete Solution
Nemesis is a Business Solution which is a complete vessel’s cyber threat detection mechanism, able to detect intrusions in real time.
We manage to identify threats known to the Global Security Community via our Threat Intelligence module. A client portal is also provided accompanied by our Alerting System capable to inform all related personnel (DPA, IT Department, Security Analysts, CISO) with critical events occurred in the network real-time.
Data acquisition is achieved via our Nemesis endpoints which are installed individually on every vessel we monitor. A Nemesis endpoint instance/device has the ability to correlate and report back data collected from Servers, Bridge Computers, managed Network Devices, SCADAs/PLCs, and Simple End User PCs in near real time. Nemesis was developed and customized bearing in mind the operational limitations of the maritime sectors and the inherent needs of a vessel:
Installing a conventional SIEM on a vessel does not fit the purpose as it would require additional and constant bandwidth- Connectivity can not be guaranteed on a vessel while pushing logs constantly to a shore facility can significantly increase communication costs. Furthermore a conventional SIEM solution would need to be installed and commissioned onboard adding on teh costs and complexities of a deployment.
Nemesis addresses all the above limitations.
By transferring part of our threat intelligence and log correlation onboard the vessel we can have constant monitoring against cyber threats while significantly reducing the satellite connectivity bills.
By deploying the solution either as a preconfigured VM or a small lightweight device we can deploy digitally or physically with the smallest cost and delay.
Moreover the system monitors IT and OT infrastructure even when satellite connectivity is down.
In the case of short or long periods of disconnection, Nemesis can preserve all the logs and potential alerts and transmit it back to Aspida without losing a single message when connectivity resumes.
• Custom built solution for the maritime industry
• 24x7x365 detection by experienced Cyber Security Analysts from Aspida’s SOC.
• Innovative lightweight software and hardware
• Easy to expand in newly installed systems on a vessel
• Protects Legacy and New Operating Systems
• Collecting and correlating logs from RT / SCADA systems
• Zero performance impact. Extremely Small Footprint. Fit-and-Forget on clients
• Receives and correlates syslog from any device.
• Works alongside with all known information security tools
• Can Identify Existing Malware Infections
• Monitors unauthorised software installations by users, hackers and malware
• Cost effective solution with zero maintenance from client side
• Fast & Efficient Updates
• Low Power Consumption
• Automatic Installation
• Network and Telecom equipment
• Incoming and Outgoing connections through the Firewall and log forwarding • All Windows and Linux systems
• File integrity monitoring
• Log monitoring
• Process monitoring
• System infections
• Collect Centrally all Information Security related logs
It can detect Threats in:
• Communication Systems
• Bridge Systems, including ECDIS, Propulsion & Power Control
• Access Control System
• Cargo Management Systems
• Passenger Servicing & Management. Passenger-facing Networks • Core Infrastructure Systems
• Admin & Crew Welfare Systems