# 📶 Is Your Ship's Wi-Fi a Hidden Bridge Between OT and the Open Sea?
Most maritime cyber incidents don't announce themselves. A wireless device quietly connected to both the engine room Wi-Fi and the ship's wired automation network is all an attacker needs — and it's more common than you'd think.
**What UR E26 §4.2.5 Actually Requires**
Every wireless network within OT scope must do three things: prevent incident propagation, authenticate every participant — human users, software processes, and devices — and encrypt all transmitted data using industry-standard cryptography. No exceptions. Unencrypted wireless in an OT environment is non-compliant by definition. Additionally, wireless networks must be implemented as separate, dedicated security zones with enforced boundaries.
**Why This Hits Differently at Sea**
Ships aren't offices. Crew use personal devices, vendors bring laptops for maintenance, and portable instruments sometimes connect to both Wi-Fi and wired networks simultaneously without anyone noticing. Radio frequency signals don't stop at bulkheads. A rogue access point or a dual-homed device — one that communicates over both wireless and wired networks — can silently bridge two security zones that were never meant to touch. On a vessel underway, that's not a theoretical risk. It's a scenario with real consequences for propulsion, navigation, and safety systems.
**IEC 62443 Technical Depth**
E26 §4.2.5 maps directly to IEC 62443-3-3 SR 1.6 (Wireless Access Management) and SR 2.2 (Wireless Use Control). SR 1.6 requires that all wireless participants are authenticated before gaining access — no anonymous connections. SR 2.2 governs what those authenticated participants are permitted to do once connected. At Security Level 2, SR 2.2 adds rogue access point detection as an enhancement requirement, meaning active monitoring for unauthorized wireless infrastructure is expected in higher-risk OT environments aboard ship.
**The E27 Link**
UR E27 §4.1 items #5 (SR 1.6) and #9 (SR 2.2) cascade these requirements down to the system and component level. Where E26 defines the vessel-wide wireless security architecture, E27 ensures that individual OT systems and equipment suppliers implement the authentication and use-control mechanisms that make that architecture real. Together they enforce an authenticate-then-monitor model from the zone boundary to the device itself.
**🔧 Implementation Insight**
Commissioning is where wireless security is proven, not assumed. E26 explicitly requires demonstrating that only authorized devices can connect — for example, by attempting to associate an unauthorized device — and that secure protocols are confirmed via protocol analyzer. Most shipyard FAT processes don't go this far. Building this into your acceptance testing criteria before delivery is significantly easier than retrofitting it at sea.
**Over to you:** Have you encountered dual-homed wireless devices in shipboard OT audits — and how was it identified?
📌 Post 6/17 in my IACS UR E26 series — breaking down all 17 requirements across the Identify → Protect → Detect → Respond → Recover framework
'Security > Maritime Cyber Security' 카테고리의 다른 글
| [IACS UR E26] Protect – 08 Mobile & Portable Device Controls (0) | 2026.05.29 |
|---|---|
| [IACS UR E26] Protect – 07 Remote Access Control & Untrusted Network Communication (0) | 2026.05.29 |
| [IACS UR E26] Protect – 05 Access Control (0) | 2026.05.29 |
| [IACS UR E26] Protect – 04 Antivirus, Antimalware & Malicious Code Protection (0) | 2026.05.28 |
| [IACS UR E26] Protect – 03 Network Protection Safeguards (0) | 2026.05.28 |
