ECDIS Cyber Risk

ECDIS cyber risk is the exposure of the Electronic Chart Display and Information System to compromise through its update and connectivity paths. Chart and software updates often arrive on USB media or CD, a documented malware vector, and many units run unsupported operating systems while networked to GPS, AIS, radar, and the integrated bridge. A corrupted chart, spoofed position feed, or malware-disabled display can mislead navigation. IMO MSC-FAL.1/Circ.3 and BIMCO single out ECDIS for controlled media, network segmentation, and patching; ECDIS carriage itself is mandated under SOLAS Chapter V Regulation 19.