• 65026, Tamojenna sq. 1-b. Odessa, Ukraine

NewBuilds World’s largest LNG bunker vessels reach construction milestone

Small-scale LNG company Avenir LNG Ltd marked a milestone in the construction of the world’s largest LNG bunker vessels on 25 January by making its initial progress payments on the two 20,000-m3 ships under construction at Sinopacific Offshore Engineering in Nantong, China.

Avenir LNG signed the contract for the two LNG bunker vessels (LNGBV) in Q4 2018 and made the first progress payments of US$11.2M to the shipyard, according to regulatory filings by Stolt-Nielsen Limited, which has a 45% stake in the company through its investment arm Stolt-Nielsen Gas.

Other major investors in Avenir LNG are Golar LNG and Höegh LNG Holdings Limited, who each hold 22.5% stakes, and institutional and private investors, who hold the remaining 10% interest.

Avenir LNG is also building two dual-fuel 7,500-mLNGBV with Keppel Singmarine in Nantong that will be delivered in late 2019 and early 2020. The total cost for both vessels is approximately US$80M, including site team costs and capitalised interest. On 23 August, Avenir LNG exercised options for two more 7,500-m3LNGBVs with Keppel Singmarine at a total cost of US$76M that will be delivered in Q3 and Q4 2020, respectively.

Listed on the Norwegian OTC since 14 November 2018, Avenir LNG plans to become a leading provider of small-scale LNG for the power, ship bunkering, trucking and industrial markets.

Stolt-Nielsen, Golar LNG and Höegh LNG announced a combined investment of US$182M in Avenir LNG in 1 October 2018. The investment, made up of cash and equity-in-kind, is partly funding the construction of the six LNGBVs and an 80% ownership in an LNG terminal and distribution facility under development in the Italian port of Oristano, Sardinia.

Source: Seawanderer

Read More

General Lindblad signs agreement with Ulstein Verft for building of second new polar vessel

Lindblad Expeditions Holdings Inc. announces that it has signed an agreement with Norwegian shipbuilder and ship designer Ulstein to build a new polar vessel. The new ship is scheduled for delivery from Ulstein Verft in Q3 2021. The vessel is sister ship to ‘National Geographic Endurance’, which is under construction.

Lindblad Expeditions Holdings Inc., a global leader of expedition cruises and adventure travel experiences, announced the shipbuilding agreement, expanding the line’s National Geographic polar fleet to four ships.

This state-of-the-art vessel will be the next phase of Lindblad’s fleet expansion following the launches of new builds National Geographic Quest in July 2017, National Geographic Venture in December 2018 and the scheduled delivery of National Geographic Endurance in Q1 2020.

The new ship is scheduled for delivery in Q3 2021. Sister ship to National Geographic Endurance, the polar vessel will be fully stabilized with the highest ice class (PC5 Category A) of any purpose-built passenger vessel, and will feature Ulstein’s signature X-BOW®, a unique design that affords the smoothest, most comfortable ride imaginable, in all sea behavior, which results in greater fuel efficiency and fewer emissions, for reduced environmental impact.

Like its sister ship, the new vessel will accommodate 126 passengers in 69 spacious guest cabins and suites and is being designed to connect guests to their environment and be the ultimate platform for exploration. With 75 percent of the cabins featuring balconies for private viewing, multiple observation decks inside and outside, and “observation wings,” the surrounding environs will always be accessible. Off-ship exploring will be greatly enhanced with an innovative Zodiac loading system that will allow everyone to get ashore quickly and safely, ensuring quick access to every destination. The ship’s complement of expedition tools for exploration will include kayaks, cross-country skis, a remotely operated vehicle, hydrophones, a video microscope, underwater video cameras and more to be announced in the coming months.

Source: Seawanderer

Read More

Cyber threat explained

Cyber threat is any event or incident that aims to impact organisational operations, such as mission, functions, image, or reputation, organisational assets, individuals, other organisations, or the Nation through an information system. This is achieved through unauthorised access, destruction, disclosure, modification of information, and/or denial of service.

Mainly, cyber threats should be categorised in order to better understand the vulnerabilities of assets.

According to KR Guidance for the maritime cyber security system requirement, external environmental factors of internal information technology and operational technology should be identified and categorised as threats.

Moreover, the Open Web Application Security Project (OWASP) is an open source web application security problem that focuses on the research of web exposure, malicious files and scripts, security vulnerabilities.

OWASP Top 10 are published in 2004, 2007, 2010, 2013 and 2017.

Injection is a vulnerability that takes place when an attacker identifies and executes maliciously injected data as part of a normal query of the data base in a web application.

Injection attacks are easy-to-happen; data is in put or database information is requested.

The injection consists of four different types:

SQL injection;
HTML injection;
OS command injection;
LDAP.
Also, there are various types of injection depending on the attack method and language used.

Specifically, Structured Query Language (SQL) injection is a practice used to adjust or retrieve data in a SQL database.

When a cyber attacker executes specific SQL actions, an unauthorized user can change existing data, modify transactions and balances, and retrieve and/or destroy all server data.

The most crucial form of SQL injection is that the attacker gets root access to the machine and give it full control.

Finally, preventing injection requires keeping data separate from commands and queries:

It is preferable to use a safe API, to prevent the use of the interpreter entirely or provide a parameterized interface or migrate to use Object Relational Mapping Tools (ORMs);
The use of positive server-side input validation is ideal;
Use LIMIT and other SQL control within queries to prevent mass disclosure of records in case of SQL injection.

Source: Seawanderer

Read More