Maritime Cyber Security: Prevention is Better Than Cure
Cyber threats have been for a long time construed as low risk. According to a survey of maritime company leaders, conducted by Sea Asia company in 2017, only 43.75% of companies have prevention and contingency plans to protect themselves from cyber attacks or quickly recover from one with minimum damage. Are these companies being overly vigilant or are the rest ignoring a rapidly growing problem?
Today’s technology is developing extremely fast and shipping innovations are leading the industry towards automation and connectivity. As advanced as this makes the Maritime sector, it also leaves it more vulnerable to cyber attacks if correct security measures are not taken.
Even the International Maritime Organization (IMO) has taken this threat seriously. They have given shipowners and managers until 2021 to incorporate cyber risk management into their ship safety frameworks. Those who will not comply risk having ships detained. These safety additions are paramount because the number of vessels with malware onboard is increasing.
IHS Markit & BIMCO had conducted a survey in 2016 the results of which showed that 65 of 300 Maritime companies reported having been victims of cyber attacks. Those attacks included malware, phishing, theft of credentials and other harmful developments. In the intervening years, the scale of these attacks has only grown.
2017 saw the biggest cyber attacks on shipping companies to date. Danish AP Moller-Maersk, the world’s largest container shipping line, experienced a large-scale cyber attack on June 27th. It resulted in the shutdown of IT systems across multiple sites and business units with 17 terminals being hacked. This cost the company between $250 million and $300 million. This attack was quickly followed by one against the shipping company BW Group in July and caused its computer systems to go offline.
It’s getting more and more clear that cyber threats for ships are real and can cause considerable damage. What is more, nowadays vessels don’t even have to be connected to the internet to be a victim of a cyber attack. For example, malware can be injected through USB drives or infected new build or retrofit components. Because of this and malware spread via internet connection, different areas of shipping functions may be affected.
Availability of internet connectivity using satellite or other wireless communication, such as SATCOM, VOIP, WLAN, WiFi, can increase ship vulnerability. Once the malware enters, a number of systems can be disturbed. Navigation systems are very susceptible to an attack since Electronic Chart Display (ECDIS) rarely have anti-virus programs, so there is nothing stopping attackers from interrupting the display of chart information and/or gain full control of a system.
There is also a possibility that propulsion, power generation, steering systems, etc. could be remotely shut down. Another way to disrupt normal operation of the company and ship systems is deleting critical pre-arrival information or overloading company systems. Cyber terrorists could also gain access to commercially sensitive data such as cargo manifests and/or crew and passenger lists then manipulate them to facilitate fraudulent transport of illegal cargo or thefts.
Passenger services and management systems, crew networks and core infrastructure systems could also be affected, stopping the efficient operations and causing financial loss.
How to be Prepared?
There are a few necessary steps in cyber security preparedness. To begin with, vulnerability assessment is key to understand what limitations current protection measures have and determine how these limitations could be exploited and by whom. Most data breaches are caused by negligent or disgruntled employees or third- party service providers. This means, that the company should not only strengthen the vulnerable parts of its systems, but also, train personnel to be aware of the risk and how to deal with them, as well as perform third-party risk assessment.
Then, contingency and incident response plans should be developed. This will help reduce the damage done to the security of the ships and diminish risks for future attacks. It is advised to test these plans and, according to the results of simulated cyber attacks, reassess system vulnerabilities and measures taken to lessen the threats.
Cyber security is no longer a matter of choice – it is a matter of necessity. Make sure your vessels, data, crew, passengers and cargo are protected from threats that might not be tangible, but are no less real. Remember, an ounce of prevention is worth a pound of cure.