Cyber-Attack: What's at Stake
The global shipping industry has come of age with more automation, game-changing technologies and the-internet-of-things. But embarking on this voyage has also made it a prime target for unforeseen, invisible, and highly destructive cyber-attacks.
Spoofing, jamming, phishing, malware and ransom ware are not terms that were associated with the maritime and shipping sector until recently. But reality has changed and so has the game. Physical attacks are passé and it’s the day and age of cyber criminals who are targeting critical infrastructure sectors like maritime and shipping to cause maximum damage.
According to a 2016 survey by IHS Markit & BIMCO, 65 of 300 industry players said that they were victims of cyber-attacks like malware, phishing, and theft of credentials, among others. The attacks led to financial losses, loss of corporate data and affected the functionality of shipborne systems and IT systems. BIMCO’s report points out that the vulnerabilities on board ships include outdated/unpatched software, unsegregated networks, lack of access-control to computers and networks, lack of cyber security and safety policies, lack of intrusion detection, obsolete operating systems and low quality hardware used to construct networks.
“We consider the cruise line industry to be at particular risk due to the number of individuals boarding these ships all requiring connectivity. The container industry is also a sector, which requires enormous levels of electronics data exchanges which could be vulnerable without network protection measures in place,” says Phil Tinsley, Manager - Maritime Security, BIMCO.
Apart from vessels or ships, the sector is a primary target for cyber attackers because it is critical for the development of economies and global trade. The shipping industry accounts for almost 90 percent of the world’s trade by volume and contributes $360 billion or five percent of the total world trade in freight rates annually. It is complex in structure and involves many players.
“The transportation chain of the maritime industry is complex and diverse. You have actors from product and service providers, shipyards, charterers, operators and owners to technology providers such as satellite connectors. In this kind of environment all parties are not necessarily aligned in their interests to protect different segments,” says Kim Eklund, Director - Cyber-as-a-Service, Wärtsilä.
The industry is also an easy target for cyber-attacks because it has many fixed and mobile assets spread across jurisdictions and territories. An attack could not only lead to financial losses and breach of IT systems, but also cause damage to assets like vessels, containers, offshore oil and gas platforms, unmanned undersea vehicles, drones, port infrastructure, navigation aids, undersea cables and pipelines, communications systems (onshore, ship-to-shore, and satellite), port industrial control systems (ICS) etc.
Lior Frenkel, CEO, Waterfall Security Solutions explains, “If ships travel near, through, or to zones of active conflict, state-sponsored cyber sabotage is a real possibility. Worst-case consequences include physical damage to the vessel, cargo, crew members, passengers and the environment.”
For instance, in April last year, South Korea is said to have made almost 280 vessels return to port after experiencing problems with its navigation systems.
Other examples include an attack on the port of Oakland targeting its administrative site; ongoing and repeated attacks on the vessels of a global shipping company where pirates would board and locate specific high-value crates by a bar code and steal them; attacks on the bunkering sector by impersonating sellers and requesting for payments into a scammer accounts etc.
“The intrinsically global nature of the supply chain, diversity of stakeholders and complexity of operational activities present a very challenging backdrop for security professionals in the shipping industry to work against,” says Peter Broadhurst, Senior Vice President, Inmarsat.
The Weak Link
Experts say that most of the cyber-attacks in the shipping industry happen on account of human error. According to Futurenautics’ Crew Connectivity 2015 survey only 12 percent of crew had received any form of cyber security training and only 43 percent of crew were aware of any cyber-safe policy or cyber hygiene guidelines provided by their company for personal web-browsing or the use of removable media (USB memory sticks etc.). 43 percent of crew reported that they had sailed on a vessel that had become infected with a virus or malware.
“The greatest vulnerability to any system is normally the user. It is therefore increasingly important to recognize the value of having an informed, trained and responsible workforce when it comes to cyber threats,” says Selina Singh, Senior Consultant (Maritime) at NYA International.
Future Proof Shipping
As systems get more complex and ships become smarter due to technological advancements, every area of operation is exposed to cyber risks. Companies like Wärtsilä understand this and are offering turnkey marine solutions like cybersecurity patching services to their customers in order to manage the entire lifecycle of their industrial control systems.
“The whole approach is geared around the increasing onset of the maritime equivalent of the ‘Internet of Things’ (IoT). We all acknowledge that we are in a global, more integrated network, and a more automated network, overall. But at the same time, this brings with it an increase in risks because it also increases opportunities and vulnerabilities to those who would exploit them,” says Andrew Ross, Director, Cyber Assurance, Wärtsilä.
That’s a good approach to have because in the days ahead, the threats will only grow and get more destructive in nature. So the best way for the industry to sail smoothly is to become “future proof.”
The opinions expressed herein are the author's and not necessarily those of The Maritime Executive.