In the marine industry, cyber security risks can have potentially serious consequences concerning the safety and security of cargo, shipping vessels, and even crew members. However, the possible origins of cyber threats that affect ships are not limited to what’s on board.
Ports and harbours carry substantial risks in the form of personal information such as crew or passenger data, cargo and freight documentations, location data, etc. With increasing digitization of ports, an improper cyber security infrastructure could allow hackers to gain control over a critical asset and cripple economic activity by stalling port operations.
Cyber security in shipping industry deals with the data protection measures put in place for IT systems, sensors, and other data-generating hardware placed on board shipping infrastructure – this holds good for both the vessels as well as port infrastructure. It looks at preventing data leakage by way of disruptions, manipulations, or unauthorized access. Any amount of leakage that results in the available data ending up in the wrong hands could lead to serious security, operational, as well as reputational risks.
Why Cyber Security is Critical for the Maritime Industry
Marine cyber security has a lot riding on it when it comes to maintaining the safety of various assets in the shipping industry, such as ports, cargo shipments, shipping vessels, and the all-important crew members. Marine cyber security and data leakage preventionplans and policies talk about various types of risks such as information integrity and availability of hardware and system both in the office of the shipping company as well as on board the vessels. Improper cyber security measures can result in delays and threats such as:
- Data transfer issues between the shipping company and vessel leading to unwanted delays in voyages.
- Operational issues involving on board hardware and equipment. If a vessel gets stalled in the ocean due to unauthorized access and control by external sources, it could put lives of the crew members at risk, and make them prone to attacks and hijackings.
- Manipulation or loss of external sensor data which is critical in a ship’s operations. Worse, cyber-attacks by hackers could lead to a severe loss of money by way of ransom payments and other financial bailouts.
These are some examples of what can go wrong if the shipping company does not implement proper maritime cyber securitymeasures. In the past few years, there have been instances where national security agencies such as the Coast Guard have been called in to investigate malware and phishing attacks aboard shipping vessels. The United Nations’ International Maritime Organization states in a report that more than 90% of global trade is conducted through the use of ships, making them an attractive target for cyber criminals. Even the European Union has woken up to this risk and brought the shipping industry under the ambit of Network and Information Systems (NIS) Directive. This is a governing body that is entrusted with protecting national critical infrastructure against cyber threats.
Challenges in Maritime Cyber Security
Information Technology (IT) for long had simply been associated with systems in oil rigs, ports, and offices, while Operational Technology (OT) dealt with navigational systems, cargo management, engine controls, and administration. A clear firewall between the two prevented them from getting mixed up or facing any external influence. As communications technology and the digital world evolved, IT and OT have become more integrated.
While the integration has helped the maritime industry improve efficiency, critical systems and processes linked to shipping operations have become more vulnerable to maritime cyber security risks. These risks could be a by-product of improper cyber system design, maintenance issues, or operational failures. Any intentional or unintentional cyber threats are also regarded as risks.
Some of the challenges that need to be kept in mind while planning to address the various marine cyber threats are as follows:
- OT systems deal with real-time performance, and all incidents must be responded to on time to ensure consistent availability and high reliability of the systems.
- OT systems must have strict access control at all times while not interfering with the necessary human-machine interactions.
- It is crucial to have proper system safety along with appropriate levels of fault tolerance. Sometimes, the bare minimum downtime can prove costly.
- OT systems are diverse with proprietary operating systems and protocols while not always having an associated embedded security capability.
- Long lifecycles are typical, and any system updates or patches need to be designed and implemented with the utmost care to prevent unwanted disruptions.
- OT systems are not always designed to provide high computing capabilities that are needed for supporting added security capabilities.
Any disruption to the normal functioning of an OT system could lead to significant risks for the cargo and personnel on board the ship. Your ship’s operations may also be impeded, while you could also be held guilty of causing grave damage to the local marine environment.
The Current Maritime Threat Landscape
As already discussed, increasing digitization of the shipping industry not only brings efficiency but also opens up opportunities for cyber security incidents. Several incidents in recent years have highlighted the fact that hackers are becoming increasingly successful in their endeavours.
In September 2020, one of the Big Fours of the global shipping industry, CMA CGM of France, revealed a ransomware attack. The other top players had, interestingly, experienced similar attacks over the past four years – APM-Maersk (2017, ransomware), Mediterranean Shipping Company (2020, malware), and COSCO (2018, ransomware).
Though different in many ways, all of these attacks have a common denominator – the maritime shipping industry, which seems to be a favourite of hackers!
Even the International Maritime Organization has not been spared as it came under attack in October 2021 from cybercriminals. Of late, various organizations such as the European Union (EU), US Coast Guard, and UNIMO have spoken out about the need to create greater awareness among the industry stakeholders about possible phishing and malware attacks on their company’s IT systems and technical infrastructure.
Common Cyber Risks Affecting the Maritime Industry
There are several critical systems and technologies on board a ship that can be targeted in the event of a cyber-attack. As the owner, you need to be aware of these and address any vulnerability in the system so that you can prevent an unwanted cyber security maritime incident.
- Obsolete, unsupported operating systems
- Missing malware protection or an outdated antivirus software and threat definitions
- Absence of best practices and inadequacy in security configurations
- Lack of clearly defined boundaries in shipboard computer networks and absence of network segmentation
- Critical safety equipment having a perpetual onshore connection
- Third parties granted inadequate access controls
Modern technology may be powerful, but they also add to the vulnerabilities if implemented improperly. Moreover, in certain network systems and shipboard equipment, the producers have an option of maintaining remote access. Lack of awareness about such functionalities further adds to the marine cyber securitythreats, creating new problems for the owners.
Best Practices to Prevent Maritime Cyber Threats
Here is a look at some of the best practices that your maritime company would do well to follow to make their operations more resilient to cyber threats:
- Conduct a risk exposure assessment by determining the vulnerabilities and likelihood of an attack through that channel.
- Identify the threats to develop a better understanding of the internal and external cyber risks.
- Identify the vulnerabilities and understand how your ship’s on board systems can get affected.
- Create and prioritize contingency plans to mitigate potential cyber risks.
- Develop measures to detect and protect so that a potential vulnerability cannot be exploited or the likelihood of exploitation is at least reduced.
- Respond to cyber incidents and put in place a contingency plan so as to recover from the setback as early as possible.
Marine cyber security prevention is typically a top-down approach where a senior manager or people in a leadership position, should take the responsibility of embedding a cyber-risk aware culture within the organization. This will also help put in place a flexible and holistic marine cyber securitymanagement regime in day-to-day operations with an effective feedback mechanism permitting further constant evaluation.