Is the maritime industry sailing into security vulnerabilities?

The impact of digital transformation can be noticed more and more clearly in many areas of life. If some tech companies have their way, it won’t be too long before we see self-driving cars controlled by computers roaming our highways.

Likewise, digital transformation is beginning to play a key role for shipping companies.

Today, shipping organizations are facing increasing pressure to operate more efficiently due to overcapacity and global demand. Meanwhile, customers are demanding faster, more streamlined services that afford integrated and end-to-end logistics.

As a result, the maritime industry is having to take a different approach to operations with the help of digital technologies. This includes:

• The development of new business models and offerings through online booking platforms and advanced cargo management systems.
• Connecting systems to gain more visibility of processes and improve communication and collaboration.
• Digitalizing the core business through things such as advanced analytics to optimize vessel deployment, blockchain technology to streamline and secure the documentation process, and the integration of enterprise resource planning (ERP) interfaces.
• Recruiting the right digital talent to help keep the business growing and running more efficiently.

Greater vulnerability on the horizon?

However, as the shipping industry trades in its traditional stand-alone systems for a more connected network, greater vulnerability is inevitable.

One of the industry’s highest-profile cyber attacks was against container shipping company, Maersk in 2017. The company was hit by NotPetya, a ransomware attack that prevented people from accessing their data unless they paid US$300 in bitcoin.

The ransomware took advantage of certain security vulnerabilities in Windows systems, and as a consequence, the companies business volumes were negatively affected.

In the days after Maersk was hit, the company estimated that its losses might run up to a staggering US$300 million.

A similar ransomware attack was recently experienced by shipping giant COSCO. Fortunately, unlike Maersk, the damage was limited to the business’s operations in the Americas. This is because unlike Maersk, COSCO apparently operated with regional IT networks rather than one global system, limiting the overall damage.

The COSCO investigation is ongoing, but as with all ransomware, the attack is likely to be the result of someone unknowingly executing files in an attachment or by clicking a malicious link.

This social engineering aspect of ransomware is what makes it such an attractive hacking method for cybercriminals. Unfortunately, there’s always someone who ends up falling for phishing emails.

These are just two high-profile cases of how cybercriminals are taking aim at the maritime industry. Every day as more technologies are being introduced, hackers are coming up with new and sophisticated ways to get their hands on data. It is more important than ever for shipping businesses to focus more attention on boosting their security efforts.

Safeguarding our ships

In order to be prepared and mitigate the damage of cyber threats to the maritime industry, it is crucial for companies to implement good data hygiene.

The International Maritime Organization (IMO) has released approved guidelines on cyber risk management which focuses on identifying the systems, data and capabilities that pose a risk to operations.

Companies must plan and implement risk control processes and have a sound understanding of how to detect cyber events in a timely manner.

Furthermore, they must have the ability to back-up and restore systems which are necessary for shipping operations or services following a cyber event.

To limit the damage that can result from a data breach, organizations are encouraged to have an incident response plan in place well in advance.

This will involve assembling an internal response team to guide the company’s actions following a breach, clearly laying out specific responsibilities to professionals in the event of a breach, identifying external data security resources, running a breach simulation to test your plan, and regularly reviewing and updating the response plan.