CYBER SECURITY IN MARITIME SECTOR

By: Tejeshwar Singh Rana, 2nd Officer, Shell shipping-London, UK & Asstt. Editor-ICN 

Cyber security means the body of technologies, processes and practices designed to protect networks, devices,programs and data from attack damage or unauthorised access.

Cyber security may also be referred to as Information Technology security.

What type of cyber attacks could happen in the maritime industry :-

– Diverting funds to fraudulent accounts using e-mail spoofing.

– Changing a vessel’s direction by interfering with its GPS signal.

– Causing a floating oil platform to tilt to one side, thus forcing it to temporarily shut down.

– Infiltrating cyber systems in a port to locate specific containers loaded with illegal drugs to remove them from the port undetected.

– Infiltrating a shipping company’s computer systems to identify vessels with valuable cargoes and minimal onboard security, which led to the hijacking of at least one vessel.

Why shipping industry is Vulnerable to cyber attack :-

Cyber attack in maritime is rising due to increasing use of digital platforms. There is still second thoughts in the industry to take preventative measures, leaving shipowners and operators even more vulnerable to these attacks.

There are four factors plays in maritime industry, The first is automation, as machinery on vessels are increasing and they are controlled by software. The second is integration, on any given vessel there may be multiple systems connected together. The third factor is monitoring. The fourth factor is that all these systems are connected through the internet.

There are some reasons why the maritime industry is more suspectable to cyber attack than it might realise.

1. Increased use of computer service
2. Crew are not trained in cyber security :
3. Lack of encryption :
4. It is expensive to safeguard against attacks :

Consequences of a Maritime Cyber Attack :-

There are some consequences of Maritime cyber attack, they are as follow :

– Business interruption.

– Ransom payments.

– Wire transfer fraud.

– Loss of reputation and bad publicity.

– Third party claims.

– Fines for breach of data protection and privacy laws.

Maritime Cyber Security Awareness :-

1. Your Satcom system should not be on the public internet :-

2. Change the manufacturers default password on your satcom system :-

3. Always update the software on your satcom system :-.

4. Separate your onboard bridge, engineroom, crew, wifi and business networks :-

5. Secure USB ports on all the ships :-

6. Check all onboard Wifi network and passwords :

7. Do not depend entirely on technology for safe navigation :

8. Teach your crew about cyber security :

9. Ask for proof from your technology suppliers that they are cyber secure :

10. Get a vessel security audit :

Case Study :

In June 2017, A.P. Moller – Maersk fell victim to a major cyber-attack caused by the NotPetya malware, which also affected many organisations globally. As a result, Maersk’s operations in transport and logistics businesses were disrupted, leading to unwarranted impact.

The attack was reportedly created huge problems to the world’s biggest carrier of seaborne freight which transports about 15 per cent of global trade by containers. In particular, Maersk’s container ships stood still at sea and its 76 port terminals around the world ground to a halt. The recovery was fast, but within a brief period the organisation suffered financial losses up to USD300m covering, among other things, loss of revenue, IT restoration costs and extraordinary costs related to operations.

All began when an employee in Ukraine responded to an email which featuring the NotPetya Malware. The system affected and therefore operations practically had to be on hold until system’s restoration.

Although the incident was serious, the organization responded rapidly, under the supervision of CEO and top management team. A team of IT experts (including internal and external partners) mobilized to track, identify and remove malware from affected systems in order to put operations back in line, while at the same time, media handling was excellent with instant feedback to Maerks’s stakeholders about the situation.

In particular, the following actions were taken :

– Internal and external communications established: Maersk sent out daily updates detailing which ports were open and closed, which booking systems were running and more.

– A customer focused response established. Company’s front line personnel instructed to do all actions required for customers’ satisfaction, no matter the cost.

Eight days following the attack, Maersk managed to resume taking online bookings, although some terminals (eg. India) had to be handled manually.

In the aftermath of the cyber attack, Maersk seems to have adopted a new approach to cyber security. To further enhance cyber resilience, many immediate and long-term initiatives have been implemented and planned to secure the digital business, strengthen the IT infrastructure platform, enhance IT service continuity and recovery as well as reinforce business continuity plans. Also, cyber insurance has been purchased to mitigate some of the potentially negative financial impact of repeated successful cyber-attacks in the future. While in its Annual Report before the attack, the word ‘Cyber’ was recorded times, in its Annual Report in the end of 2017, ‘cyber’ can been found 39 times in the document! In addition, cyber risk has been included in the relevant matrix as a significant factor to be assessed.

What Lessons can you learn from Mearsk Cyber Attack?

1. Shut down your entire IT system :

2. Be protective in your communication :

3. Remain Calm :

4. Address Internal Competencies :

5. Have a strong disaster recovery strategy in place :