In the maritime industry, common issues that emerge while vessels are en route include piracy, accidents, and poor weather conditions. However, another serious problem – increasing cyberattacks – is a growing concern in the sector responsible for transporting large volumes of goods. What will it take for the maritime industry to bolster its cybersecurity posture in the digital age?
In simple terms, maritime cybersecurity is a collection of tools, practices, processes, and procedures maritime organizations follow to protect their digital assets from ongoing cyber threats.
Because the maritime industry is becoming increasingly interconnected by digital technologies, some of which are highly advanced – like artificial intelligence (AI) and machine learning (ML) – the sector is more vulnerable to cybersecurity threats than ever.
Vessels now use the latest technologies to power their operations, but it’s a double-edged sword. More technology inevitably means it’s easier for threat actors to launch attacks.
In recent years, several attacks on vessels and their organizations in the maritime industry have negatively affected operations, even causing disruptions in the supply chain. Here are some of the cyberattacks on the maritime sector that made headlines.
In December 2022, German firm Hellmann Worldwide Logistics announced its operations were impacted by a phishing attack. According to an article from NBC News, the organization had to stop taking on new bookings several days after the initial attack to respond and recover.
The firm decided to shut down all of its data centers and some of its connected systems to prevent the attack from spreading.
After suffering an attack in 2017, Maersk reported losing around $300 million and lost most of its data, illustrating just how costly cyber incidents can be for maritime organizations. The company was hit with a malware attack from NotPetya, a type of infectious software targeting Windows-based machines.
NotPetya rose to prominence in 2016 and impacted more than just Maersk – companies in countries such as France, Germany, Poland, and Russia faced NotPetya attacks as well.
Swire Pacific Offshore is an offshore operator that reported a cyber incident in November 2021. According to the Singapore-based company, the ransomware attack resulted in a loss of confidential, proprietary commercial information as well as some data regarding personnel.
In an article from Maritime Executive, analysts claim the attack was carried out by a ransomware gang known as Clop, which was first spotted in 2019.
Cyberattacks have far-reaching effects on the companies operating fleets of vessels. While some attacks might be isolated to one cargo ship, threat actors are launching more sophisticated attacks that have more severe repercussions that impact more than one vessel.
When a maritime vessel experiences a cyberattack, it can wreak havoc on its operations. Since so many ships carry goods to and from their origin and destination, any other player in the supply chain could be affected by a single cyber incident.
The industry’s overall efficiency and resiliency are riding on the idea that each intermediary will hit the mark by delivering goods on time. Slow intermediaries can reflect poorly on companies throughout the supply chain, so it’s crucial for vessels to maintain efficiency. How can they do so if cyberattacks are bringing operations to a screeching halt?
Here are some ways maritime organizations can defend themselves and their valuable fleets from cyberattacks.
According to the International Maritime Organization (IMO), there are five elements that should be incorporated into any maritime company’s risk management framework: Identify, protect, detect, respond, and recover. Each step comes with high-level cybersecurity and cyber risk management recommendations, so maritime organizations can safeguard their assets against current and emerging threats.
In 2017, the Maritime Safety Committee adopted Resolution MSC.428(98), more commonly known as, “Maritime Cyber Risk Management in Safety Management Systems.” The resolution encourages ship owners, managers, and operators to meet specific compliance requirements to manage cyber risk. It can be challenging to meet compliance requirements, but it’s necessary.
Companies should consider using various cybersecurity tools to protect fleets, vessels, and the IT/OT systems on those vessels. For example, companies can use advanced vulnerability management tools such as Astra Pentest and NinjaOne Backup, two powerful solutions in the cybersecurity space.
Another way maritime companies can defend against cyber threats is by creating a cybersecurity action plan, which should consist of the best cybersecurity practices. Here are some examples of what items should be included in an action plan:
- Change passwords frequently – especially admin passwords
- Use multi-factor/two-factor authentication for user logins whenever possible
- Make sure mission-critical systems are not accessible via the internet
- Use access control measures and physical security to protect operational tech (OT)
- Run checks on all Wi-Fi networks regularly
- Do not use unsecured, personal wireless devices while aboard
- Use best network segmentation practices to isolate potential incidents
Use these tips to maintain good cyber hygiene measures on all vessels.
As the maritime industry continues to evolve, adopt new technologies, and keep the supply chain running smoothly, it’s crucial that ship owners and vessel operators are aware of current and emerging cybersecurity threats.
A more tech-driven industry calls for stronger cybersecurity measures and best practices to protect maritime assets and operations. Consider using the tips above if you’re a professional in this critical sector.