How to stay afloat in the face of cyber-attacks

Today's 'Petya' cyber attack once again brings into sharp focus the threat posed to the marine industry.

Today's 'Petya' cyber attack once again brings into sharp focus the threat posed to the marine industry.

At the time of writing, 17 container terminals across Europe have already been affected and there is a credible concern that the virus will spread further yet. In Ukraine, government departments, the Central Bank, the airport in Kiev and metro network have all been paralysed. Ransomware attacks have struck offices of multinationals in Spain. The question many are asking is not whether their systems will be able to respond to an attack but whether their back up systems will be adequate as and when front line defences fail. Phil James revisits this pressing issue.

The marine industry is open to cyber attack due to a number of reasons which include the development of its digital security systems failing to keep pace with the technology being used in other areas of the transport sector. Further, and more worryingly, marine organisations are lagging behind the increasingly sophisticated systems being used by organised criminals and terrorists. This therefore raises the disturbing question of not ‘if’ our ports and vessels will fall victim to cyber attack, but ‘when’?

There are numerous ways in which digital marine infrastructure can be penetrated. Bills of lading, manifests and transit orders can be falsified, resulting in serious financial consequences – not to mention the movement of cargoes such as drugs, weapons, human traffic and even ‘dirty bombs’. Fraudulent data can be inserted into systems to create the illusion of legitimacy to criminal and terrorist activities carried out by certain criminal organisations. Automatic Identification System (AIS) data is based on radio transmission, which is also relayed via the internet and is susceptible to interference. Another weakness in marine security arises out of electronic payment for bunkers. Like any digital financial transaction, it is susceptible to interference by cyber criminals. Unlike some digital financial transactions, the sums involved are always significant.

The Port of Antwerp hacking incident in 2013 is a recent high profile example of a cyber breach. Drug smugglers planted an extraordinary array of disguised remote access devices on the Belgian port’s logistics systems as part of a major hacking attack.

The attack is thought to have taken place over a two year period from June 2011. The organised crime group used hackers based in Belgium to infiltrate computer networks in at least two companies operating in the Port. The systems that controlled the movement and location of containers were breached. This allowed:

  • The hackers to access secure data containing location and security details of containers, which in turn allowed.
  • The traffickers to hide cocaine and heroin among legitimate cargoes including timber and bananas shipped in containers from South America.

It was then easy for the traffickers to steal the relevant containers before the legitimate owner arrived.

The scale of the problem has been widely assessed by cyber security firms that have regularly demonstrated just how easy it is to penetrate marine security systems. This should serve as a wake-up call for the marine community to properly address its security problems – and there have been encouraging developments.

Some ports are already refusing to accept cargoes from geographical high-risk areas. Ports can refuse or restrict access to their facilities if other ports and carriers cannot demonstrate that they have the required level of cyber security. This is common practice in the industry as a whole and there is no reason why the marine industry should be any different.

Many in the industry are calling for radical reforms at the highest levels to ensure the marine sector introduces and maintains the same high security levels as, for example, the aviation industry. Ultimately this will require significant investment in training, physical infrastructure, governance and auditing.

Thankfully, governments and insurers are increasingly taking action to address the marine industry’s vulnerability. In the UK, the Cyber Essentials Award allows businesses to show consumers that they have measures in place to defend against cyber threats, such as the recent GOZeuS and CryptoLocker malware attacks. Cyber Essentials has also helped to provide businesses with clarity on what amounts to good cyber practice.

The Cyber Essential Badge provides reassurance that a company takes cyber security seriously – boosting its reputation and creating a competitive selling point. It is reassuring to note that the scheme is being backed by major insurers, reinsurers and market bodies.

The UK government also requires suppliers bidding for high risk contracts to be Cyber Essentials certified. While this is not marine specific, it does point the way for the marine industry. Looking ahead, carriers and ports may have to produce a ‘Cyber Certificate’ to demonstrate that they can ensure the integrity of the cargos they carry, handle or store.

It is necessary for organisations to protect themselves with cyber contracts, such documents are likely to become a standard part of the contractual framework of the future.

"Gone are the days when marine security meant fitting netting to ships’ bulwarks to repel pirates. Today's cyber pirates can create havoc on an unprecedented scale. The maritime industry must adopt equally sophisticated defences – or risk paying a very heavy penalty."

Share on Twitter