Cyber Risk in Maritime Shipping

CCIS graduate, Daniel Patterson, takes us through a detailed analysis of how increased digitalization in the maritime industry has created greater cyber risk.
Cyber risk in maritime shipping

Daniel is part of the Cyber Incident Response team at Emergence, Australia. As part of the Certified Cyber Insurance Specialist (CCIS) course, he completed a complex assignment on cyber risk in maritime shipping.

Cyber risk in maritime shipping
Cyber risk in maritime shipping has become an increasingly pressing issue. Interested to learn more about this risk and to enroll in our CCIS program? Click here.

The maritime shipping industry is the backbone of the global economy, accounting for more than 80% of global trade. The industry has been steadily growing for decades and is expected to continue to grow, allowing manufacturing to take place in areas with low resource costs, and finished products to be transported to markets around the world. 

The maritime industry faces some unique digital challenges. Like cars, maritime vessels utilize a broad range of smart systems for control, navigation, and communications. However, unlike cars, the lifespan of a ship is typically 30 years. In addition, in order to meet the increasing demand for shipping, the industry – already highly dependent on specialist labor, equipment, and technology – must embrace new technology to improve efficiency and keep up with demand.

The Digitial Maritime Environment Is Heavily Automated

Port operations rely on a range of devices, equipment, machinery, and specialist labor to function efficiently. Specialist machinery such as straddle carriers, wheeled or rail-mounted gantries, intra-terminal vehicles, reach stackers, and quay cranes are used for the loading and unloading of cargo, and these may be remotely controlled or fully automated. As well as issuing instructions and commands, port systems must also capture and share data between multiple platforms and equipment in order to track cargo, resources, and equipment. 

Digital Innovation: The Smart Port

In order to meet growing demands on capacity, the shipping industry has sought to maximize the automation of technology and processes, leading to the widespread adoption of the “smart port” concept. Improvements in connectivity, data capture, and information exchange have enabled high levels of coordination between separate ships and ports; these are now connected on a common system and a single, global network. On top of this, while not yet commonplace and restricted to specific shipping lanes, the first generation of fully autonomous cargo ships is already at sea. 

When combined with “smart port” systems, the potential to leverage AI, automation, and machine learning to maximize efficiency is considerable. For example, by combining data from multiple ships, ports, weather bureaus, and other maritime information services, automation can instruct approaching vessels to adjust their speed in order to arrive at port at an optimal time when the port is ready to unload their cargo. This could reduce unnecessary fuel use, air and sea pollution, time spent anchored (queuing), and ultimately money wasted by vessels arriving at ports that are unready to receive them.

Cyber Risk in Maritime Shipping: Maersk Case Study

In June 2017, shipping company Maersk was the victim of a cyber attack that paralyzed hundreds of connected devices, including telephones, computers, servers, routers, and electrically controlled gates. The company, which owns 76 ports, 800 vessels, and 574 officers worldwide, was effectively shut down, causing congestion at many of its ports across the globe. While the computers onboard Maersk’s ships were not affected, computers and networks at ports and freight terminals were. These contained cargo manifests and other critical data, without which port staff were unable to determine container contents and onward destinations. 

The cyber attack suffered by Maersk is especially significant because the impact was felt around the world as the global supply chain was disrupted. Containers sent on Maersk ships at the time of the attack would be lost in cargo yards and ports around the world for the next 3 months.

Internal Threats Boost Cyber Risk in Maritime Shipping

Like all industries, the shipping industry is vulnerable to insider threats. Potential attackers include disgruntled employees, and employees susceptible to bribery and corruption such as those experiencing financial difficulties, but the most likely and most dangerous threat from within comes from social engineering attacks targeting staff. These attacks could enable attackers to gain remote access to systems, and as these systems become more and more integrated, the danger of lateral movement and privilege escalation is amplified.  

A single attacker, able to gain access to the networks of a global shipping company such as Maersk, would be able to cause multimillion-dollar disruption to the world economy with minimal expense, technical skill, or likelihood of being brought to justice.

Growing Digitalization of Shipping Systems Increases Potential Attack Surfaces

For example, systems installed on a cargo vessel to monitor and control a ship’s engines can now transmit telemetry to a headquarters office or fleet controller in order to plan maintenance or monitor for problems. If an attacker were to gain remote access to these systems, they could conceivably transmit malicious instructions to the engines causing damage or complete destruction of the ship. 

The most well-known example of such manipulation of input leading to catastrophic damage is the Stuxnet worm, which experts conclude was designed to sabotage the nuclear program of Iran by causing components to self-destruct.

In addition to deliberate attempts to gain control of ship systems, hackers may also seek to exploit computer power for other nefarious purposes such as denial-of-service attacks, or cryptocurrency mining. While such hackers may not deliberately seek to endanger vessels, the loss of computing power could be critical in an emergency situation requiring rapid calculations and decision-making.

 

The maritime shipping industry has embraced automation to a high degree. Much of the equipment used at freight ports are either remotely controlled or entirely computer controlled, with the first generation of autonomous ships already in service. Because of this, and the global dependence on shipping, a cyber incident affecting one of the larger shipping organizations could have a major impact on the global economy and the supply of critical goods. However, this high level of automation offers huge benefits in terms of efficiency and economy. By making good use of data captured from machinery, systems, and vehicles along with information from external sources source as weather bureaus, the industry can continue to supply goods where they are needed while reducing pollution, costs, dependence on specialist labor, and increasing capacity.

Shipping organizations stand to gain enormously from increased connectivity with partners and systems across the globe, but they must ensure that their cybersecurity programs keep pace with the growth of networked infrastructure.

Want to read more about our CII-accredited Certified Cyber Insurance Specialist (CCIS) Course? Click here

Copyright © 2022 Cyber Insurance Academy | Registered as Cyber Advisory Excellence | Rothschild Blvd 45, Tel-Aviv | +972 5290594 Designed and built by Studio Praktik