Whereas 2020 has been a highly unusual year on many parameters, unfortunately it can be said that the maritime sector is experiencing a continued barrage of cyber attacks, with some clearly being successful and disruptive.
Recent examples of victims of successful cyber attacks from within 2020 of this includes the world’s 2nd and 3rd largest container shipping lines MSC and CMA CGM, The world’s largest cruise line Carnival, Australia’s largest freight forwarder Toll (they were hit twice this year), Iran’s Shaheed Rajaee port which was brought to a standstill as well as a successful attack against the International Maritime Organization IMO itself. And these are just some of the highest profile successful attacks so far in 2020. It is clear that no-one is fully secure from such attacks.
One of the challenges is to quantify the amount of attacks as many companies are not disclosing attacks. Furthermore, the problem is that not all attacks are against “traditional computers” but are levied against industrial equipment components also known as OT.
North America based Naval Dome published an overview indicating that they had seen an increase in OT attacks from 50 in 2017 to 120 in 2018, and further up to 310 in 2019.
These developments are, unfortunately, not surprising as it follows a pattern we have seen for many years. This also instill a sense of deja-vu as many of the issues leading to successful attacks remain the same. In reality there is no “magic bullet”, which will cause the threat to go away. However, with a well-planned and executed cyber defensive strategy the risk can be lowered significantly, and the impact of a successful attack can be mitigated.
In our experience, one of the most important aspects of lowering the cyber risk for shipping companies – both onshore and on the vessels – is to get a realistic assessment of the current state of affairs. The challenge for many maritime companies is that their IT and technical departments do not have the specific skills and training necessary to even detect their own security flaws. This is not meant to criticize the shipping lines’ IT departments – they tend to be very capable in terms of ensuring that IT delivers on the business requirements. However, the skill set – trick of the trade – that are employed by the offensive cyber attackers is not one that is often seen in such IT departments. This leads to a false sense of security.
The key conclusion is that the cyber risks in shipping are as real and present as ever. The risk of having your full operations brought to a standstill is genuine. The risk of having your ships rendered inoperative, or ineffective, is genuine.
Our experience at Improsec is that if you have never had your systems properly tested against a cyber-attack, you are unlikely to have good overview of your actual vulnerabilities. However, our experience is also that many of the vulnerabilities can be improved if a proper plan is drawn up based on the actual vulnerabilities found, whereas a plan made only on the basis of assumptions is likely to miss the mark.
For further information about our Maritime security service, please visit: https://improsec.com/en/maritime-cyber-security-vessel-assessment