Expert Risk Articles

The cyber threat at sea – and how shipping needs to respond

Modern vessels are increasingly dependent on computer and software. Bridge systems, such as Electronic Chart Display and Information System (ECDIS), Automatic Identification System (AIS) and Global Positioning Systems (GPS), are now important features of a ship’s ability to navigate safely.

Elsewhere on a vessel are cargo handling and management systems, propulsion and machinery management systems and power control and communications systems, all of which can be controlled in real-time through wireless networks. This is leading to increasing concern about the disruption that could be caused by a technical failure or even the ability of such systems to be compromised by criminals, potentially resulting in a serious maritime event such as a collision, property damage or even personal injury.

The cyber threat at sea

“The shipping sector doesn’t have a particularly heightened risk awareness when it comes to cyber risk,” says Captain Rahul Khanna, Head of Marine Risk Consulting, AGCS. “As no major incident has occurred to date, the majority of the industry is complacent about the risks.”

“A changing geopolitical scenario can transpose cyber risk into a real threat,” adds Captain Nitin Chopra, a Senior Marine Risk Consultant at AGCS. “The threat perception towards this intangible must change.” For many, cyber-attacks are largely regarded as onshore affairs. And compared with the retail, healthcare and banking sectors there have been relatively few public
examples of shipping incidents to date, although their number has been increasing in recent years.

In 2013, researchers at the University of Texas showed how easy it can be to take charge of vessels cruising near coastal regions: they seized the IT system of a large yacht and managed to take it off course. If such risks are not appropriately addressed, it is only a matter of time before the maritime sector suffers a major cyber-attack of this nature, believes Khanna.

“We can’t put IT security on the backburner. Just imagine if hackers were able to take control of a large container ship on a strategically-important route. They could block transits for a long period of time, causing significant economic damage.” The increasing reliance on technology and automation will significantly alter the risk profile of the maritime sector, adds Chris Turberville, Head of Marine Hull & Liabilities, AGCS UK. Yet there is concern about the current pace of development of IT and cyber security standards in the maritime industry.

In 2016 Baltic and International Maritime Council (BIMCO) launched its cyber security advice for ship owners: The Guidelines on Cyber Security onboard Ships. Supported by other shipping organizations, the guidelines help ship-owners assess and manage cyber risks, as well as develop response and recovery plans.

Also last year, the IMO approved its interim guidelines on maritime cyber risk management, which provide high level recommendations on cyber security for the maritime industry.

lass societies are also developing cyber security solutions – US class society ABS issued its first cyber security notation in 2016i. The International Association of Classification Societies (IACS) has extended its remit to include cyber security [ii].

“In the maritime industry there is no one regulation or standard for IT systems and cyber security that shipowners and operators have to comply with. There needs to be industry codes and best practices developed, as well as minimum regulatory standards,” says Turberville.

With increasing use of technology and connected devices, the maritime sector will need to speed up the development of cyber security standards.



Cyber log – Incidents to date

Up until now, the global maritime community has, largely, managed to stay out of the hacker’s cross hairs. However, there have been a number of incidents over the past five years which have caused alarm:

> Iran Shipping Lines was the victim of an attack that crashed its system and resulted in the loss of data tracking its carriers. This led to significant disruption in operations, financial losses, and lost cargo

> Criminal syndicate penetrates cargo systems operated by Australian Customs and Border Protection


Multimillion dollar “superyachts” are said to be susceptible to cyber-hijacking, due to less-secured Wi-Fi networks, which can be accessed from some distance. Photo: Shutterstock.

> Danish Maritime Authorities discovered that they had been subjected to a successful attack

> World Fuel Services falls victim to an online bunkering scam costing around $18m

> Port of Long Beach reported several large scale distributed denial of service (DDoS) attacks

> Drug traffickers recruited hackers to breach IT systems at the port of Antwerp in Belgium that controlled the movement and location of containers

> Malware dubbed “Zombie Zero” was preinstalled and hidden within Chinese-made scanner hardware used by shipping and logistic firms. The malware compromised at least eight companies

> Hackers stole hundreds of thousands of dollars from a Limassol-based shipping company through a phishing attack.

> US Coast Guard officials say GPS interference disrupted operations at an undisclosed port for several hours

> South Korea reported that hundreds of its vessels had to return to the port, as their GPS signals were jammed due to a cyber-attack initiated by North Korea

> Criminals download bills of lading from a container company’s servers. Pirates then board a number of vessels and target these specific high-value containers.

Various news sources