Maritime Cyber security

 A new challenge

[1]

Imagine you are a deck officer on watch and suddenly all the bridge instruments go dead.

Imagine you are an engineer on watch and all the generators stop running.

Imagine you are a port operator, and all the container cranes and stackers stop running.

Imagine you oversee logistics for a large global operator and your software informs you that you have been hacked and need to pay a ransom to restart it.

It has happened! A research report looked at 46 cyber attacks in the shipping industry between 2010 and 2020 and noted they are increasing[2].

Worse, the perception of cyber attacks at sea by seafarers themselves was that it did not happen on their ship![3] This has encouraged research as at the University of Plymouth[4]

In 2017 the Russian hacker group Sandworm started a cyber-attack that was global and affected the entire Maersk network of 76 ports with more than 800 vessels accounting for one fifth of global maritime trade.

It started in a Maersk affiliated company in[5] Odessa, Ukraine and rapidly spread around the world. Maersk[6] had to shut much of its operation as communication, container booking and loading programmes were all affected. The central issue was ransomware that demanded payment before cleaning the software. The servers affected were those that controlled access and password control around the global network. Fortunately one clean setup was found in Ghana and was used to re-establish the network. It was estimated that Maersk lost around 300 million dollars because of the attack.

Not only shipping companies but ports also have been attacked.

Digitalisation of the global logistics network has accelerated in the last years[7] and ports have become just as great information hubs as they are for physical goods. This puts ports in a vulnerable position regarding cyber-attack over the whole global logistics chain.

At the World Economic forum in 2016 Klaus Schwab stated that we were on the brink of a technological revolution he called “The Fourth Industrial Revolution”.[8] He went on to say:

“In the future, technological innovation will also lead to a supply-side miracle, with long-term gains in efficiency and productivity. Transportation and communication costs will drop, logistics and global supply chains will become more effective, and the cost of trade will diminish, all of which will open new markets and drive economic growth.”

He went on to warn that national and international security would be impacted and the port cyber security report[9] warned that the only solution was a common coordinated approach to dealing with these threats was the only way forward.

There is an excellent overview of maritime security here[10]

There have been many responses from shipping organisations and regulators.

Classification authorities have responded. IACS[11] issued requirements for classification and DNV[12] offers advice and training on cyber security issues.

The American Coastguard[13] reviews trends in cyber security and an association of owners and authorities led by BIMCO[14] offer guidelines on dealing with cyber security specifically on ships and the US National Institute of Standards and Technology (NIST)[15] provided a framework for dealing with cyber security and this has been adopted generally in the maritime sector.

IMO recognised the risk from cyber-attacks in 2017[16] and issued guidelines in 2021[17].

There are two regulatory instruments IMO dealing with safety and security, both of which are part of SOLAS (International Convention for the Safety of Life at Sea). The ISM code (International Safety Management) and ISPS (International Ship and Port Facility Security). Both arose out of a need for physical security although referring to information systems. These have now been strengthened to cover cyber security.[18]

 

The question arises on who is responsible onboard ship for cyber security? A new position of CySO (Cyber Security Officer) has been coined and maybe a dedicated rank on board ship where necessary as in large cruise ships or be a part of the Ship Security Officers role with extra training.[19]

Courses are available around the world such as at Warsash[20] and Glasgow[21] in the UK.

The work of the Ship’s Officer has had to be extended to cover cyber security thus providing a new challenge for the seafarer.

References

‘2021-Cyber-Security-Guidelines.Pdf’. Accessed 28 April 2023. https://www.ics-shipping.org/wp-content/uploads/2021/02/2021-Cyber-Security-Guidelines.pdf.

‘2021CyberTrendsInsightsMarineEnvironmentReport.Pdf’, n.d.

admin. ‘What Cybersecurity Requirements Are Mandatory for New Ships and Offshore Constructions? Cybersecurity’. Cybersecurity (blog), 15 February 2023. https://cybersecurity.aeromarine.es/cyber-requirements/.

Bazilchuk, Nancy. ‘Better Cyber Security at Sea’. Norwegian SciTech News, 26 May 2022. https://norwegianscitechnews.com/2022/05/better-cybersecurity-at-sea/.

Capano, Daniel E. ‘Throwback Attack: How NotPetya Accidentally Took down Global Shipping Giant Maersk’. Industrial Cybersecurity Pulse, 30 September 2021. https://www.industrialcybersecuritypulse.com/threats-vulnerabilities/throwback-attack-how-notpetya-accidentally-took-down-global-shipping-giant-maersk/.

‘Code of Practice: Cyber Security for Ships’, n.d.

‘Cyber Attack Update - A.P. Møller - Mærsk A/S’. Accessed 28 April 2023. https://investor.maersk.com/news-releases/news-release-details/cyber-attack-update.

DNV. ‘Cyber Security for the Real World​’. Accessed 5 June 2023. https://www.dnv.com/Default.

Glasgow Maritime Academy. ‘Maritime Cyber Security Training (MACSET)’. Accessed 28 April 2023. https://www.glasgowmaritimeacademy.com/maritime-cyber-security-training-macset/.

‘IAPH-Port-Community-Cyber-Security-Report-Q2-2020.Pdf’. Accessed 26 April 2023. https://sustainableworldports.org/wp-content/uploads/IAPH-Port-Community-Cyber-Security-Report-Q2-2020.pdf.

‘MSC-FAL.1-Circ.3-Rev.2 - Guidelines On Maritime Cyber Risk Management (Secretariat) (1).Pdf’. Accessed 26 April 2023. https://wwwcdn.imo.org/localresources/en/OurWork/Security/Documents/MSC-FAL.1-Circ.3-Rev.2%20-%20Guidelines%20On%20Maritime%20Cyber%20Risk%20Management%20(Secretariat)%20(1).pdf.

‘NIST Cybersecurity Framework’. In Wikipedia, 15 May 2023. https://en.wikipedia.org/w/index.php?title=NIST_Cybersecurity_Framework&oldid=1154907984.

P.h, Meland, Bernsmed K, Wille E, Rødseth Ø.j, and Nesheim D.a. ‘A Retrospective Analysis of Maritime Cyber Security Incidents’. TransNav, International Journal on Marine Navigation and Safety Od Sea Transportation 15, no. 3 (1 September 2021). http://www.transnav.eu/Article_A_Retrospective_Analysis_of_Maritime_Cyber_Security_Incidents_Meland,59,1144.html.

‘Resolution MSC.428(98).Pdf’. Accessed 26 April 2023. https://wwwcdn.imo.org/localresources/en/OurWork/Security/Documents/Resolution%20MSC.428(98).pdf.

‘Ship Cyber Security Officer | Warsash Maritime’. Accessed 28 April 2023. https://maritime.solent.ac.uk/courses/stcw-safety-and-security/ship-cyber-security-officer.

‘The Importance of Cybersecurity in the Maritime Industry’. Accessed 16 June 2023. https://marine-digital.com/article_importance_of_cybersecurity.

University of Plymouth. ‘Maritime Cyber Threats Research Group’. Accessed 29 April 2023. https://www.plymouth.ac.uk/research/maritime-cyber-threats-research-group.

World Economic Forum. ‘The Fourth Industrial Revolution: What It Means and How to Respond’, 14 January 2016. https://www.weforum.org/agenda/2016/01/the-fourth-industrial-revolution-what-it-means-and-how-to-respond/.

 

---

[1] ‘The Importance of Cybersecurity in the Maritime Industry’.

[2] P.h et al., ‘A Retrospective Analysis of Maritime Cyber Security Incidents’.

[3] Bazilchuk, ‘Better Cyber Security at Sea’.

[4] ‘Maritime Cyber Threats Research Group’.

[5] Capano, ‘Throwback Attack’.

[6] ‘Cyber Attack Update - A.P. Møller - Mærsk A/S’.

[7] ‘IAPH-Port-Community-Cyber-Security-Report-Q2-2020.Pdf’.

[8] ‘The Fourth Industrial Revolution’.

[9] ‘IAPH-Port-Community-Cyber-Security-Report-Q2-2020.Pdf’.

[10] ‘2021-Cyber-Security-Guidelines.Pdf’.

[11] admin, ‘What Cybersecurity Requirements Are Mandatory for New Ships and Offshore Constructions?’

[12] ‘Cyber Security for the Real World​’.

[13] ‘2021CyberTrendsInsightsMarineEnvironmentReport.Pdf’.

[14] ‘2021-Cyber-Security-Guidelines.Pdf’.

[15] ‘NIST Cybersecurity Framework’.

[16] ‘Resolution MSC.428(98).Pdf’.

[17] ‘MSC-FAL.1-Circ.3-Rev.2 - Guidelines On Maritime Cyber Risk Management (Secretariat) (1).Pdf’.

[18] ‘Resolution MSC.428(98).Pdf’.

[19] ‘Code of Practice: Cyber Security for Ships’.

[20] ‘Ship Cyber Security Officer | Warsash Maritime’.

[21] ‘Maritime Cyber Security Training (MACSET)’.