Cyber-attack is an offensive tactic employed by an individual or an organization that targets information systems, physical/virtual infrastructure, networks and personal devices (such as laptops, PCs, mobile phones, PDAs) with an intention to either steal, alter or destroy the contents by using hacking techniques to gain access to the target system.
What is Cyber-Risk?
‘Cyber Risk’ means the form of risk that result in financial, disruption or any intention to malign the name of the organisation which arises from some sort of drawbacks or failure of the information technology systems. Hackers find “gateways” through which they can gain access to the crucial data such as intellectual property, financial data, non-financial data, sensitive data, technical data and security-sensitive facilities(nuclear facilities, defence sites etc.,). According to research report compiled by Ponemon Institute in 2015 found that Cyber losses have increased by 14% over the year against 39 benchmarked organisations and calculated that the mean annualised cost of such organisations was £4.1m per year (ranging from £628,423 to £16m).
Will it affect the Maritime Industry?
Cyber risk is a major threat to business. All companies are at the risk of increasing activities which causes first and third party damage, business interruptions and regulatory consequences. The shipping industry has lots of catching up to do when it comes to cyber risks. An attack or incident happening at a key location has a severe impact on the interconnectivity.
Cyber risk in Maritime industry can be classified into two types and briefly explained below:
- Financial and Data risk
- Physical risk
Financial and Data Risk:
Shipping companies currently face this cyber risk at “back offices” as a part of the business operations such as accounting, payments, and banking. Since financial operations are mostly outsourced to third party agents the financial data are mainly accessed through these back offices by compromising the computer systems through “port agents” which store sensitive financial data. Financial data, crew information, sensitive and confidential data, strategic trade operation data are all vulnerable to the attackers. The hackers gain access to the crucial data through an insider present in the company or by compromising the system in the network. These hackers are hired by rival companies or individuals (ex-employees) who have been scorned by the company in the past for wrong doings. The hackers pass the collected data to the rival companies in order to improve their trade which in turn increases the rival company’s revenue. These systems are immensely prone to threats due to little training provided to the staffs who handle the computers and inadequate security measures to safeguard the systems, it is easy for the hacker to gain access to the bank accounts to transfer or generate spoof emails to divert the payments.
Physical risk involves an attack on the ship itself. Though this type of direct attack is rare nowadays the hackers have found alternate strategies to attack the ship by gaining access to the Information Technology which uses centralised circuit mechanism to control the operations on board the ship. As we are progressing towards the IoT era where everything is centrally controlled where all the operations are carried online, these types of attacks have more adverse effects than the direct physical attack which requires complex planning. The intruders gain access through the heterogeneous networks present onboard the ship through access points and seize the control of the main and auxiliary propulsion systems making them extremely vulnerable.
Few technologies that are widely used today include systems for Automated Identification, Electronic Chart Display and Information, Global Navigation Satellite and E-Navigation. For more clear understanding visualise this scenario which involves a ship employee charging his virus affected mobile phone from a USB port present in the Electronic Chart Display and Information system which results in the virus getting transferred to the system causing it to fail.
The hackers also employ alternate tactics which more lethal than taking charge of the central control by introducing viruses, Trojan horses (see the movie ‘Troy’ to know the origin of this interesting name) and worms into the computers and key management systems.
Few significant cyber security issues highlighted by International Maritime Organization (IMO) are as follows:
- A hacker temporarily shut down a floating oil platform located off the coast of Africa by tilting it to one side causing a minor oil spill.
- Drug peddlers increasingly hiring hackers to hack key cyber systems in a renowned port to locate specific containers loaded with illegal drugs and avoid detection.
- Hackers employed by Somali pirates to compromise a shipping company’s information system to identify the ships passing through the gulf of Aden with valuable cargo and minimal onboard security ultimately leading to the hijacking of at least one vessel.
- Denial of Service attacks (DoS) by generating a very high number of requests (increasing traffic in the network) to a system causing to crash have been reported numerous times and accessing the computer systems or navigation systems to cause damage to the ship’s hull.
Dr Sven Gerhard, Global Product Leader Hull & Marine Liabilities, AGCS has stated that:
“Claims related to a future cyber-attack could be “tremendous” and would potentially result in the total loss of a vessel and may even involve multiple vessels from the same company”. He also adds “If a virus intrudes into IT-based steering or navigation systems what will happen? Such cyber risks will become a focus topic for us as an insurer”.
Risk mitigations tips to guard the Maritime industry against cyber risk:
Shipping companies must take adequate steps to understand how cyber risk impact their operations, how to mitigate the risks and to safeguard themselves from future attacks by following the tips given below.
- Implement efficient and effective governance structure and information security policies to identify and avert risks
- Create ‘think tanks’ to promote Staff education and awareness training
- Implement effective monitoring policies for accessing the network, computer systems and removable media usage
- Define procedure for Incident management, disaster response and recovery
- Monitoring procedures and privileges granted to the users in a company
As technology evolves, older devices create vulnerabilities, especially where they are dependent on out-dated operating systems and software that are unsupported, using outsourced services, like cloud computing and cloud data processing and storage, is also an area of major concern. The solution to prevent risk is by being vigilant constantly and updating the security of the company’s Information systems.
Paul Schiavone, Regional Head Financial Lines North America, AGCS states that “Risk managers will need to stay on top of technological trends and anticipate how these will impact their organisations going forward in terms of cyber risk exposure”.
Did you subscribe for our daily newsletter?
It’s Free! Click here to Subscribe!
Source: The London P&I Club