Do Keyboard Pirates Rule the Waves?

Do Cyber Pirates Control the Seas? Maritime Security Risks

By Avital Sincai, COO of Cydome

Introduction

Ransomware attacks made at least $350m USD in cryptocurrency in 2020, up from less than $50m USD in 2018. These numbers are only going to increase, and these are only the attacks that have made it into the mainstream media. The true figure is likely to be much higher.

Shipping is the lifeblood of the global economy – an estimated 90% of the world’s goods are transported by sea (WEF). The global supply chain on which economies depend is reliant on the secure and safe movement of goods on vessels across the ocean. Any disruption to these supply chains, including those posed by cyberattacks, can be considered a global threat that has the potential to affect us all. Maritime cybersecurity – something that might seem trivial to the average person – is vitally important in ensuring the safe passage of food and raw materials essential to our modern world.

The fragility of the maritime supply chain

We can often forget the important role maritime supply chains play in all our lives until an issue is brought to our attention – and when it is, it’s usually one on a global scale, dominating news bulletins and national media. A disruption in the maritime supply chain can have major consequences reverberating around the world, especially in economic and financial terms. But a keyboard pirate can hijack a ship or install ransomware with extraordinary ease.

It was observed recently how the incident involving the Ever Given container ship in the Suez Canal had a massive impact on the global supply chain, causing disruption across the world, from Europe to Asia and beyond. What started as a slightly unfortunate incident of a ship managing to get stuck in the Suez Canal, quickly began to escalate, highlighting the fragility of global supply chains. For many around the world, it emphasised the importance of maritime supply chains, and how finely balanced they are.

Similarly, cyberattacks pose a real threat to the stability of our global supply chains. Not only does the threat of vessel hacking exists, but it is on the increase and has the potential for a global cascade effect on the maritime supply chain and its integrity. As with the Ever Given Suez Canal crisis, the potential impact of a single event can have a significant effect.

The risk of cyberattacks

Cyberattacks on the maritime supply chain, including cyberattacks on OT (operational technology) and IT systems, both onshore and offshore, are on the increase. It is estimated that in the past three years cyberattacks on shipping have increased by 900% (IASME Consortium). This poses a huge risk to the smooth running of maritime supply chains, and the economies and companies that rely so heavily on them.

Since 2017, with the NotPetya cyberattack on Maersk Line, the frequency of targeting high-profile maritime companies has seen a drastic rise. In 2020, there were 3 major cyberattacks that breached the cybersecurity defences of several well-known shipping lines, including the International Maritime Organisation. So far, 2021 has seen 5 successful cyberattacks, one of these affecting dozens of shipping lines.

Criminals are increasingly able to find entry to ships via third-party IT software, which can compromise a whole fleet of vessels. As the maritime industry grapples with the challenges of increasingly complex and frequent cyberthreats on their internal IT infrastructure, the risks posed by having third-party access to critical vessel IT infrastructure must also be considered.

There is a real lack of visibility and control over 3rd party vendors and suppliers when it comes to cybersecurity. These vendors will have connections to multiple vessels from numerous shipping lines. Any weakness in their cybersecurity threatens not only one vessel in one maritime company, but it can also threaten thousands of vessels simultaneously.

A successful cyberattack via a single, third-party vendor with direct vessel access could put 6% of the global fleet at risk.

For this reason, the protection of supply chains is the top priority for governments, central banks and investors as they can lead to shortages of goods and price increases for individuals. A knock-on effect is witnessed: supply chain disruption = delays in business = less trade = damage to trade economy.

How to protect global maritime supply chains?

Protecting supply chains comprises both the protection of the entire chain and the interconnectivity between supply chains. To avoid this ripple effect, the protection must include (mainly) full-spectrum protection of the vessel itself and all assets on board, the onshore protection of the maritime company and all links to 3rd parties.

 The technology and software to protect both onshore and offshore systems is available and is being continually developed to ensure cyberattacks can be prevented. Systems used for protection must be able to support requirements which are specific and unique to the maritime environment and have the ability to address the particular vulnerabilities of each element onboard, onshore and their links to other, external systems, in order to be able to prevent cyberattacks.

Ideally, companies and ship owners need to explore the best options and technology to defend all elements of such supply chains against cyberthreats and have in-built flexibility and sophistication to address threats coming down the line. Both ship owners and their end clients have to avoid being misled by low-cost or partial solutions where technology lacks full protection and risks being obsolete due to connectivity or digitalisation changes. The current reluctance of ship owners and companies to invest in maritime cybersecurity is undoubtedly leaving fleets exposed to attacks on the entire maritime and shore-based operations and risks a rolling cyberthreat to the global supply chain. Every day of delay in protecting vessels from cyberthreats is another day that puts the entire global supply chain at risk.

This unwillingness to truly protect maritime vessels and systems will have much larger and greater financial implications for companies and economies alike. Maritime cyber protection is no longer a nice-to-have element – it is vital for protecting the global supply chains.