Threats to Cyber Security in the Maritime Industry

Cyber Security in the Maritime

The maritime industry, like other industries, has significantly benefited from advances in internet technology. However, the interconnectedness of systems has also made the maritime sector vulnerable to cyber threats.

Thus, the International Maritime Organization recommends that shipping organizations comply with the cyber security maritime guidelines outlined in the International Safety Management Code.

Cyber security is crucial to the safety and security of seafaring vessels and the people and cargo they carry. Read on to learn more about cyber security threats to the maritime industry.

The Maritime Industry Benefits From Advancements in Internet Technology

The advancement of technology and the internet, particularly ship-to-shore connectivity, has been a great boon to the maritime industry. The most obvious benefit is how shipping companies can now fully track their fleet and have a clear view of their ships’ locations.

Modern ships also have sensors on board, and these sensors actively monitor the vessel and its equipment, ensuring that they are operating at peak performance and efficiency. This measure prevents problems and safeguards the safety of both crew and cargo.

However, their reliance on the internet for the enhanced operations of equipment and systems also leaves shipping vessels vulnerable to cyber security attacks.

The Dangers Posed by Cyber Security Vulnerabilities

Cyber security breaches for civilians commonly involve swindles via online banking. And while these can be costly to the victims, the damage they wreak is but a fraction of the havoc they can cause on a seafaring vessel.

For instance, a cyber security attack that leads to the corruption of the onboard electronic chart display and information system means the perpetrators could jam and corrupt the signals that the system is receiving. The ship, its crew, and its cargo could end up lost at sea, and that’s not all that could happen.

A virus incursion in the software operating automated maintenance processes for the ship machinery and equipment can lead to hardware malfunctions that could endanger the crew and lay waste to the precious cargo on board.

Cybercriminals could interfere with a ship’s steering and navigational systems; they could crash the vessel if they want to do so. Or they could threaten to do so unless the shipping company pays the price they are asking.

Cyber security breaches could also take down a shipping company’s booking system, resulting in lost potential bookings. And if the ship’s satellite communication maritime systems are compromised, the vessel will have no way to contact the base or call for help in case of emergencies.

The above are just a few of the potential issues resulting from cyber security failure. There are so much more. And they could all cause a company to lose millions of dollars in ships, cargo, and business lost and put countless lives at risk.

Some Tools and Techniques Used in Cyber Attacks

Cyber security threats may be targeted or untargeted.

Targeted threats have a clear target, such as a particular shipping company or branch, or a specific vessel. In targeted threats, cybercriminals often employ sophisticated tools and techniques. They may also adapt these techniques to their target’s particular circumstances to make them more effective.

In untargeted threats, the cybercriminal often casts a wide net, tripping the vulnerable, the unaware, and the unprepared. In untargeted cyberattacks, the perpetrator exploits targets or opportunities as they present themselves.

Below are the common cyber threats that cybercriminals may wield against shipping companies and other players in the maritime industry.

Malware

Malware is often an untargeted attack tool.

Malware is a portmanteau of “malicious” and “software”. Viruses, trojans, worms, and ransomware are all malware.

Ransomware, in particular, is a cybercrime favorite and a standard tool used against shipping organizations. It encrypts valuable business data and holds it hostage until the data owner (the company) pays the required ransom.

Malware incursion can occur in various ways. Staff can use a data storage device (e.g., USB flash drive) or open email attachments that would execute malicious code.

Phishing

Phishing is often employed in targeted attacks.

Phishing uses official-looking emails or emails that look like they came from official channels or trusted organizations (banks, employers, and the like). The email might warn the recipient that their account had been compromised and that they would need to log in to the organization’s website to resolve the issue.

The email would have a clickable button that, when clicked, would take the recipient to an imposter website. As instructed, the target would input their log-in credentials, thereby inadvertently giving the phishing perpetrator their log-in credentials.

This perpetrator might now login to the actual organization website using the credentials they have phished. With this newfound, authorized access, they could do many things, including steal vital business intelligence, divert company assets, or even install malicious code that could do much more damage.

Typosquatting

Typosquatting starts as an untargeted attack. Cybercriminals would search for unregistered domain names that are almost identical to established business domain names.

Once they find a likely target, they would register that similar domain name and perhaps even create a website similar to their mark. They would then rely on internet users committing typo errors when typing URLs into a website browser.

Anyone who lands on a typosquatter website may unwittingly divulge sensitive credentials or download malicious code.

Social Engineering

Social engineering is another favorite targeted attack method.

In this type of threat, the cybercriminals might single out one or more members of a shipping company’s staff (i.e., the target). The approach usually takes place on social media.

Once the perpetrator has earned the target’s trust, they would lead the target into wittingly or unwittingly doing what he wants.

They could induce the target to open attachments that install malware, allowing the perpetrator to take over critical systems. In some cases, the perpetrator could even lure their prey into providing physical access to sensitive hardware, equipment, or cargo.

Subversion of a Third-Party Contractor or Supplier

In this indirect method customarily used in targeted attacks, perpetrators breach the security of a company that supplies software or hardware to their actual target.

If the target maritime company uses the compromised software and hardware, the perpetrators will gain access to the company’s systems.

Enhancing the Maritime Industry’s Protection and Resilience from Cyber Security Attacks

The techniques mentioned above barely skim the surface of the methods used by cybercriminals. Protecting a shipping company’s vessels, crew, and cargo from cyber security attacks and breaches requires an advanced cyber security maritime system.

This is why training the staff rigorously in cyber security matters is crucial. More than increasing their awareness, shipping companies must also actively prevent personnel from providing access to cybercriminals.

Keep Networks Segregated

To minimize the risk of contamination presented by the staff and crew misuse of their personal devices, the shipping company could keep networks segregated.

Moreover, shipping companies should give their staff only as much access as they require to perform their duties. And even then, there should be multiple access levels and multiple safeguards on each access level.

Keep Software Up to Date

Keep the software used in ships and company premises onshore up to date. Malware typically exploits security vulnerabilities in installed systems. By keeping such systems updated, there will be fewer vulnerabilities to exploit.

Monitoring

Shipping companies must have not only passive protection in the guise of secure network architecture. They should also have systems and SOPs in place that will actively detect vulnerabilities, risks, and threats.

The sooner a vulnerability, risk, or threat is identified, the sooner they can patch it, minimize it, or neutralize it.

Implement a Backup System

Data should also be backed up regularly, preferably somewhere offsite and protected by additional layers of security. This practice will ensure minimal downtime and swift recovery in case a cyber security incursion succeeds.

A Holistic Approach to Maritime Cyber Security

The maritime industry benefits significantly from the internet. However, the internet comes with cyber security threats.

There are many threats to a maritime company’s cyber security. But, with a holistic and system-wide approach, a shipping company can prevent cyber security vulnerabilities and mitigate cyber security risks.