You are here

The Global Maritime Industry Remains Unprepared for Future Cybersecurity Challenges

The Global Maritime Industry Remains Unprepared for Future Cybersecurity Challenges
Professor Vivian Louis Forbes, 21 August 2018

Key Points

The volume, impact and sophistication of cyberattacks have grown at an alarming rate. Worldwide, nearly 17 million attacks reportedly occur each week.
With around 50,000 ships at sea or in port at any one time, the maritime transport industry is highly exposed to cyberattacks.
Vessels do not need to be attacked directly. An attack can arrive via a company’s shore-based Information Technology systems and very easily penetrate a ship’s critical onboard Operational Technology systems.
The International Maritime Organisation (IMO) reacted quickly in introducing guidelines in response to terrorist attacks on shipping, but has arguably been slower in formulating appropriate cybersecurity regulations.
The maritime industry appears still to be ill-equipped to deal with such future challenges as the cybersecurity of fully autonomous vessels.


The maritime industry is heavily reliant on electronic commerce (“e-business”) in many of its daily business transactions, including recordkeeping, human resources data, the loading and discharging of cargo and the location of containers on the docks, on land transportation and on ships. About 50,000 ships are at sea or in ports at any one time. The industry is therefore exposed to cyberattack threats that can have severe repercussions. Companies are increasingly using cutting-edge techniques to stop cyber criminals from breaching their networks, but many are still not effectively protected. While governments have enacted legislation to counter such attacks, the implementation of legislation and international conventions does not, at present, appear to be entirely effective.


A “cyberattack” is any attempt by a hacker(s) to damage or destroy a computer network system or an Internet-enabled application or device. The victims of cyberattacks may be random or targeted, depending on the criminal’s intent. Cyber-thieves employ constantly evolving web programming languages to create a cheap ransomware service. On infected machines, ransomware encrypts data and frees it only when victims pay for it to be unscrambled.

Cyberattacks have grown at an alarming rate – in volume, impact and sophistication. While a ransomware attack is just one form of cyberattack, other assaults take place when hackers create malicious code known as malware and distribute it through spam e-mail, or “phishing”, campaigns. Reportedly, nearly 17 million attacks occur each week. Despite actual and potential daily threats, nearly 90 per cent of enterprises are still not effectively protected against cyberattacks.[1]

About 50,000 ships are at sea or in port at any one time (see Figure 1, below). The maritime industry is thus heavily exposed to cyberattack threats which can have severe repercussions.