You are here

Cyber pirates: The latest threat to ocean shipping

Cyber pirates: The latest threat to ocean shipping
Barry Hochfelder April 30, 2018

High tech has reached the high seas, and there are no safe harbors. That point was made very clear in a recent webinar hosted by the National/International Maritime Law Enforcement Academy and presented by RiskSense, a New Mexico-based cybersecurity practitioner.

Whether in port or in transit, "ships of today are evolving," said moderator Mark R. DuPont, Executive Director of the National/International Maritime Law Enforcement Academy, during the event: No Safe Harbors: Charting a Smarter Course in Maritime With Cyber Risk Management.

Everything is connected, including GPS, trucks, cranes and the ship itself. New ships, both cargo and passenger, are being developed with even more features. One benefit is optimization of routes. With Internet of Things (IoT), a ship’s position can be tracked live, and location information can be sent to other ships on the same network, allowing the captain to change route if necessary.

Also, status and temperature of cargo containers can be tracked. Refrigerated containers can be monitored for temperature fluctuations, so corrections can be made quickly. Finally, ship’s equipment, including engines, can be monitored and repaired at the first sign of trouble.

There are roughly 41 billion devices connected, DuPont said, with no slowdown in sight. Global research firm Statista predicts 75.44 billion by 2025.
How the 'bad guys' take advantage of connected systems

All of this comes together in "touch points" — places where a company’s business and people intersect with internet technology. These touch points radiate out via devices, application groups, service sectors and locations, affecting every portion of a business, including supply chain, headquarters, ports, terminals and ships. And, DuPont adds, those touch points are also entry points for the "bad guys."

The webinar quoted Stephen Simms, a maritime lawyer, who said specific tagging of maritime shipping "happens because there are people who understand the way payments work and data is used in the maritime industry, and they manipulate it to commit cybercrime."

It happened to Maersk in 2017 when a cyberattack was among the biggest-ever disruptions to hit global shipping. The malware surfaced in Ukraine after being spread by a malicious update to MeDoc, the country's most popular accounting software. Maersk picked up an infection that hooked into its global network and shut down the shipping company, forcing it to halt operations at 76 port terminals around the world.

The attack, DuPont told webinar listeners, had a $350 million impact, and 40,000 devices had to be updated.

Another example: In 2011, the The Iranian supply line IRISL suffered a highly disruptive cyberattack which damaged data, caused huge financial losses and resulted in large amounts of lost cargo. Its servers were compromised, logistics systems crashed, and the entire fleet of 172 vessels and shore-based systems were compromised. False information was entered into the system compromising manifests, falsifying rates, altering delivery dates and corrupting client-vendor data. It caused a major business interruption.