Cyber Pirates: Theft on the High Seas
Many of the world’s industries rely on sea freight. From cars, components, and clothing, to oil, chemicals and machinery, most organizations will have shipping somewhere in their supply chain. However, increasingly digitalized ships are opening supply chains up to a new threat.
Cyber piracy has already cost firms around the world millions of dollars, but what can be done to protect against cyber piracy, and how can firms ensure that the risk to their goods is as low as possible? We explore the what, how, and why of cyber piracy to give businesses everywhere a head start on the hackers.
What is cyber piracy?
We are all familiar with images of swashbuckling pirates boarding vessels with swords and demanding treasure, but modern pirates may not ever have to set foot aboard a ship. More akin to hackers than the pirates of old, cyber piracy involves gaining access to the plethora of internet-connected systems powering today’s cargo ships, and then disabling, hijacking, or rerouting ships into the waiting arms of criminals.
Today’s ships rely heavily on digital connections: navigation systems, manifests, berthing and loading operations, environmental controls, asset tracking… the internet-enabled nature of freight provides plenty of opportunity for cyber pirates to gain access to ship systems with a view of disrupting or diverting operations for theft or ransom.
The world’s merchant fleet is 51,000 strong, spread across 150 nations, and employs around one million sailors, providing cyber pirates with a great many potential targets. High-tech vessels can cost over $200 million to build, making them valuable assets in themselves. Once the value of cargo is factored in, which could be up to $100 million in crude oil, or 1,200 luxury cars worth $53 million, it’s easy to see why cyber piracy is appealing to criminals.
Why is cyber piracy such a huge concern?
The 2017 NotPetya cyber-attack proved how disruptive a breach can be to the global shipping industry. Maersk, the world’s largest container shipping firm which transports 15% of global trade, was an unintended victim of a malware attack spread through accounting software.
The firm was effectively shut down: with 50,000 machines and thousands of applications and servers infected across 600 sites in 130 countries, Maersk had to operate manually for 10 days while it invested in 4,000 new servers, 45,000 new PCs and 2,500 applications. The final tally for Maersk’s losses was an estimated $300 million and major delays for goods around the world.
The UK Office for Science states that maritime trade represents over 80 per cent of total world merchandise trade, meaning it is intrinsically linked with most industries around the world. The knock-on effect of disabled or stolen cargo is therefore huge, with the Office for Science confirming that “disruptions to the maritime freight transport network can have rapid and wide-ranging effects on economies and societies”. Insurance firm Lloyd’s of London has warned that a serious cyber-attack could cost the global economy more than $120bn.
Shipping companies are reluctant to reveal data on cyber-attacks due to potential reputational damage, so there is no official record on the total number of attacks on the industry. Despite this, it is clear that the prevalence of cyber piracy is growing; even the US coast guard has issued safety alerts for a number of cyber threats.
Almost half (47%) of merchant sailors have sailed on a vessel that has been the target of a cyber-attack. With increasingly sophisticated technology and the value of cargo steadily growing, there’s no sign of cyber piracy slowing down.Futurenautics
Defending against cyber pirates
Protecting crews and cargoes from cyber pirates must be done proactively; waiting until an attack has been attempted to put robust defenses in place leaves firms open to huge financial and reputational losses, not to mention risks to the safety and wellbeing of crew members. Companies should take a two-fold approach to defend themselves against the threat of cyber piracy.
A 2017 IHS Markit maritime survey revealed that 74% of respondents believed that their organization’s biggest vulnerability to cyber attack was crew members. IHS states that 80% of all reported information security and cyber incidents at sea are related to human error.
Be it downloading from unreliable sources while connected to a ship’s internet connection, plugging in unsecured USB devices, or even disclosing information to untrustworthy sources, there are many simple ways people can inadvertently compromise security if they have not received the appropriate training. It stands to reason, then, that the first step for maritime organizations should be to guarantee compliance with cyber security policies and procedures across the company.
Providing team members with the most up-to-date training on cyber security is key; knowing what precautions to take and how to respond in the event of a cyber piracy incident can help to keep crews safe as well as minimize economic and reputational damage to companies. Ensuring that crews aren’t solely reliant on connected navigation, command, and control systems and can revert to manual operations if needed can also help to thwart attacks.
40% of respondents to a maritime survey admitted that their only cyber security defense was a basic firewall. This is contrary to International Maritime Organization (IMO) advice, which states that cyber security is a key component of risk management.
“Risk management is fundamental to safe and secure shipping operations. Risk management has traditionally been focused on operations in the physical domain, but greater reliance on digitization, integration, automation and network-based systems has created an increasing need for cyber risk management in the shipping industry”IMO, Guidelines on Maritime Cyber Risk Management
The IMO gives the examples of weak passwords and the absence of network segregation as two commonly exploited vulnerabilities, reinforcing the need to have people and technology working in sync to defend against cyber threats; a system is only as strong as its weakest point, be it human or machine. Implementing robust cyber defense systems should be a priority for shipping firms but ensuring that teas are trained to use and manage these systems, as well as reinforcing them through their own behavior, is the only way to minimize risk.
Cyber piracy has none of the romance or adventure of the pirates of old. A faster ship and better weaponry won’t avert cyber-attacks nor keep crews safe; today’s piracy is conducted behind closed doors from thousands of miles away. As with many industries across the globe, the rapid digitalization of both its operations and information means the shipping community is facing a new threat. This digital transformation brings many benefits and advantages, but if the right steps are not taken to ensure ships’ security, it can be easily exploited by negative actors.
At Mantu, we believe that cyber security is no longer the domain of IT professionals only; every person within an organization has the power to prevent an attack, and to raise the alarm if one is identified. This is why our cyber security experts provide support in training as well as in technological defenses; attacks can come from any direction at any time so maintaining preparedness and ensuring that cyber security is front-of-mind across a company is key.
For more information on Mantu’s Technology practice, visit mantu.com.