Cyber Security Threats Challenge International Shipping Industry

The crippling ransomware attack against the Colonial oil pipeline in the U.S. in May 2021 should be a wake up call for the maritime industry. As a critical part of the global supply chain, the shipping industry could become an attractive target for cyber criminals and politically motivated attacks. Marine insurer Allianz Global Corporate & Specialty explores these challenges in its latest Safety & Shipping Review 2021.

The 9,000km long Colonial Pipeline, which connects some 30 oil refineries and nearly 300 fuel distribution terminals, was brought down by a cyberattack, which resulted in petrol shortages across the eastern U.S. The company paid a $4.4 million ransomware demand to hacking group DarkSide in return for getting its systems back online.

The attack has far reaching implications for critical industries, including shipping. Not only did it reveal weaknesses in cyber security, but also the attractiveness of critical infrastructure to cyber criminals and nation states. Given its perceived success, the attack could encourage similar attacks, and result in tougher cyber security requirements and higher penalties for critical service providers.

Ransomware has become a global problem. All four of the world’s largest shipping companies have been hit by cyberattacks, including the Mediterranean Shipping Company (MSC), which suffered a network outage in April 2020 from a malware attack, and CMA CGM SA, which was hit with a ransomware attack in September 2020. Even the International Maritime Organization (IMO) was recently targeted by a cyberattack, forcing some of its services offline.

According to security services provider BlueVoyant, shipping and logistics firms in 2020 experienced three times as many ransomware attacks last year as in 2019. A spike in malware, ransomware, and phishing emails during the pandemic helped drive a 400% increase in attempted cyberattacks against shipping companies through the first months of 2020.

“To date, most cyber incidents in the shipping industry have been shore based, including ransomware and malware attacks against shipping companies and ports,” said Captain Nitin Chopra, Senior Marine Risk Consultant at AGCS. “But with growing connectivity of shipping, and with the concept of autonomous shipping, cyber will become a more important exposure that will require more detailed risk assessment going forward.”

The shipping community has grown more alert to cyber risk over the past couple of years, in particular in the wake of the 2017 NotPetya malware attack that crippled ports, terminals and cargo handling operations. However, reporting of incidents is still uncommon as owners fear reputational risk and delays from investigations. Meanwhile, cyber security regulation for ships and ports has been increasing. In January 2021, the IMO’s Resolution MSC.428(98) came into effect, requiring cyber risks to be addressed in safety management systems. The EU’s Network and Information Systems Directive also extends to ports and shipping.

Increased awareness has translated into an increased uptake of cyber insurance by shipping companies, although mostly for shore based operations, according to Justus Heinrich, Global Product Leader Marine Hull at AGCS. “However, the threat to vessels is growing as more and more ships are linked to onshore systems for navigation and performance management. Smart ships are coming, and we would expect demand for insurance to develop accordingly,” Heinrich said.

Geopolitical conflict is increasingly played out in cyber space, as illustrated by spoofing attacks on ships. Recent years have seen a growing number of GPS spoofing incidents, particularly in the Middle East and China, which can cause vessels to believe they are in a different position than they actually are, while concerns have been growing for a potential cyberattack on critical maritime infrastructure, such as a major port or shipping route.

“From a hull perspective, the worst case scenario is a terrorist attack or nation state group targeting shipping in a bid to inflict damage or major disruption to trade, such as blocking a major shipping route or port. While this would seem a remote possibility, it is a scenario we need to understand and monitor,” Chopra said.

“Although an accident, the recent blockage of the Suez Canal by the ultra large vessel Ever Given is an eye opener on many fronts as it shows the disruption a momentary loss of propulsion or steering failure on a vessel navigating a narrow waterway can cause.”

Source link

Sign up for our daily Maritme Cyber Analysis and Threat Intelligence news.