By Zaheema Iqbal
The maritime industry has entered into a new phase of its development since the introduction of information technology. The number of numerous developments in the field of industrial control systems have transformed the method through which harbors, ships, navigation systems, communication systems, and rigs operate and work.
The introduction of new software system in ship design architecture has already opened new ways for the inclusion of novel and innovative technologies; enhanced the navigation and communication system and every day operations of ships and vessels within the maritime industry. The old mechanical systems in shipping industry have been replaced with a mixture of integrated hardware and software and electromechanical constructs which now cover the whole industry.
Today, modern vessels and ships have become mobile offices, communication hubs and learning spaces. The ships with interconnected systems are manufactured with electronic control units (ECUs) which basically enable them to make, consume, supplement, and share information with maritime infrastructure like ports, harbors, semi submersibles and oil platforms and other ships.
In this regard, with a majority of the world’s trade through sea lanes, it becomes inevitable for maritime industry to first understand the basic risks associated with maritime cyber domain and then offer solutions to defend and mitigate these cyber threats. The majority of maritime operations rely on such interconnected systems either directly or indirectly. These interconnected systems have exploitable vulnerabilities and the research shows that criminals from different backgrounds have shown the capability and motivation to use cyber-attacks at sea and in ports.
However, there are incidents in which terrorists targeted maritime operations and have had the ability to undertake lethal seaborne operations through the use of cyber space. There are serious vulnerabilities of cyber threats to shipping since the criminals have understood the potential importance of cargo. Till today, the attacks included physical attributes with cyber elements and are known as “blended attacks”. These attacks were launched in situations and locations where cargo can be held ransom at sea or stolen. In future, there are known technical vulnerabilities of maritime industry which can be targeted. Besides, in last few years, malware such as ransomware is considered most common cyber-attacks in which files can be encrypted and held hostage against payment.
The transportation industry was ranked among top five sectors experiencing cyberattacks in 2015. Two years later in 2017, a Danish shipping survey showed 69% of shipping companies had experienced cyberattacks. There are cyber-attacks taking place in maritime industry including accessing logistical software, exploiting banking record, penetrating engine control systems and also hacking navigation system of a ship.
The major Saudi Arabian state owned oil and gas company Aramco suffered cyberattack in 2012. An employee mistakenly opened a phishing email, which had an infected link resulting in disappearing of few files, phone connections died, thirty-five thousand computers were shut down and three-quarters of data was erased. Nevertheless, the company could not function its normal operations for seventeen days. However, it took more than five months to install new computer security systems and to run normal operations.
Another cyberattack was reported in 2017, when ransomware attacks were launched on ‘Maersk’, the Dutch maritime shipping company. This attack was named NotPeyta, which highlighted the cyber vulnerabilities of maritime shipping industry. The organization was estimated loss of $300 million from this cyber-attack and it kept working without information technology for ten days despite ships with ten thousand to twenty thousand containers every fifteen minutes, until it resumed its services. The cyberattack did cost Maersk to close down its several ports worldwide reducing its volume by twenty percent and forced the organization to handle its eighty percent operations manually. As a tool to mitigate this cyberattack, Maersk replaced its forty-five thousand PCs, four thousand servers and installed twenty-five hundred applications.
Cybersecurity has become a top priority in the international maritime sector. In the wake of persistent cybersecurity vulnerabilities, there is dire need to develop a proactive and robust maritime cybersecurity framework and plan which offers risk-based prevention, mitigation, response and recovery stages. US National Institute of Standards & Technology (NIST) developed a Cybersecurity Framework (CSF), which offers guidelines in order to identify and address cyber related issues to their applications and systems. Besides, International Maritime Organization, (IMO) has developed cybersecurity guidelines which are specific to the maritime sector.
In June 2017, the IMO’s Maritime Safety Committee agreed guidelines for cyber risk management which became the basis of high-level recommendations for the entire maritime sector. The guidelines on Cyber Security Onboard Ships are aligned with the IMOs guidelines and provide solid recommendations covering both cyber safety and cyber security. These guidelines have placed an obligation on ship operators, owners, stakeholders to adopt a risk management approach with three objectives: minimizing the danger to crew, to environmental safety, and to the financial results of a full or partial loss of availability, confidentiality and integrity of classified data for example corruption of chart data held in an Electronic Chart Display and Information System (ECDIS). It is important for ship operators to incorporate the guidelines into existing risk management processes and are also complementary to the safety and security management practices already established by International Maritime Organization (IMO).