Increased Cyber Threats to Commercial Shipping

The commercial maritime industry operates over 90,000 vessels across various segments, from merchant ships to offshore support vessels. Developments in digitization, automation, and smart tech have increased the efficiency of marine operations, transforming processes that were previously conducted manually.

However, these developments have also created new cyber challenges, like outdated and unsupported software, intrusion into vessel systems, and crew-related factors. Many onboard OT systems were installed during vessels’ original construction, as long as 25-30 years ago. With such long lifespans, many commercial vessels are now running outdated and unsupported software, including within operating systems. This makes it easy for attackers to identify ways to target them.

In particular, malicious intrusion into vessel control and OT equipment is an inherent risk with severe implications. One of the worst-case scenarios could be that attackers could cause loss of navigational control. Crews often rotate, which means that they use systems they are unfamiliar with. Given the above vulnerabilities, severe and effective attacks could be on the way.

A perfect example of severe disruption to the maritime transportation system was the Suez Canal incident in March 2021. At the center was the Ever Given, a 220,000-ton, quarter-mile-long container ship. Strong winds blew it off track while entering Egypt’s Suez Canal, where 12 percent of the world’s seaborne trade passes each year. The ship completely blocked the waterway, causing disruptions and delays.

The incident was not a cyberattack, but it demonstrated to potential attackers how one grounding on a globally significant shipping route could have wider implications for global trade and stock markets. This unveiled a new incentive for targeting vessels.

An opportunity arose for attackers, evidenced by discussion on the dark web. The incident’s global impact was vast, especially on stock markets. Vessels containing a wide variety of trade commodities were delayed. Many top European industries were impacted, including construction, wholesale trade, and health services. For example, machinery company Caterpillar considered airlifting parts to overcome the blockage.

Delays resulted in losses. Supply chain disruptions can cause major price dislocations, which can impact prices on financial markets. The blockage held up an estimated $400 million an hour in trade, based on shipments that were on the affected vessels in and around the Suez Canal.

Having seen the vast impact on the stock market, attackers realized they could purchase certain stocks before committing an attack and profit from it, with knowledge of the upcoming attack. They could invest in certain commodities and avoid being tracked as they might with ransomware requests. Attackers could use viruses tested onshore to target vessels’ systems.

Hackers have been using their skills to make illicit gains on the stock market for many years, and Commercial vessels are the pillars of international trade. Their critical role in the stability of markets makes them increasingly vulnerable to this novel type of attack. This new threat has wide implications for maritime, making the implementation of cyber security measures even more important.

At Priavo we operate with our cyber partner’s Infosec Partners, running the IASME Maritime Cyber Baseline Certification Scheme. This scheme, run by maritime governing bodies, has been designed to assist vessel operators and owners to improve their cyber security, prepare for attacks, and to ensure that cyber security plans meet the IMO Maritime Cyber Risk Guidelines:

• Provides reassurance for your business, your crew, passengers, customers, and other operators that your vessel has the correct security controls and processes in place.
• Aligns with the IMO Maritime Cyber Risk Management guidelines and makes evident your true commitment to best security practices.
• Indicates that you have a baseline level of cyber assurance.
• Provides the ability to demonstrate your compliance by displaying a Maritime Cyber Baseline certificate on your vessel and on any business communications.

For more information contact enquiries@priavoseurity.com.