While increased automation and artificial intelligence seem to open new routes for shipping, vulnerability of systems is another area of concern shipping has to encounter. In mid-2017, the industry was shaken by a major cyber-attack against Maersk, the world’s largest container shipping company, which led the sector to adopt a new look at cyber security issues. 2018 validated this trend as cyber incidents continued affecting operators, ports, and shipbuilders.
Cyber-attack hits Cosco’s operations in US
The highlight of the year was a cyber breach affecting Cosco’s operations in the US Port of Long Beach, on 24 July, which affected the giant’s daily operations. The company’s network broke down, and some electronic communications were not available as a result. However, operations outside the US were not affected, while, less than a week later, its network applications were totally recovered.
- Year in Review: Top shipping stories to remember from 2018
- Year in Review: Environmental issues that caught shipping’s eye in 2018
- Year in Review: Timeline of smart shipping developments in 2018
- 2018 Highlights: Major cyber attacks reported in maritime industry
- Year in Review: Top priorities of the 2018 Regulatory Agenda
- A year in pictures: Shipping industry’s highlights in 2018
- Ten shipping books we read in 2018
Meanwhile, two major international ports, in Spain and the US, fell victim to cyber-attacks within the span of a week. On 20 September, the Port of Barcelona reported a cyber attack, which however did not disrupt any ship movements, but ‘affected only internal IT systems’.
Only five days later, on 25 September, the US Port of San Diego experienced a serious cyber disruption at its IT systems, which made the port employees to work in ‘limited functionality’. It is still unclear if the two incidents were related.
More recently, in late October, Australian defense shipbuilder Austal, which constructs ships for the Royal Australian Navy, the US Navy and the Royal Navy of Oman, became the latest widely-known company to be hit by a cyber breach at its data management systems, with hackers demanding money from the company in return for stolen data. However, the impact was not major.
Except for these separate incidents, it has been reported that earlier in 2018, a criminal gang in Nigeria targeting the global maritime industry had been running multiple “business email compromise” scams for hundreds of thousands of dollars. The group calling themselves “Gold Galleon” had been sending messages to infiltrate payments within shipping companies. Among the victims was a South-Korean and a Japanese shipping company.
Reflecting the need of a more enhanced cyber protection, the EU set in force the GDPR regulation in May 2018, which updates and upgrades current data protection legislation by requiring businesses who deal with EU citizens -and shipping organizations included- to be transparent about how they use their data.