The cyber risk issue arose in the shipping industry during the last couple of years has been a new challenge for the sector to deal with. At the same time, it has been noted that the industry doesn’t implement cyber security measures that often, while focuses more on safety measures.
As Captain Rahul Khanna, Global Head of Marine Risk Consulting at AGCS stated in the past, recorded cyber incidents have increased the industry’s awareness on the importance of cyber security, but the industry has still a long way to go.
2020: Two cyber-attacks up to now
The first days of 2020 were rough for the shipping industry, as already two shipping companies have been hit by cyber attackers.
- Firstly, the London Offshore Consultants (LOC) Group stated that it was hit by cyber attackers and began an investigation. The company later ensured that it identified the attacks and was able to rapidly deal with the situation, assisted by independent cyber security experts, in order to minimize business interruption and ensure data integrity.
- Secondly, in late January the Australian transport and logistics company Toll Group informed that it deliberately shut down a number of systems across multiple sites and business units as it was a victim of a cyber-attack. The company added that after understanding that they were under attack they disabled the relevant systems and initiated a detailed investigation to understand the cause and establish measures to deal with it.
Mrs. Cynthia Hudson, CEO, Hudson Analytix in an exclusive video interview has commented that all vessels or shore systems that are connected are vulnerable to cyber-attacks, adding that Incidents will continue to be rising but as an industry, we will become more aware of them; this will make shipowners aware that they have vulnerabilities that can be expensive and embarrassing.
Hence, taking into consideration that vessels have become more vulnerable, to achieve a cyber-resilient environment within the maritime industry, it is of great importance firstly, ship operators to understand and be aware of the common cyber risks that can be detected onboard.
In this context, the UK’s National Cyber Security Centre (NCSC) has proposed technical advice to improve cyber security within an organization, which can also apply to maritime industry. The key steps are as follows:
#1 Risk Management Regime
It is crucial to implement a risk management regime in your company’s cyber security strategy. This comes in line with IMO’s new regulation, which requires all shipping companies from 2021 assess their risk exposure and develop measures to include in their Safety Management Systems to mitigate cyber threats.
#2 Secure Configuration
A strategy is needed to remove or disable unnecessary functionality systems and fix vulnerabilities that you know your systems present. This will keep you protected as vulnerabilities easily attract attackers.
#3 Home and mobile working
Remote system access although is an advantage, as you can remotely log in onboard to Information Technology (IT) and Operation Technology (OT) systems, it comes with great risk. It is recommended that a company issues risk-based policies and procedures that can support remote access to systems.
#4 Malware prevention
Malicious acts pose many risks to a shipping company which can either affect the shipping company itself or the vessel and disrupt operations. Thus, any digitalized information exchange should be conducted with caution and the company should implement appropriate security controls as part of an overall 'defense in depth' approach.
#5 User training and awareness
It has been repeatedly highlighted that network users should be fully trained so that they know how to deal with any risks or cyber threats. In this regard, the ‘Be Cyber Aware at Sea’ campaign has previously presented seven steps to build cybersecurity awareness at sea, i.e. use of training tools and content that consists of a combination of various training techniques to help crew being engaged and focus on Culture development through marketing.
#6 System monitoring
Monitoring provides a capability that aims to detect actual or attempted attacks on systems and allows companies to ensure that their network is being used properly according to their policies.
#7 Network security
By creating and implementing some simple policies and specific architectural and technical responses in a company’s network, the chances of being attacked are reduced.
Rather than focusing purely on physical connections, think also about where your data is stored and processed, and where an attacker would have the opportunity to interfere with it
… UK NCSC highlighted.
#8 Removable media controls
Removable media provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data. In addition to that, Be Cyber Aware at Sea has focused on the importance of knowing what lies inside a USB device, highlighting that although it may seem small, there's a high possibility of hiding major dangers that could easily affect a vessel's operation.