Subscribe to our Mailing Lists (It's free!)
Thursday, June 30, 2022
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    narcotics trafficking

    Shipping companies, Customs to step up the fight against narcotics trafficking

    us ports

    US Congressmen propose legislation to give port priority for ships carrying US exports

    offshore support vessels

    IMCA: Demand for US crew to operate offshore support vessels is undersupplied

    abuse on commercial ships

    Abuse on commercial ships not unusual, says MHSS CEO

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    iacs decarbonization

    IACS launches ‘Safe Decarbonisation Panel’ to support implementation of new fuels and technologies

    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    total mol

    TotalEnergies, MOL carry out Singapore’s first biofuel bunker operation of vehicle carrier

    port of amsterdam duisburg

    Port of Amsterdam, duisport to develop green hydrogen value chain

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    emsa drones italy

    Drones help Italy improve its maritime safety and security

    acua ocean

    Autonomous hydrogen-fueled MASS gets approval

    Motorboat Collides With Barge Tow

    Research center in Saudi Arabia to use AI for development of low-carbon solutions

    remotely piloted aircrafts

    Iceland uses EMSA’s drones for better maritime situational awareness

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    one misdeclared cargo

    ONE to implement penalty fee for misdeclared cargo

    master first officer fined

    Master, First Officer to pay $75,000 for compliance breach in Great Barrier Reef

    carnival cyber security

    Carnival Corporation fined $5M for failed cyber-security protections

    container shipping

    US shipper accuses Yang Ming and HMM of collusion

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    offshore support vessels

    IMCA: Demand for US crew to operate offshore support vessels is undersupplied

    port of Ras Lanuf

    Libya halts oil shipments from port of Ras Lanuf due to political crisis

    supply chain

    Freight data exchange standard can lead to 22% emissions reduction in supply chain

    container shipping

    Competition authorities fail to see high concentration levels in container shipping

  • Columns
    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    fire onboard

    Examining Ro-Ro/-Pax, PCTC fires

    IMO: Digitalization paves the way for smarter and greener shipping

    IMO: Digitalization paves the way for smarter and greener shipping

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    narcotics trafficking

    Shipping companies, Customs to step up the fight against narcotics trafficking

    us ports

    US Congressmen propose legislation to give port priority for ships carrying US exports

    offshore support vessels

    IMCA: Demand for US crew to operate offshore support vessels is undersupplied

    abuse on commercial ships

    Abuse on commercial ships not unusual, says MHSS CEO

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    iacs decarbonization

    IACS launches ‘Safe Decarbonisation Panel’ to support implementation of new fuels and technologies

    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    total mol

    TotalEnergies, MOL carry out Singapore’s first biofuel bunker operation of vehicle carrier

    port of amsterdam duisburg

    Port of Amsterdam, duisport to develop green hydrogen value chain

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    emsa drones italy

    Drones help Italy improve its maritime safety and security

    acua ocean

    Autonomous hydrogen-fueled MASS gets approval

    Motorboat Collides With Barge Tow

    Research center in Saudi Arabia to use AI for development of low-carbon solutions

    remotely piloted aircrafts

    Iceland uses EMSA’s drones for better maritime situational awareness

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    one misdeclared cargo

    ONE to implement penalty fee for misdeclared cargo

    master first officer fined

    Master, First Officer to pay $75,000 for compliance breach in Great Barrier Reef

    carnival cyber security

    Carnival Corporation fined $5M for failed cyber-security protections

    container shipping

    US shipper accuses Yang Ming and HMM of collusion

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    offshore support vessels

    IMCA: Demand for US crew to operate offshore support vessels is undersupplied

    port of Ras Lanuf

    Libya halts oil shipments from port of Ras Lanuf due to political crisis

    supply chain

    Freight data exchange standard can lead to 22% emissions reduction in supply chain

    container shipping

    Competition authorities fail to see high concentration levels in container shipping

  • Columns
    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

    fire onboard

    Examining Ro-Ro/-Pax, PCTC fires

    IMO: Digitalization paves the way for smarter and greener shipping

    IMO: Digitalization paves the way for smarter and greener shipping

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Cyber Security challenges for the shipping industry

by The Editorial Team
May 2, 2019
in Cyber Security, Opinions
Cyber Security Workbook for On Board Ship Use

Credit: Shutterstock

FacebookTwitterEmailLinkedin

During the 2019 SAFETY4SEA London Conference, Mr. Chronis Kapalidis, Cyber Expert, Hudson Analytix, talked about cyber threats in shipping. He noted that cyber attacks are becoming more concerning and for this reason the industry must invest more in improving its cyber resilience.

Cyber threats are one of the main global risks as indicated by the World Economic Forum. According to the 2018 Global Risk Index, It is third in likelihood and fifth in potential impact . Consequently, the global trends, also presented in the same report indicate that this will only get worse because there is a rising cyber dependency in all industries, globally. Similarly, for the shipping industry, it is obvious now that we will be relying much more on digital systems and services in order to maximize productivity and cost effectiveness.

When Hudson started engaging in cyber security, the level of awareness was much lower than it is today.. But being optimistic about it, it can be argued that the industry is starting to come to grips with this new insidious threat,as we start to understand that the problem is there, but we still struggle to offer concrete solutions. Hudson’s research in partnership with research institutes in the UK, has identified three main issues for that:

  • No apparent ship-related cyber attacks;
  • No mandatory framework (Other regulations affect maritime stakeholders (GDPR, NIS);
  • Other mandatory actions required prior to the implementation of IMO’s cyber requirements in January 2021 (BWM, SC).

But there are specific researches out there that indicate how big the problem is. The Crew Connectivity Report Survey in 2018,  shows how important internet connectivity on board is on where seafarers choose to work. One of the first things that they look at is ‘will I have internet access on the ship?’. Anotehr research indicates the level of budget allocation regarding cyber security based on company size. The biggest the company, the biggest the investment. But the thing is we have a lot of small family-owned ship companies and they are not investing a lot. The third one is a big of an oxymoron, because it initially querieshow well prepared the shipping industry is and there is a positive response (64%). On the other hand, when the same people are asked how much protected their company actually is, the numbers are reversed.

RelatedNews

UK Chamber of Shipping: Electrification will play a key role in the industry’s decarbonization

Examining Ro-Ro/-Pax, PCTC fires

My advice is that we should be able to understand what the risk is andhow a company can be affected by a cyber breach, in order to minimize risk and look at cyber security as a Return-on_investment. When I am asked how vulnerable the industry actually is, I can tell you that the industry has been a target for the last nine years. Our research indicates that it started back in 2010, but we are sure there have been unreported incidents in the past. For example, a Greek shipping company suffered the most successful pirate attacks in Somalia, because pirates paid hackers to get access to the shipping company’s system and they were able to do that through wi-fi lightbulbs. The company installed wi-fi lightbulbs in their offices, because they wanted to have the latestgadget and they never changed the username and password! So the hackers were able to gain access to the shipping company’s cargo management system and were able to identify the vulnerable targets. The industry is targeted and there is a huge problem there.

We have also conducted a research to find out what are the vulnerabilities against cyber attacks, what are the consequences of an attack and what are the affected fields for ports and shpis. Surprisingly for both entities, the vulnerability is low, but as digitalization progresses stay assured that it will grow. But if you look at the consequences of a cyber attack, they are rather conciderable. During this research we broke down the elements of a ship in different sub-components. We identified 20 sub-components in the ship’s ecosystem. The important thing to understand is that cyber security is not an IT issue. Cyber security does not only target our data, but for ships specifically and ports, cyber has a great physical element in it. So if you suffer from a cyber breach , you will have physical consequences: a ship running aground, a collision, or even loss of life. It is not only loss of data.

What should be understood is that cyber security should be dealt from a risk-based approach and this is what the IMO is saying as well. But in order to do that, you need to follow a top-down approach. You need to help and facilitate the managers to understand what the problem is, to understand that it is not only an IT issue, and then try to train all staff within the company. It is not only going to affect your balance sheet, but it is going to cause litigation problems, it is going to cause reputational problems and will affect your company both internally and externally.

A solution to that is to look at cyber security from a capability maturity approach. This is a risk-based analysis. The Cyber division at Hudson has been working on a solution that is taking into consideration all existing regulations, guidelines and best practices, and we have come up with a model that can assess your enterprise cyber risk and offer solutions.

Our analysis so far has indicated that most companies invest in cyber capabilities. So if you invest in cyber security, you will be able to minimize risk and then sustain this capability. If you do that you will not have only minimized your cyber security risk, but also the insurance risk.

But what does the future hold? Regarding the adoption of digitalization, research indicates that this is becoming a trend, since, over the last three years for different kinds of ships internet connectivity has doubled or tripled. You will have more and more digitalized services on board and this opens new doors to cyber threats.

On the port environment, UK port associations have started looking at smart ports, more connectivity and more digital solutions. This is another area that needs to be taken into consideration, which is affecting the shipping industry.

Of course there is blockchain. It is becoming a major buzzword and a lot of people are talking about blockchain in shipping. We are trying to see the value of it. From what we have seen, blockchain is  a nice to have, but is certainly not a differentiator that will contribute to cost minimization and increased efficiency.

So what should we do? The Danish government has issued the first of its kind cyber security strategy for the shipping industry. It engages all Danish flag ships and all ships sailing in Danish waters. We know that the IMO is really slow in reacting and implementing regulations, but a way of doing that is not only being industry-led, but also to look at flag states and how they can regulate that approach. It is time for once for the shipping industry to be proactive for a problem that has reached its ecosystem and is affecting day-to-day operations before it is too late.

 

Above text is an edited version of Mr. Chronis Kapalidis’s presentation during the 2019 SAFETY4SEA London Conference.

You may view his presentation herebelow

The views presented hereabove are only those of the author and not necessarily those of  SAFETY4SEA and are for information sharing and discussion  purposes only.


Chronis Kapalidis, Cyber Expert, Hudson Analytix

Chronis Kapalidis is the European Representative of Hudson Analytix, promoting the company’s synergies in Europe on issues related to security, both physical and cyber. He recently concluded a fellowship at the International Security Department, Chatham House, on maritime cybersecurity, where he now stands as Academy Associate. He also stands as visiting research fellow at the Dartmouth Centre for Seapower and Strategy at Plymouth University, and as a board member in several academic and scientific bodies.

Chronis was an officer at the Hellenic Navy for 20 years. He was specialised on operations, communications, intelligence and IT infrastructure, while participating in several NATO, EU and UN operations. His research interests include cybersecurity, defence studies, international and maritime security.

He has published widely for Foreign Affairs, Chatham House, International Affairs, the Academy for Strategic Analyses, has been interviewed by The New York Times, the Independent and The Wall Street Journal and has participated in several maritime and cybersecurity related conferences and forums. Chronis has competed several projects at Chatham House on Cybersecurity for Critical National Infrastructure, in general, and the maritime sector specifically. He recently created the first digital learning course on maritime cybersecurity for Lloyd’s Maritime Academy.

He is currently based at the University of Warwick, where he is pursuing his doctoral degree on cyber risk quantification for the maritime sector. He holds an MA in International Relations and Global Security from Plymouth University, a PGCert in Defence Management and Leadership from the Hellenic Naval War College and BSc in Naval Warfare from the Hellenic Naval Academy, along with several professional certificates

Tags: cyber incidentscyber riskcyber securitySAFETY4SEA

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

narcotics trafficking

Shipping companies, Customs to step up the fight against narcotics trafficking

June 30, 2022
us ports

US Congressmen propose legislation to give port priority for ships carrying US exports

June 30, 2022
MARITIME EVENTS

Newsletter

GET THE SAFETY4SEA IN YOUR INBOX!

Explore

  • Safety
  • Green
  • Smart
  • Risk
  • Others
  • Events
  • Plus

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Contact

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Alerts
    • Accidents
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.