Cyber threat comes in all shapes and sizes

In its Phish and Ships August edition, Be Cyber Aware at Sea comments on the fact that companies underestimate cyber threats unless they see the impact of them. Many are those who might oversee a cyber threat when it comes in the form of an unfamiliar threat; Yet, a cyber-attack comes in many different shapes and sizes and are usually just one click away.

The reality is that, somewhat uniquely with a virtual threat, until we see the physical impact, we underestimate the threat itself.

Naval Dome CEO, Itai Sela, stated that the recent cyber attack against Cosco was worrying. Mr. Sela noted that despite the fact the company took precautionary measures, it must make sure that the attack has indeed been contained.

Regarding the ‘unseen threats’ the shipping industry has to be alerted and always be prepared for the worst-case scenario, which can be an expensive and painstaking effort with the only payoff being if nothing occurs.

Recently, Cynthia Hudson, CEO, HudsonAnalytix, provided a discussion on Cyber Incident Response to share insight on immediate need to establish the method/means to respond to a Cyber Incident.

She recommends that prior to an attack, a company should follow the steps below:

1. Assess;
2. Plan;
3. Train;
4. Integrate plans.

In one sense, preparing for a cyber-attack is about trust: trusting in the threats being ever-present, if out of sight. Just because we can’t see it, does not mean its not real.

Overall:

1. The industry has an extensive, and growing, dependence on cyber technology. Once we acknowledge the very real role of cyber in underpinning every element of maritime and shipping then we will understand what is at stake: Not simply a few blank screens or encrypted files that the tech team will sigh over, but an entire chain of global interconnected shipments.
2. Cyber threats come in all shapes and sizes. Cyber preparedness should be conducted in every possible type of cyber threat, how it will present, and who it is likely to target. Most cyber threats will still rely on a physical mistake by a real person, for example by clicking on a link in an email, falling for a phishing scam or using a poisoned USB.
3. Cyber threats are just a click away and their impact can be devastatingly physical. Financial loss, reputational loss, breakdown in communication and operational ability – the fallout from a cyber-attack can instigate each one of these very destructive outcomes.