Let me ask you a question. How do you eat an elephant? The answer is: one mouthful at a time. It’s not a literal question, of course. I’m not suggesting anyone should actually try and eat an elephant. I don’t know if elephants are even edible. I raise it because it is a useful metaphor for how it is possible to go about tackling a very large challenge. The sort of challenge, in size and scope, that security has become for the shipping industry.

Sixteen years ago, we were told that there was a substantial terrorist threat to shipping. And if we know one thing about terrorism it’s that, it’s a scary subject. So it ranks up there in the list of things that worry us in our private lives. Of course it does. Acts of terror damage, shock, enrage, bewilder, offend, and frighten us … profoundly and overwhelmingly. That is what defines them. They influence our attitudes and change our behaviours. That is the purpose of terrorism.

However, acts of terrorism - outside of war and conflict zones - are rare. To put it into perspective, according to US Government statistics, there were approximately 28,000 deaths attributed to terrorism in 2015. When you dig deeper you discover that 69 per cent of these took place in five countries: Iraq, Afghanistan, Nigeria, Syria and Yemen.

In contrast, according to the World Health Organisation, in 2015, 1.3 million people died as a result of road injuries. While 15 million were killed by heart disease and stroke. In reality then, we worry disproportionally about terrorism relative to things that are more likely to kill us.

In terms of security threats to shipping and ports globally, we also have a heightened concern about terrorism. Indeed, since 9/11 the working assumption has been that terrorism poses a significant threat to merchant ships and ports. If it wasn’t so, how did we end up with the ISPS Code - which after SOLAS and OPA 90 is the most expensive piece of industry-wide regulation in the history of shipping?

It’s good question… because the visible evidence paints a different picture. Since 2001, there have been just 5 terrorist attacks against merchant ships. 

  • In 2002 – there was the attack on the LIMBURG - in which one person lost their life
  • In 2004 - the attack on the SUPERFERRY 14, off the Philippines, killed 116 people and is the deadliest terrorist attack at sea to date
  • In 2005 – there was the attack on the passenger vessel DON RAMON also in Filipino waters
  • In 2010 - the tanker M STAR was attacked in the Straits of Hormuz

And more recently, but still 7 years ago in 2013, the COSCO ASIA was hit by an RPG, while it was transiting the Suez Canal.      

Over the same period, by my count, there has been two terrorist attacks against civilians in ports. In 2004, two suicide-bombers gained access to the port of Ashdod. One got into an office inside the port and detonated his bomb. And the other blew himself up at the entrance to the port. 10 people were killed and 16 others injured. And in December last year, Al Shabaab claimed a suicide car-bomb attack at the entrance to Mogadishu port which killed 16 people and injured a further 48.

Contrary then to perception then, there have been few terrorist attacks against merchant ships or commercial ports. Why is that? Some might argue that it’s because the industry has successfully implemented the ISPS Code. My view on that is that we don’t know what would have happened had we not had the Code. We can’t say what the counter-factual narrative would have been.

We do know that the ISPS Code has not been implemented to a high standard at sea or in ports with anything approaching uniformity around the world. And it does not appear to have manifestly contributed to a reduction in security risks such as corruption, piracy, stowaways, cargo crime, people trafficking and contraband smuggling … which affect many ships and ports every day.

The ISPS Code was developed with the best of intentions and it has put security on the regulatory agenda. But whether it has helped deliver meaningful security improvements, both in ports and at sea, is very much open to question.

I think that there are two more likely reasons why terrorists haven’t been targeting ships and ports with any greater frequency or success. Firstly, like most other organisations, terrorist groups focus their efforts on what works. The attacks on the LIMBURG, M STAR and COSCO ASIA resulted in the death of one person. One death is a terrible thing in itself, but none of those attacks resulted in a defining, headline grabbing outcome. Indeed I would bet that few if any in the general public have ever heard of these casualties.

Ironically, the lesson that shipping took at the time, from the attack on the LIMBURG was that it was proof positive of the terrorist threat to shipping. Contrast that, however, with the attack in Nice in July last year. Then 86 people were killed and more than 400 injured, with no weapons, just a 19 tonne truck and one man’s intent to keep driving into the assembled crowds until he was stopped. The fact is that terrorists achieve much more public outrage with far less complexity elsewhere and by other means ashore.

Reason number two is that the shipping industry is the logistics network of terrorists and other criminals as much as it is of legitimate global business. Terrorists and criminals accomplish more by exploiting the supply chain than attacking it. For example, back in 2002, three general cargo vessels were intercepted in Italian waters. These vessels were conveying cells of terrorists from North African countries to Europe illicitly. From one ship, the SARA, 15 Pakistanis (who had documents on them, linking them to Al Qaeda) were arrested on charges of conspiracy to commit acts of terrorism.

It’s instructive, perhaps, that analysis of terrorist activity in the global maritime domain has, over the last 16 years, become more focused on understanding how terrorists make use of international shipping and the supply chain, than the threat of them attacking it.

Why then is there such an emphasis on the terrorist threat to shipping and ports? There is a very long, detailed and complex answer to that. But I think a significant part of it boils down to this… Clearly, terrorism is an apex issue. The media and politicians highlight this constantly. And policy makers respond accordingly.

But the corollary of this is that we have a lop-sided view of the threat that global terrorism represents. We give it more weight to it than it merits relative to other more common and regular threats that materially damage the industry and harm the people working at the heart of it. It is a very human response to exaggerate rare and spectacular risks, as it is also to downplay regular and common ones. And we carry our anxieties and complacencies from our private lives into our occupational lives.

We also confuse threats with vulnerabilities and risks. And we get confused about threat, vulnerability and risk. We can all envisage what a terrorist attack on a port or terminal or ship might look like, probably because we have seen a scenario in a film or read it in a novel or even a research paper. But we do so with a tendency to underestimate how difficult it would be, in reality, to conceive, plan, organise and execute such an attack successfully. Therefore, we place an emphasis on terrorism, not because we have a clear and informed view of the threat it represents, or our vulnerability to it, but rather because we don’t. And there is a fundamental problem in this. 

At the same time that we are potentially over-responding to terrorism risks, we are downplaying or under-responding to regular and common security issues such as: corruption, piracy, stowaways, cargo crime, contraband smuggling and people trafficking.

We know that maritime crime exposes our seafarers personally to theft, emotional trauma and, increasingly, to physical violence. Since January 2013, CSO Alliance has recorded 1,754 incidents of maritime crime, in which 1031 ships were successfully boarded affecting an estimated 20,000 seafarers. We know too that these security issues hurt the industry. The cost of stowaway incidents each year is estimated to be in the region of 15 million dollars. In 2013 the World Bank estimated the global economic cost of piracy off the coast of Somalia at 18 billion dollars. Through attrition, if not always immediate impact, maritime crime damages the reputation of shipping companies and ports alike.

It is critically important, therefore, that we make regular and common security issues central to our security priorities. And that matters because, in tackling the vulnerabilities which criminals are exploiting so routinely and effectively, we would be tackling the vulnerabilities that terrorists could exploit as well.

We need to re-think our approach to maritime security. And no doubt that sounds like mammoth-sized challenge. But it’s okay, we know how to eat an elephant, don’t we?


Above text is an edited article of James Wilkes presentation during the 2017 SAFETY4SEA Conference

You may view his video presentation by clicking here

The views presented hereabove are only those of the author and not necessarily those of SAFETY4SEA and are for information sharing and discussion purposes only.


James Wilkes, Managing Director, Gray Page

James Wilkes first led an investigation into a major act of piracy in 1998, responding to the suspicious disappearance of the Panama-flagged bulk carrier “CHEUNG SON” in the South China Sea. He has since spent nearly two decades advising clients on ways to counter the threat of piracy, as well as assisting those who continue to fall victim to acts of piracy – most recently in hijack for cargo theft incidents in West Africa and South East Asia. In December 2009, James appeared in the High Court as the Expert for Amlin Corporate Member Ltd, the defendant insurer, in what is commonly referred to as the “Bunga Melati Dua Case”; Masefield AG – v – Amlin Corporate Member Ltd [2010] EWHC 208 (comm.) Since then, James has acted as an Expert for shipowners, cargo interests and insurance underwriters in numerous other cases where piracy and matters of ship security have been central to the proceedings being brought.   James co-founded specialist maritime consulting group Gray Page in 2003 and has headed it ever since. In addition to the group’s unparalleled investigation and intelligence services, Gray Page’s Asset Protection division provides crisis management and security consulting services to shipping and insurance market clients.  Gray Page has offices in the UK, Singapore and the USA.