Concerning the cyber attack to A.P. Møller-Maersk, NotPetya showed that the cyber threat is as real for shipping as it is for any other connected business, especially where legacy systems proliferate.
In the possibility that the infection had affected onboard systems, the attack would have been much worse.
Although the shipping industry is being more aware of cyber attacks, it seems to be slower in coping with it.
In light of the Inmarsat Research Programme report 'The Industrial IoT on Land and at Sea (2018)' the maritime way of thinking is slow to change.
The 2018 study drew on testimony from 750 survey respondents across a range of industries to establish preparedness and perceptions regarding the adoption of Internet of Things (IoT)-based solutions.
According to the survey:
- 87% of maritime respondents believed that their cyber security arrangements could be improved;
- 55% of sizeable proportions of them identifying data storage methods;
- 50% poor network security;
- 44% potential mishandling/misuse of data;
- 39% as more likely to lead to breaches in cyber security than outright cyber attack.
Given the self-diagnosis, it is perhaps surprising to find that only 25% of maritime respondents said they were working on new IoT-based security policies.
Moreover, Mr Jim Hagemann Snabe noted that software is only a part of the answer. Vigilance for ‘the human element’ and a well-thought-out recovery strategy to mitigate against multiple, automated assaults are also critical.
Around 70% of respondents identify reducing marine insurance premiums as a main driver for IoT uptake, where insurers have shown themselves as especially sensitive to cyber threats.
At the same time, other studies have found attitudes such as “Iʼm not the target /we have security in place, donʼt we?/I will be protected by AntiVirus” alive and well among seafarers.
Inmarsat firmly supports that a collaborative approach, including shipboard systems and crew operating, is crucial in having a mature response demanded by multiple threats from cyber villains, whatever their origin.
Therefore, Inmarsat collaborated with Singtel cyber security subsidiary, providing Trustwave, bringing Fleet Secure into the industry as the first independent service designed to detect vulnerabilities, provide alerts, respond to threats and protect ships from cyber attack.