One of the world’s biggest shipping company, the A.P Moller Maersk, fell victim to a major cyber-attack caused by the NotPetya, a malware created by Russian cyber attackers, in the June of 2017, which aimed to encrypt the hard drive of the infected computers. Due to this the company’s operation in transport and logistics businesses were disrupted. However, none of the ship’s operational assets were affected by the cyber-attack other than the shore-based support systems. This attack was an inspiration to the whole industry that there is potential for vulnerabilities that needs to be addressed and in 2017, IMO (International Maritime Organization) passed its first resolution on maritime risk management that recommended a risk management approach to cyber risks and maritime cyber security.
What is Cyber Risk Management and why is it important?
Cyber risk management refers to the process of identifying, analyzing, assessing and commutating a cyber related risk and accepting, avoiding and mitigating it to an acceptable level, considering costs and benefits of actions taken to shareholders. The overall aim is to support safe and secure shipping. Cyber security has a huge potential to affect the safety of the cargo, vessel, crew and even ports. These policies and plans cover various types of risks like information integrity, system and hardware availability onboard and in the head office of the shipping company. Different incidents can be caused by problems with transfer of data from the vessel to the shipping company and vice versa. For instance, incorrect transfer of statistical charts from the company to the vessel’s ECDIS (Electronic Chart Display and Information System) can cause delay in voyage or even can cause to reset all charts installed on the ECDIS. Loss or manipulation of external sensor data can hamper all the critical actions of the ship. Not to mention various Pirate originations hack into the servers of the ships to get a hold of data regarding ship’s crew, cargo and route giving them an opportunity to either leak this data to the world of plan an attack.
Cyber Risk Management should incorporate plan and policies which:
- Define the roles and responsibilities of users, important personnel both onboard and onshore.
- Identify important and confidential data and assets which if leaked could pose a threat to the operations and safety of the ship.
- Implement technical and procedural measures to protect against any cyber-attack incidents and ensure the continuity of business.
- Carry out activities and drills in order to prepare for responding to any future cyber-attack incidents.
The company’s risk management plan should be in compliance with the existing cyber security risk management requirements of the ISM code and the ISPS code. Cyber security should be incorporated at all levels of the company, from top management onshore to onboard personnel as an integral part of the safety culture required for safe and efficient operation of a vessel.
Ships are highly integrated with onshore operations and all the business is carried out with the help of communication systems on board. These systems if hacked can cause great loss to the company due to leak of confidential data. To protect these systems, these multiple layers of safeguards are used which address the role of people, procedures and technology to increase the chances of detecting a cyber-attack and to increase to effort and resources to protect information data and availability of IT hardware.
Well, most of us have tried to hack our neighbor’s Wi-Fi password back in the day, but now with the advancement in technology and introduction to cyber security, this is not possible. Same is the case with ships and the maritime industry, with the advancement in technology and introduction of new plans and policies, we can now minimize the risks and the effects of cyber-attack. To all the future hackers out there, it is going to be pretty difficult for you.