The maritime industry is rapidly changing and becoming more technologically advanced with digital transformation playing a key part. However, the cyber threat landscape is rapidly evolving and maritime is a high target for cyber criminals – threatening vessels and ports that facilitate 95% of all UK trade, totalling over £500bn.
Without a focus on new and unseen attacks, port and shipping operators and other members of the maritime ecosystem can be left exposed.
Typical cyber security challenges in the maritime industry:
- Obsolete and unsupported operating systems.
- Outdated or missing antivirus software and protection from malware.
- Inadequate security configurations and best practices, including ineffective network management and the use of default administrator accounts and passwords, shipboard computer networks, which lack boundary protection measures and segmentation of networks.
- Some critical systems always connected with the shore side (more for newer vessels with state of the art technology) – this is bad if those critical systems are unsupported or outdated/unpatched.
- Inadequate access controls for third parties including contractors and service providers – who have the ability to plug an infected USB into a system onboard.
As a security professional within maritime, ask yourself:
- How frequently is your IT infrastructure tested for vulnerabilities?
- Are suitable controls in place to defend against targeted attacks?
- Are systems implemented to identify threats that bypass perimeter defences?
- Do staff have sufficient awareness of information security risks?
- How do you detect, remediate and report breaches?
- Are systems and controls implemented to mitigate insider threats?
- Is any personal data appropriately processed and protected?
Recent Real-world Cyber Attacks in the Maritime Sector
Maersk Notpetya Ransomware Attack, 2018 This ransomware attack infected Maersk systems and damages are estimated to cost between $250-$300 million. This attack was exploited through a single vulnerable software onsite at one of Maersk’s many port offices.
Cosco Ransomware attack, 2018 Cosco shipping was targeted in another unknown ransomware attack affecting its systems in the United States.
Austal Cyber Attack, 2018 Western Australian-based ship builder and defence contractor Austal who build patrol vessels and frigates for the Australian Navy announced that an unknown offender had targeted its data management system. Austal confirmed the offender purported to offer certain materials for sale on the internet such as ship drawings and staff information such as email addresses and phone numbers. The offender used this data in an extortion attempt.
Norsk Hydro ASA, 2019 One of the world’s largest aluminium producers with a substantial shipping division fell victim to LockerGoga ransomware. It’s reported to have cost the business $52 million in the first quarter. The Norwegian National Security Authority said the attack used a virus known as LockerGoga, a relatively new strain of so-called ransomware, which encrypts computer files and demands payment to unlock them.