Cyber-Security Concerns for the Shipping Industry
October 20, 2017 in CyberFor several years, security experts have warned that outdated technological systems could lead to increased risks to shipping vessels. In recent months, the warnings have grown louder. Most computer based shipping technologies, developed in the 1990s, were initially designed as isolated systems. Over time, the industry has moved increasingly online. The change has opened the industry to more threats from outside actors. As technology and users become more sophisticated, the shipping industry has struggled to keep up to speed with the latest changes, leaving older systems vulnerable to targeting.
Two key risks are the hacking or spoofing of marine traffic. Hacking refers to the unauthorized access to data in a system. A hacker could gain entry into the internal systems of a company and access private information, such as cargo documents, or the personal details of crew members aboard a vessel. A hacker could also install malware into the system, allowing them access to sensitive material such as e-mail transmissions. In the past year, hackers have changed the banking information on email invoices going to shipping companies, redirecting millions of dollars before the issue was identified. In June, the NotPetya ransomware-attack targeted several large businesses, including shipping giant Maersk. The virus wormed through the company’s global network, forcing a stoppage at 76 port terminals globally, and costing the company nearly $300 million.
Spoofing, on the other hand, is a process of falsifying the origin or location of something in order to mislead a user. In terms of the shipping industry, it can be used to alter the coordinates of a vessel, or make the vessel simply disappear from tracking systems. Spoofing attempts are often spotted quickly, however sophisticated actors continue to construct ways to outsmart the systems, causing spoofing to remain a point of concern.
Aboard a vessel, security issues can be amplified. For example, the AIS system uses satellites and marine radar to pinpoint the location of a vessel. This information, often publicly available, can be used to track the location of vessels around the globe, and can be used by pirates as a sort of “shopping list”. Using spoofing, a malevolent actor can theoretically alter the location of a vessel, causing a ship to redirect its course into unknown waters. With hacking, they can access a cargo list, obtain the information about the content of specific crates, and if they successfully board a vessel, they target only the crates with goods they find valuable.
While there are numerous entry points for a hacker to target, aboard a vessel, perhaps the weakest point is maritime satellite communication (satcom) system. Satcom boxes are nearly always connected to the internet, and often do not have updated technology. They are often poorly secured, and can easily allow access to “protected” data and entry into a company’s larger systems.
Governments and corporations have long struggled to keep up with the changes in technology. Because of the rapid rate of sophistication, legacy systems often do not have the features or capacity to protect shipping companies from such attacks. Awareness is growing as cyber-security becomes a more prominent global concern. Experts have called for changes in the industry, including secure firmware, password complexity, penetration testing, and other preventative measures to ensure that vessels, cargo, and crew remain safe.
The International Chamber of Shipping has recently launched guidelines designed to help ship owners protect themselves from hackers. More information can be found here: http://www.ics-shipping.org/docs/default-source/resources/safety-security-and-operations/guidelines-on-cyber-security-onboard-ships.pdf?sfvrsn=16