Cyber-Security Concerns for the Shipping Industry
October 20, 2017 in CyberFor several years, security experts have warned that outdated technological systems could lead to increased risks to shipping vessels. In recent months, the warnings have grown louder. Most computer based shipping technologies, developed in the 1990s, were initially designed as isolated systems. Over time, the industry has moved increasingly online. The change has opened the industry to more threats from outside actors. As technology and users become more sophisticated, the shipping industry has struggled to keep up to speed with the latest changes, leaving older systems vulnerable to targeting.
Two key risks are the hacking or spoofing of marine traffic. Hacking refers to the unauthorized access to data in a system. A hacker could gain entry into the internal systems of a company and access private information, such as cargo documents, or the personal details of crew members aboard a vessel. A hacker could also install malware into the system, allowing them access to sensitive material such as e-mail transmissions. In the past year, hackers have changed the banking information on email invoices going to shipping companies, redirecting millions of dollars before the issue was identified. In June, the NotPetya ransomware-attack targeted several large businesses, including shipping giant Maersk. The virus wormed through the company’s global network, forcing a stoppage at 76 port terminals globally, and costing the company nearly $300 million.
Spoofing, on the other hand, is a process of falsifying the origin or location of something in order to mislead a user. In terms of the shipping industry, it can be used to alter the coordinates of a vessel, or make the vessel simply disappear from tracking systems. Spoofing attempts are often spotted quickly, however sophisticated actors continue to construct ways to outsmart the systems, causing spoofing to remain a point of concern.
Aboard a vessel, security issues can be amplified. For example, the AIS system uses satellites and marine radar to pinpoint the location of a vessel. This information, often publicly available, can be used to track the location of vessels around the globe, and can be used by pirates as a sort of “shopping list”. Using spoofing, a malevolent actor can theoretically alter the location of a vessel, causing a ship to redirect its course into unknown waters. With hacking, they can access a cargo list, obtain the information about the content of specific crates, and if they successfully board a vessel, they target only the crates with goods they find valuable.
While there are numerous entry points for a hacker to target, aboard a vessel, perhaps the weakest point is maritime satellite communication (satcom) system. Satcom boxes are nearly always connected to the internet, and often do not have updated technology. They are often poorly secured, and can easily allow access to “protected” data and entry into a company’s larger systems.
Governments and corporations have long struggled to keep up with the changes in technology. Because of the rapid rate of sophistication, legacy systems often do not have the features or capacity to protect shipping companies from such attacks. Awareness is growing as cyber-security becomes a more prominent global concern. Experts have called for changes in the industry, including secure firmware, password complexity, penetration testing, and other preventative measures to ensure that vessels, cargo, and crew remain safe.
The International Chamber of Shipping has recently launched guidelines designed to help ship owners protect themselves from hackers. More information can be found here: http://www.ics-shipping.org/docs/default-source/resources/safety-security-and-operations/guidelines-on-cyber-security-onboard-ships.pdf?sfvrsn=16
Turkish ship attacked off the coast of Libya
May 11, 2015 in Libya, TurkeyOn Sunday, a Turkish dry cargo ship was shelled as it approached the Libyan city of Tobruk. The ship was then attacked from the air as it tried to leave the area, according to the Turkish Foreign Ministry. The attack left the ship’s third officer killed and other crew members wounded. The Turkish Ministry maintains that the ship was in international waters at the time.
The Turkish-owned and Cook Islands-flagged ship, Tuna-1, was about 13 miles off the coast of Tobruk where it was carrying cargo from Spain. In a statement released on Monday, the Ankara government said, “We condemn strongly this contemptible attack which targeted a civilian ship in international waters and curse those who carried it out.” Turkey reserves its legal rights to seek compensation, the ministry said. The Turkish statement did not specify who launched the attacks, however a spokesman for the Tobruk-based Libyan National Army (LNA) says the vessel was bombed as it was warned not to approach the Libyan port of Derna.
The attack is not the first to occur in the Libya, where two opposing governments have been fighting to gain power in the country for over a year. On 4 January, a Libyan warplane bombed a Greek-operated oil tanker anchored off the eastern port of Derna, killing two crewmen. Military officials from the Tobruk government said the vessel had been warned not to enter port. Days later, on 9 January, the Commander of the Libyan Air Force announced that airstrikes will be carried out against any ships calling at militant-held Misrata port. A week later on 16 January, an oil tanker approaching the port of Benghazi was bombed. The Tobruk-led Libyan National Army claimed responsibility for the attack, saying the unnamed vessel was attempting to deliver petrol to a radical Islamist group Ansar Al-Sharia.
In February, internationally recognized Prime Minister, Abdullah al-Thani, said his government would stop dealing with Turkey because it was sending weapons to a rival group in Tripoli so that “the Libyan people kill each other.”
The internationally recognised House of Representatives operates out of Tobruk. Its forces, the LNA, have been battling against Fajr Libya, a coalition of militias supporting the Tripoli-based government, the General National Convention (GNC). Amid the chaos, radicalised elements have sought to gain a foothold in the land. The continued conflict has hindered the ability of government forces to differentiate between legitimate threats and innocent vessels.
MS Risk continues to advise merchant vessels to be aware of the threat to ships entering Libyan ports. Commercial vessel operators are urged to notify their insurers prior to sailing into Libyan coastal waters.
Maersk Tigris expected to be released within days
May 7, 2015 in IranIn a statement today, Maersk announced that they had provided a letter of undertaking relating to a original 10-year old cargo case that resulted in last week’s seizure of container vessel Maersk Tigris by Iranian Authorities. Maersk added, “We are continuing to do everything we can to assist in the safe release of the crew and vessel.”
On 28 April, Iranian Revolutionary Guards forces boarded the Maersk Tigris, a Marshall Islands-flagged cargo ship in the Gulf. The container ship had been following a normal commercial route, sailing from the Jeddah in Saudi Arabia, bound for the UAE port of Jebel Ali. The vessel was anchored off the Iranian coast between the islands of Qeshm and Hormuz when Iranian patrol boats fired warning shots across its bow and ordered it deeper into Iranian waters. The vessel issued a distress call which was received by US forces operating in the region. The Islamic Revolutionary Guards Corps naval units seized the vessel and its crew. The vessel’s manager, Singapore-based Rickmers Shipmanagement, reported that there were 24 crew members, mostly from Eastern Europe and Asia. Maersk reported on 29 April that the crew on board are safe and “in good spirits.” The carrier remains in close contact with the Danish Foreign Ministry.
Iranian maintains that the ship’s seizure is a civil matter with no military or political dimension.
Two reports have emerged regarding the reasons for the ship’s capture. Financial Times and other sources report that the ship was taken as the result of a 2005 incident in which ten shipping containers were delivered by Maersk to Dubai for Pars Tala’eyeh Oil Products Company. The containers were disposed of when no one came forward to claim them. In the initial legal proceedings, Iranian courts found in favour of Maersk, but a February 2015 appeal overturned the ruling, fining Maersk $3.6 million. Maersk claims it was unaware of the appeal.
Meanwhile, Hellenic Shipping News has reported information from Hamidreza Jahanian, managing-Director of Pars Tala’eyeh Oil Products Company. Jahanian reports that the seizure stems from a 2003 dispute wherein “a number of containers sent by Pars Tala’eyeh Oil Products Company through the Maersk Line Shipping Company were not delivered to the customer in Jebel Ali in 2003.” He adds that Maersk had some differences with its representative in Iran, and “refrained from delivering the goods to the customer.” Jahanian states that Pars Tala’eyeh Oil Products Company filed a lawsuit, and the court ruled in favour of the Iranian company. They maintain that Maersk owes $10 million, the estimated amount the company incurred in losses.
Iran’s Port and Maritime Organization (IPMO) sanctioned the vessel’s detention following the court ruling. The Iranian company has warned that vessel could be put up for auction if compensation is not paid by Maersk. Maersk demanded legal documentation from Iran regarding the ship’s seizure. As of 4 May, the company says it had not received written confirmation of court rulings or the ship arrest warrant. A statement from Maersk reads, “We have […] not received any written notification or similar pertaining to the claim or the seizure of the vessel. We are therefore not able to confirm whether or not this is the actual reason behind the seizure. We will continue our efforts to obtain more information.”
Lawyers have stated that maritime law allows a nation to arrest a foreign ship based on this type of dispute under certain conditions: the ship needs to be in port, and the seized ship must be the ship against which the claim was filed.
With regard to the 2005 case, the Maersk Tigris was not the ship in question, nor was it at port. Maersk Tigris was in international waters when warning shots were fired, and the vessel was instructed to sail into Iranian waters. Further, despite the name, the Maersk Tigris is not owned by Maersk; it is chartered by them. The vessel is owned by private equity fund Oaktree Capital Management. Therefore, its seizure cannot be used to settle the claim against Maersk. Finally, there are no grounds which allow Iran to detain the vessel’s crew. As such, many have stated that the taking of the vessel is a violation of international maritime law.
The situation is expected to be resolved in the coming days. Iranian state-run news agency IRNA quoted Foreign Ministry spokeswoman Marzieh Afkham as telling a news conference, “The negotiations between the private complainant and the other party are going on and possibly the issue will be resolved in a day or two.”