Cyber resilience is the ability to prepare for, respond to and recover from cyber-attacks. It helps an organisation protect against cyber risks, defend against and limit the severity of attacks, and ensure its continued survival despite an attack.
Shipping is a USD 4 trillion global industry responsible for transporting 80% of the world’s energy, commodities and goods. Being a lucrative and dominant sector, the industry has been vulnerable to cyber-attacks and a hot favourite of cyber criminals. With the advent of newer technology ships are increasingly using systems that rely on digitisation, digitalisation, integration, and automation, which call for cyber risk management on board.
As technology continues to develop, information technology (IT) and operational technology (OT) onboard ships are being networked together – and more frequently connected to the internet. This brings the greater risk of unauthorised access or malicious attacks to ships’ systems and networks. Risks may also occur from personnel accessing systems on board, for example by introducing malware via removable media.
The shipping companies and ports operators, instead of focusing on keeping cyber criminals at bay, need to work on a strategy to reduce their impact. To mitigate the potential safety, environmental and commercial consequences of a cyber-incident, international shipping organisations, have been busy formulating their own approaches to cyber risk management onboard. Let us take a look at some of the measures taken by stakeholders of the industry for cyber risk management.
IACS: In May this year, the International Association of Classification Societies (IACS) published its Recommendation on Cyber Resilience, which applies to the use of computer-based systems which provide control, alarm, monitoring, safety or internal communication functions which are subject to the requirements of a classification society. The newly launched Recommendation applies to all the networks onboard a system that make use of digital communication to interconnect systems within the ship and ship systems which can be accessed by equipment or networks off the ship.
ABS: ABS Advanced Solutions and Fleet Management Limited signed an agreement in January 2019 to implement the ABS cyber security solution for Fleet Management’s 220-vessel liquid cargo fleet. The ABS FCI Cyber Risk model was developed following a two-year research contract between ABS and the Maritime Security Center—a U.S. Department of Homeland Security Center of Excellence—led by Stevens Institute of Technology and the US Department of Defense. Launched in June 2018, the ABS FCI Cyber Risk approach quantifies cyber security risk, and gives owners and operators a practical, actionable strategy to reduce cyber risk onboard a vessel.
Maritime and Port Authority of Singapore: MPA has opened a new 24/7 Maritime Cybersecurity Operations Centre (MSOC). The MSOC will conduct 24/7 monitoring and correlate data activities across all maritime Critical Information Infrastructure (CII). It will have the capability to (a) detect and monitor cyber-attacks by analysing activities in the IT environment; (b) detect anomalies and threats; and (c) respond to the cybersecurity incidents using available technology solutions. The MPA has also collaborated with the Singapore Maritime Institute and local institutes of higher learning to embark on a Maritime Cybersecurity Research programme. This programme will focus on the protection of shipboard systems to mitigate cyber threats with the growing digitalisation on board ships.
Port of Los Angeles: The Port of Los Angeles initiated the first ever cross-sector Cyber Resilience Center which has shipping lines, marine terminal operators and railroad companies as its stakeholders. The proposed Center would be a collaborative effort to share cyber threat information across a multitude of companies within the Port complex to help companies prepare against myriad cyber risks that could impact the cargo supply chain ecosystem. In 2014, the Port established the nation’s first Port of Los Angeles Cyber Security Operations Center, operated by a dedicated cybersecurity team and acts as a centralized location to proactively monitor network traffic to prevent and detect cyber incidents under Port control.
Impact of Cyber Attack
The transportation and logistics industry has characteristics that make it a particularly tempting target. The industry is a global one with tentacles into so many different industries around the world. When Danish shipping giant A.P. Moller-Maersk’s computer system was attacked on June 27, 2017, by hackers, it led to disruption in transport across the planet, including delays at the Port of New York and New Jersey, the Port of Los Angeles, Europe’s largest port in Rotterdam, and India’s largest container port near Mumbai.
That’s because Maersk is the world’s largest shipping company with 600 container vessels handling 15 percent of the world’s seaborne manufactured trade. It also owns port operator APM Terminals with 76 port and terminal facilities in 59 countries around the globe. The June 27 cyberattack was a clarion call to elevate cyber-security to a top priority.
Response to a Cyber-attack
An ideal cyber-resilience programme should be able to identify, assess and manage the risks associated with network and information systems. It must monitor the network and information systems constantly to detect anomalies and potential cyber security incidents before they can cause any significant damage. An incident response management programme ensures business continuity. This will help the company to continue and operate despite a cyber-attack.
The Way Ahead
An article published on ABB in states that shipping is exposed to malware and multiple other cyber threats. However, the viruses that threaten to break the maritime supply chain and delay cargo delivery carry additional risks. “Infected systems can compromise navigation or propulsion, threatening ship safety itself as well as the marine environment. With broadband internet connectivity available for vessels globally, the older systems onboard ships are vulnerable to cyber-attacks,” the article stated.
Taking precautions by installing security systems, such as firewalls and detection systems for denial of services attacks and other malware, is crucial, but insufficient by themselves. Ultimately, adopting proactive cybersecurity risk management provides an opportunity for shipping companies to differentiate themselves.
Cyber resilience has emerged over the past few years because traditional cyber security measures are no longer enough to protect organisations from the spate of persistent attacks. Both cyber security and cyber safety are important because of their potential effect on personnel, the ship, environment, company and cargo. Cyber security is concerned with the protection of IT, OT, information and data from unauthorised access, manipulation and disruption. Unlike other areas of safety and security, where historic evidence is available, cyber risk management is made more challenging by the absence of any definitive information about incidents and their impact. The IMO requires cyber security to be addressed in Safety Management Systems by January 2021; TMSA3, SIRE, BIMCO, IACS and Rightship have specified additional industry guidelines and commercial requirements.
Conclusion: Trace & Treat
Cyber-attacks are increasing in frequency and severity to such an extent that it’s no longer enough to suppose that you can defend against every potential attack. Organisations need to combine cyber security with business resilience to be cyber resilient. Forward-looking companies will begin to see a safer shipping offering as a competitive advantage, especially if attacks continue. No industry will be entirely safe from the threat of cyber-attacks, shipping and maritime is no exception. However, the stakeholders need to be prepared and have the ability to strike back to take the hackers at hand.
Sea News Feature, July 28