The International Maritime Bureau (IMB) is asking shipping and maritime companies to be vigilant to the potential commercial impact that cyber attacks can cause.
IMB says that cybersecurity is not only about trying to identify and to prevent systems on board ships from getting hacked. “There is also a very real danger that emails being sent to and from ships are monitored or altered. This could have huge commercial effect on vessels,” an IMB spokesman said.
At its recent Maritime Safety Committee meeting, the International Maritime Organization approved interim guidelines on maritime cyber risk management. The recommendations are aimed at enabling stakeholders to take necessary steps to safeguard shipping from current and emerging threats and vulnerabilities related to digitization, integration and automation of processes and systems in shipping.
A new study led by England’s Plymouth University’s Maritime Cyber Threats Research Group established that vessels are under significant threat of cyber attack because many are carrying outdated software and were not designed with cybersecurity in mind.
It said traditionally, attacks on ships have included piracy, boarding and theft, and while these attacks have often been successful and continue, they are well understood. In contrast, the research says cyber attacks are stealthier, and have a range of potential implications including business disruption, financial loss, damage to reputation, damage to goods and environment, incident response cost, and fines and/or legal issues.
The research suggests maritime cyber attacks would most likely target systems responsible for navigation, propulsion, and cargo-related functions, with many incentives for attackers, given that over 90 percent of world trade occurs via the oceans. It adds that operators could easily mitigate against such dangers by updating security systems, improving ship design and providing better training for crews.