Shipping industry on cyber red alert
The maritime sector is being targeted by highly motivated cyber criminals and the shipping industry should be on the highest alert for a cyber-attack, Naval Dome CEO Itai Sela has warned.
Speaking at the Singapore Maritime Technology Conference (SMTC) 2019, organised by the Maritime and Port Authority of Singapore, Sela said: “Somebody, somewhere is targeting the maritime sector. The shipping industry should be on Red Alert.”
Sela’s warning follows widespread concern that the maritime industry remains vulnerable and is not doing enough to protect itself.
During a round table discussion in which several companies informed the Greek shipping community of the importance of cyber security, one analyst said that while the industry is “concerned about the cyber risk it struggles to understand where and how best to manage it”.
US congressman John Garamendi made a similar comment during a Brookings Institution debate on securing US maritime commerce. “Congress is aware of the cyber risks,” he said, “but not adequately engaged nor adequately addressing the problem.”
“The maritime industry is just not prepared,” Sela told SMTC delegates. “Shipping is a US$4 trillion global industry responsible for transporting 80% of the world’s energy, commodities and goods, so any activity that disrupts global trade will have far reaching consequences.
“It is easy to understand why shipping is now in the cross-hair of the cyber-criminal or activist. But the maritime industry still believes it is enough to have a Level 1 solution to protect against a Level 4 threat.”
Referring to the global certification standard IEC 62443, which has been adopted by several certification bodies, Sela explained the four levels of security used for safeguarding against a cyber-attack.
“A Level 4 attack is extremely sophisticated and intended to cause the most amount of disruption for either political, social or financial gain. It is the Level 4 type attack criminals are using to penetrate the shipping industry,” Sela said, referring to an incident in which the navigational equipment aboard a fleet of 15 tankers was simultaneously hacked.
The easiest way for hackers to penetrate ship systems is to attack systems at the ship manager or original equipment manufacturer’s (OEM) head office, said Sela. “All a hacker has to do is infiltrate these systems and wait until some someone sends an infected email to someone onboard ship – the attack is delivered. It spreads. It’s autonomous.”
By Jake Frith
Latest Press Releases
In an important milestone in the build of the Antarctic Supply Research Vessel (ASRV) Nuyina for the... Read more
Largest submersed permanent magnet e-motor passed test with flying colours Read more
Manor Renewable Energy (MRE) Ltd has signed a contract with EnBW to provide the full temporary power... Read more
Supporting active drilling operations sets new level of CTV engagement Read more
Damen and Arriva extend ferry service from Copenhagen city centre to port area with two additional Damen Ferries 2306E3
Arriva Danmark has extended the requirements of its contract with Damen Shipyards Group in order to ... Read more
Damen Marine Components (DMC) has signed its first order with a Turkish Shipyard. The client is TERS... Read more