Shipping, ports and logistics firms from the US to Asia were among the worst affected by the NotPetya attack in June. The attack caused considerable disruption to the global logistics supply chain, temporarily closing a number of major ports and terminals, including Mumbai, Rotterdam, New York and Los Angeles.
One major shipping company suffered significant disruption to its operations, causing delays and impacting business volumes. The company expects the attack to cost between USD 200 million and USD 300 million.
Logistics company TNT, part of FedEx, suffered weeks of disruption as it struggled to clear a huge backlog of packages and invoicing. The company warned investors that the ransomware attack was likely to hit its full year earnings.
The maritime sector is exposed to a wide range of cyber risks, including physical damage, cyber extortion, fraud and theft, as well as acts of cyber terrorism and piracy.
Public examples of cyber attacks in the maritime industry are somewhat limited, as attacks may go undetected or because companies often do not report incidents.
An offshore floating oil platform was temporarily shut down in 2014 after hackers remotely accessed its control systems, allowing them to tilt the vessel. Other known incidents include the hacking of the Port of Antwerp by criminals looking to smuggle drugs through the port undetected, while Somali pirates were found to have hacked a shipping company in order to target vessels and steal valuable cargo.
Maritime cyber security firm CyberKeel recently revealed a scam targeting shipping companies, costing millions of dollars. Hackers planted malware in a shipping firm’s IT system, tricking the finance department to transfer funds intended to pay for fuel to the criminals’ account.
Hacking and Spoofing
The maritime sector is increasingly exposed to cyber risk as it looks to technology and new business models to drive efficiency. Yet cyber security has not been a priority for the sector until recently.
Modern commercial shipping is becoming more dependent on technology for navigation, communication and to control and monitor propulsion and machinery. At the same time, cargo handling and port management systems are becoming digitalised and can now be controlled in real-time through wireless networks.
There is growing concern that the digitalisation of shipping will open the door to cyber criminals, keen to exploit the sector’s perceived weak cyber security.
A big concern is that a cyber attack against a large containership, tanker or cruise ship, resulting in a collision or grounding could result in a major casualty. Vessels could suffer physical damage – with potentially huge third party liabilities - from the hacking of control systems, while concerns have been raised for cyber attacks against GPS systems and the ability of hackers to jam or spoof ships navigation.
Researchers have demonstrated numerous vulnerabilities in ship cyber security, successfully hacking into satellite, communications and on-board control systems.
Shipping risk management company DNV says it was aware of an incident where ransomware forced the shutdown of key systems on-board a container ship. In another incident, cyber-security firm NCC Group says it knows of a tanker infected by malware accidently introduced by a crew member with a USB stick.
According to the 2017 Safety and Shipping Review from Allianz, the cyber threat to the maritime sector is growing. The insurer noted that the number of incidents that have resulted in loss of critical data, financial loss or IT problems in the maritime sector is increasing.
According to Allianz, most attacks to date have been aimed at breaching corporate security, rather than taking control of the vessel. However, there are concerns that a major cyber-attack of this nature could occur in future.
Allianz believes that an increasing reliance on technology and automation will significantly alter the risk profile of the maritime sector. But it has concerns about the current pace of development of IT and cyber security standards in the maritime industry.
The shipping industry is now responding to the cyber threat with the development of cyber security guidelines and standards. A group of leading international shipping and insurance organisations have developed cyber security guidelines for ships. The guidelines were updated in July to include advice on buying cyber insurance.
Authorities are also looking to bring cyber risk within the scope of maritime law and regulation. The US government, for example, is tightening cyber security rules for ports and vessels, requiring port operators to have a cyber security plan. The US Coast Guard is also looking to address cyber security, and may soon provide guidance on maritime cyber security.
On the international stage, the International Maritime Organization (IMO) is incorporating cyber risk management into its regulations. The IMO adopted high level cyber risk management and security guidelines in July and has given ship owners and managers until 2021 to incorporate them into safety management systems.
Bespoke Insurance Solutions
The recent ransomware attacks have revealed just how dependent marine and transport supply chains are on information and communications technology. They also showed how cyber risk and business interruption can come in unexpected forms.
Marine hull and liability, cargo and port operators insurance policies, however, increasingly contain exclusions for cyber risk, potentially leaving companies uninsured in the event of a cyber attack like those seen in May and June.
Standalone cyber insurance can be tailored to fill in the gaps that may exist in traditional marine coverages, and we are seeing increasing interest from shipping companies and port operators for bespoke solutions as awareness of cyber risk grows.
Download Cyber Decoder
For further information, please contact Sarah Stephens, Head of Cyber, Content and New Technology Risks on firstname.lastname@example.org