The cyber risk for ships

Security industry says marine sector is too complacent

The cyber risk for ships


By Paolo Taruc

As if the lingering threat of piracy wasn’t bad enough, the shipping industry today has to contend with a rapidly growing risk – cyberattacks.

Last June, Danish shipping giant Maersk was hit by the global Petya cyberattack outages - according to Reuters, the breakdown affected container shipping, port and tug boat operations, oil and gas production, drilling services, and oil tankers.

Celebrate excellence in insurance. Nominate a worthy colleague for the Insurance Business Awards!

The attack may have caused about US$200 million to US$300 million in damages to the company, Maersk said in a statement.

“In the last week of the [second] quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco. Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted,” it said.

In an interview with the BBC, maritime cybersecurity firm CyberKeel discussed the case of one mid-sized shipping firm, whose computer systems were infiltrated by a small virus planted by hackers.

“They [the hackers] would then monitor all emails to and from people in the finance department,” said a spokesman. He added that the hackers managed to steal “several million dollars” before the company took notice.

Even pirates themselves have gone digital. A recent report by telco giant Verizon revealed how these criminals use data to conduct more precise robberies.

“They’d board a vessel, locate by barcode specific sought-after crates containing valuables, steal the contents of that crate – and that crate only – and then depart the vessel without further incident,” the report explained.

Last month, the Maritime Safety Committee of the International Maritime Organization (IMO) adopted a resolution that established guidelines for cyber risk management.

“The guidelines provide high-level recommendations on maritime cyber risk management to safeguard shipping from current and emerging cyberthreats and vulnerabilities. The guidelines also include functional elements that support effective cyber risk management,” said the IMO.

“Stakeholders should take the necessary steps to safeguard shipping from current and emerging threats and vulnerabilities related to digitization, integration and automation of processes and systems in shipping,” it added.

Related stories:
Cyber insurance requests sky rocket in Asia - AIG
How insurers are helping to combat phishing scams

Keep up with the latest news and events

Join our mailing list, it’s free!