Navigating Dangerous Waters: the Maritime Industry’s New Cybersecurity Threat as Technology Innovation Grows

Tuesday, July 03, 2018

Jalal Bouhdada


The rapid evolution of technology and, in particular, the Industrial Internet of Things (IIoT) is transforming critical environments, bringing benefits such as optimised processes, reduced costs and energy efficiencies. The maritime industry, which forms part of our critical infrastructure, is adapting to access many of the benefits that innovation in technology can offer. By the end of the decade, for example, a new era of shipping will have started with the world’s first autonomous container ship transporting goods around the coastline of Norway.

Although such advances are to be applauded, they bring with them a high element of risk. Security researchers have been warning for many years that the shipping industry is a ‘low hanging fruit’, due to the fact that high-value goods are transported by ships with legacy systems and poor cybersecurity practices to safeguard from malicious attacks. This is leaving vessels at risk of a wide range of threats from live location tracking, to the loss of critical function such as power and navigation.

The dangers of Operational Technology at sea

A concerning problem encountered within maritime is a lack of recognition that a container ship is a critical environment, warranting robust protective systems like any other Operational Technology (OT) environment e.g. a utility. Once connected to a network, this technology risks being targeted by hackers. The threat is a real one; researchers have demonstrated proof of concept cyber-attacks against many of the most common maritime systems, and there’s evidence of incidents at sea in which navigational computers were infected with malware on a USB stick being used for upgrades.

A one-size-fits-all approach to cybersecurity won’t be an effective solution, as the shipping industry presents a unique challenge for hardening cybersecurity; that is, every ship is different. A lack of standardisation across vessels means a vast mix of legacy OT has been deployed, much of which was not designed with security in mind, as well as further networked technologies which have been added over time.

A major vulnerability is the lack of cybersecurity skills, knowledge and focussed training among many of the crew members to recognise, understand and address incidents. On the most part, the person responsible for IT combines the role with another, leaving little time to monitor, respond to or rectify a cybersecurity breach. In this circumstance, remote monitoring for such issues is also problematic due to a shortage of reliable bandwidth while at sea.

A change in approach – the importance of risk management

These challenges are not unsolvable and for those that get it right, cybersecurity will be a powerful enabler in the world of more automated shipping. Adopting a risk management approach – where risk appraisal is used to identify, evaluate and prioritise risks in order to control the probability or impact of an incident – will be key to the maritime sector’s future. A risk management approach begins with identifying which systems, data and interfaces are unprotected and pose the greatest risk to operations if compromised. In a maritime context, this should involve the frequent testing and hardening of systems, as well as securing devices and networks by closing unused data ports and ensuring full network segregation between OT and IT systems.

Better staff training is also a must for all those working on a vessel. For example, crew systems, such as terminals for entertainment or personal email, should be kept isolated from other systems as one of the primary threats remains inadvertent infection via a flash drive or mail attachment. Crew members should be able to utilise such technology in a secure manner and be trained to avoid suspicious email links.

But effective cybersecurity must also be business efficient cybersecurity. The maritime industry will need to adapt to access the many benefits of technological innovation but do so in a safe and secure way. Learning the lessons of other industries, it is clear that one of the best ways to improve resilience to cyberattacks and harden maritime networks is to build a cyber secure supply chain. Working with suppliers whose products are demonstrably secure, and partners whose knowledge is advanced in existing maritime systems will be fundamental to robust OT security and a safer future for asset transport at sea.

About the author: Jalal Bouhdada is Founder and Principal ICS Security Consultant at Applied Risk.

Possibly Related Articles:
Operating Systems Security Awareness Security Training
Risk Management cyber-attack maritime industry cybersecurity practices location tracking
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.