Cybersecurity – A growing challenge for the Maritime Industry
Digital technology has brought significant benefits to maritime industry. But with technological advancements, maritime systems and infrastructures have become vulnerable to cyber threats. Cybercrime has been categorized as one of the most dangerous global risks by the World Economic Forum. With the alarming number cyber-attacks within the shipping industry, International Maritime Organization (IMO) have emphasized the need for implementing precautionary measures to prevent the risk.
Security compromise on vessels can have a devastating effect resulting in losing confidential data, hackers having access to systems causing the ships to reroute and change their course of destination. Ships are known to run on complex systems. There are number of real-world examples of how the systems can be exploited and targeted in the industry. Hackers are hired to target a shipping network. Controlling the movement and shipping containers once at port is a key element for crime gangs.ystems onboard a vessel are extremely vulnerable to cyber-crimes
• Vessel Integrated Navigation System (VINS)
• Global Positioning System (GPS),
• Electronic Chart Display and Information System (ECDIS) and
• Automatic Identification System (AIS).
Few of the common challenges faced in implementing cyber security
in the maritime business are:
• Slow rate of adoption
• Complex Systems
• Lack of training
• Depending on terrestrial infrastructure
• Lack of awareness on board
What could be done to help enable operationalize the Maritime Industry to prioritized cybersecurity need in the digital era. It is important to understand the need for cyber security with persistent visibility into organizations own networks, assets and a third-party investigation must be achieved. The spectrum of surface attack requires a continues monitoring and awareness which has been practiced at sea for centuries: for e.g. Inspection of cargo holds and machinery. A real time knowledge of vessel, maritime terminal networks and technologies presents the greatest power of information to empower stakeholders because what belongs and what doesn’t belong is discoverable and tangible in the present, allowing actions to be taken early, instead of after a breach. Skills like observable behaviors of how systems react to breach attempts. Second it is important to have cybersecurity leadership on board to ensure all strategic planning and cyber actions are taking place. In an operating vessel where physical operational technology systems integrate with IT systems, leader must know of unified strategies and how the fleet will be protected. Thirdly the industry would benefit from sharing discreet information. Having a contingency plan is important when it comes to security and safety.
We at Constellation are always ahead thinking, monitoring, scanning, plotting, inspecting - because the sea is unforgiving, and the duty of care is neither optional nor negotiable.