Time after time we have heard about security breaches in the news involving retailers, banks, and government entities, just to name a few. Highly sensitive information becomes public with devastating effects in the aftermath. No industry is immune from cybersecurity threats, not even the maritime industry. Not all maritime cyberattacks are publicly reported but that does not necessarily underscore the amount of malicious activity that does go on in the industry and the impact it can have.
The maritime industry is paramount to the global economy, with estimates suggesting that more than 90 percent of global trade is transported by sea. It is diverse to say the least, not conforming to just one NAICS code. Private, commercial and government activities all operate in delicate balance.
A recent study led by Plymouth University’s Maritime Cyber Threats Research Group established that vessels are under significant threat of cyberattacks because many are carrying outdated software and were not designed with cybersecurity in mind. Traditionally, attacks on ships have included piracy, boarding and theft, and while these attacks have often been successful and continue, they are well understood. In contrast, the research says cyberattacks are stealthier, and have a range of potential implications including business disruption, financial loss, damage to reputation, damage to goods and environment, incident response cost, fines and legal issues. Cyberattacks would most likely target systems responsible for navigation, propulsion, and cargo-related functions. The study called for a fundamentally different approach to security of the entire maritime infrastructure, and that there is a great need for specific cyber security research programs focused on the maritime sector.
A dialogue among maritime stakeholders has begun and regulations are on the horizon. Since the U.S. Government Accountability Office issued its 2014 report on maritime security outlining the maritime community’s vulnerability to cyberattacks, the need for heightened information sharing and developing regulations and guidelines has been recognized. In 2015, the U.S. Coast Guard launched an initiative to understand the cyber threats facing the industry with the ultimate goal of developing cybersecurity guidelines.
Companies within the maritime industry must make it priority to protect themselves from cyber threats. While regulations are forthcoming, actions can be taken now.
About Gnostech Inc.:
Gnostech Inc. is an applied engineering and consulting company with expertise in information assurance and cybersecurity engineering, and major combat and space systems development and integration. For more information, visit www.gnostech.com, or stay connected by following us on LinkedIn or @GnostechInc on Twitter.