The maritime industry is vast, critical to the global economy and increasingly dependent on technology. In our latest research report MDR Cyber take a look at the changing nature of cyber threats to this sector, the dynamic nature of risks to vessels and an evolving regulatory environment. Our team's most recent research report "Stormy Seas Ahead" shows an industry that is underprepared to deal with cyber-security issues and offers practical cyber security advice to help professionals navigate these choppy waters. See below for some of the major findings of the new report.
There is a reliance on technology which has created greater cyber risks
The maritime industry is of huge global economic importance and is now characterised by a heavy reliance on shipborne technologies for navigation, container tracking, and a host of other business operations. Although technology has revolutionised safety and efficiency in shipping, it has also created vulnerabilities in safety and operations.
The nature of the cyber threat is changing and bringing with it new concerns
The developing threat landscape includes the potential for ships to be exposed to cyber-attacks from nation-states, criminals, online activists and even pirates. As well as conducting intelligence gathering against maritime companies, there is evidence that nation-states are testing offensive cyber techniques to disrupt shipping operations. While the maritime industry have been affected by typical cyber threats such as malware and fraud, there have also been examples of direct targeting of port systems by organised crime groups and pirates using stolen data to target ships with valuable targets.
For example, with regions of West Africa increasingly a focus for the oil and gas industry, its coastal areas are experiencing a steep rise in petro-piracy and cyber-enabled attacks are possible in the near future.
As well as threats that face many other industries, such as those affecting IT systems and back office functions, increasingly mariners are nervous about the prospect of attacks against "operational technology", the systems which monitor and control many of the functions of vessels such as navigation or power.
Looking to the future, there is growing concern of the possibility and impact of more sophisticated threats affecting shipborne technology.
Vessels have unique cyber risks depending on a number of factors
Unique to the industry, ships have an ever-changing risk profile due to a number of factors including the cargo they carry, their geographical location and the experience of the crew on-board.
"Carrying a cargo of fish in the English Channel carries with it a very different risk than carrying hydrocarbons through the Strait of Malacca."
For example, luxury superyachts are appealing targets for pirates and hijackers due to the presence of ultra-high net-worth individuals while cargo ships carrying hydrocarbons are at risk of disruption by attacks against cargo systems.
Looking to the future, autonomous shipping and a lack of crew to take local control of issues will complicate the handling of any cyber-security incidents that arise; controls and remediation plans will need to address this aspect of potential incidents.
Leaders need to be better informed or risks and what may lie ahead
Our findings show that given the threat landscape, leaders in the maritime industry need to better inform themselves of what the risks are, and what may lie ahead. They also need to be aware of regulation governing cyber-security management, and take key steps to protect their assets from risks.
To read our full report click here.