Maritime Cybersecurity: A Rising Tide Lifts all Boats – Security Intelligence
Ports and ships — the maritime industry — are vital points in the global supply chain for food, medicine, consumer goods, fuel and many other products. Most of the world’s globally traded goods travel by sea. That’s why maritime security is key for supply chain security. Meanwhile, maritime cybersecurity faces threats at multiple places, including ports, communications systems and ships themselves.
Potential cyber attacks on maritime infrastructure are familiar types: phishing, malware, social engineering, brute force, denial of service, ransomware and others. What’s different is the unique placement of the targets.
Ships Rely on Digital Tools
Ships often rely on digital tools to function, many of which are automated. Even ship compasses are digital and depend on a mix of gyroscopes and GPS. All these systems could be at risk for a digital attack. Dependence on GPS puts shipping at risk because attackers can spoof or jam GPS signals.
More than most industries, maritime infrastructure tends to be old and complicated, further hampering marine cybersecurity.
Is There an IT Worker on the Ship?
Another risk factor people don’t talk about enough is the absence of IT people on ships. A ship is like a building packed with computer systems, servers and electronics. Yet, out at sea, the crew is on their own in managing these systems and dealing with breaches.
A digital attack could control or shut down a ship or drive it off-course, causing a crash. Some ships have dangerous cargo, such as explosive fuel, in large quantities.
Ports are also heavily dependent upon complex digital network logistics management systems. Some of these systems track every container on every ship. In the past, attackers have been able to delay, erase the knowledge of, redirect and steal actual cargo. They could abuse access to data on the location of cargo in a ransomware attack, or lock records.
The most likely risk is that digital attacks, through any number of possible attack types, delay shipping. That costs millions or billions of dollars to shipping companies, ports or shipping customers.
Maritime Cybersecurity Attacks Increasing
Attacks targeting maritime information systems are on the rise. In the first few months of the pandemic, attempted cyber attacks rose by 400%. We can expect this trend to continue, with rising attacks on ships and ports.
Attackers targeted the Port of Houston this year in a suspected nation-state attack, an event that raised the urgency …….
Source: https://securityintelligence.com/articles/maritime-cybersecurity-rising-tide/