The cyber risk issue arose in the shipping industry during the last couple of years has been a new challenge for the sector to deal with. At the same time, it has been noted that the industry doesn’t implement cyber security measures that often, while focuses more on safety measures.
As Captain Rahul Khanna, Global Head of Marine Risk Consulting at AGCS stated in the past, recorded cyber incidents have increased the industry’s awareness on the importance of cyber security, but the industry has still a long way to go.
2020: Two cyber-attacks up to now
The first days of 2020 were rough for the shipping industry, as already two shipping companies have been hit by cyber attackers.
- Firstly, the London Offshore Consultants (LOC) Group stated that it was hit by cyber attackers and began an investigation. The company later ensured that it identified the attacks and was able to rapidly deal with the situation, assisted by independent cyber security experts, in order to minimize business interruption and ensure data integrity.
- Secondly, in late January the Australian transport and logistics company Toll Group informed that it deliberately shut down a number of systems across multiple sites and business units as it was a victim of a cyber-attack. The company added that after understanding that they were under attack they disabled the relevant systems and initiated a detailed investigation to understand the cause and establish measures to deal with it.
Mrs. Cynthia Hudson, CEO, Hudson Analytix in an exclusive video interview has commented that all vessels or shore systems that are connected are vulnerable to cyber-attacks, adding that Incidents will continue to be rising but as an industry, we will become more aware of them; this will make shipowners aware that they have vulnerabilities that can be expensive and embarrassing.
Hence, taking into consideration that vessels have become more vulnerable, to achieve a cyber-resilient environment within the maritime industry, it is of great importance firstly, ship operators to understand and be aware of the common cyber risks that can be detected onboard.
In this context, the UK’s National Cyber Security Centre (NCSC) has proposed technical advice to improve cyber security within an organization, which can also apply to maritime industry. The key steps are as follows:
#1 Risk Management Regime
It is crucial to implement a risk management regime in your company’s cyber security strategy. This comes in line with IMO’s new regulation, which requires all shipping companies from 2021 assess their risk exposure and develop measures to include in their Safety Management Systems to mitigate cyber threats.
#2 Secure Configuration
A strategy is needed to remove or disable unnecessary functionality systems and fix vulnerabilities that you know your systems present. This will keep you protected as vulnerabilities easily attract attackers.
#3 Home and mobile working . . . .
. . . . continue reading the article on the Safety4Sea website here