Maritime industry is easy meat for cyber criminals

To hackers’ delight, merchant vessels that transfer about ninety percent of the world’s cargo heavily depend on automation and remote monitoring systems with poor IT security.

Merchant vessels are continuously becoming bigger and getting more electronic systems. Seafarers often depend on technology data more than their own skills, knowledge, and senses. Crews are becoming smaller as computer systems are being used for navigation, as well as for rapid unloading, handling, and tracking of goods at ports. Unfortunately, these systems are also highly vulnerable to cyber threats.

Maritime industry is easy meat for cyber criminals

Victims often try to keep successful hacks a secret. The reason for this is that the maritime companies value their reputation more than the money they actually lose. Also, cyber criminals are stealthy and in many cases companies are unaware they have been hacked.

Ninety percent of the world’s freight goes by sea. Each hack can cost millions of dollars to ship owners, and in some circumstances even wrack the national economy. Breaking into key container terminals, criminals can bring down the operation of regional and national supply chains. E.g., the British government has revealed that cyber attacks cost the UK oil and gas industry about 400 million pounds ($672 million) a year.

Researchers have discovered security holes in key vessels technologies: GPS, marine Automatic Identification System (AIS) and Electronic Chart Display and Information System (ECDIS), used for viewing digital nautical charts. Another problem is that in cases of an onboard device hack, many sailors are not ready to manage it. For instance, a GPS break can send a ship off-course while making her appear to be on-course. This can lead to collision and delay in freight delivery.

In 2010, a drilling rig was tilted from its construction site in South Korea towards South America. The vessel’s computers and control systems were riddled with viruses. Identifying the hack and fixing it took 19 days. There were other similar incidents including the one recently reported by Reuters: A floating oil rig had to shut down for a week before the issue was cleared out because there were no cyber security professionals onboard.

In august 2011, hackers penetrated the servers of IRISL, Iranian Shipping Line, damaging data with rates, loading, cargo numbers, delivery dates and places. Nobody could specify the location of certain containers. A considerable amount of cargo was delivered to the wrong destinations or even lost.

In 2012 hackers, working for a criminal syndicate, compromised the cargo system controlled by the Australian Customs and Border Protection Service agency. Cyber criminals wanted to know which shipping containers were suspected by the police or customs authorities. With this data they’d know if they needed to abandon particular containers with contraband cargo.

In late 2013, the Port of Antwerp was in the spotlight. Presumably for two years it had been the victim of an APT attack organized by a drug cartel. In June 2011, hackers had compromised and gained control over the terminal systems.

They released containers to their own truckers without knowledge of the port authorities and then removed information about contraband containers from all databases. When police uncovered the case, they also discovered a ton of cocaine, guns, and more than 1.3 million Euro in a suitcase, and those were just the tip of the iceberg.

In 2014-2015, security firms tackled the problem, revealing a number of vulnerabilities from specific fishing operations aiming at maritime companies to unpatched Coast Guard IT systems.

By now, everyone understands that the maritime industry is vulnerable to hacker attacks. Fortunately, both motivation and money are already available to solve this huge array of problems. Unfortunately, the industry is way too big to solve all the issues with a snap of their fingers.