Van AalstViganTOC Europe 2023The Wolfson Centre for Bulk Solids Handling Technology CimbriaPort of Stockton
  • Telestack
  • Sailors Society
  • The Wolfson Centre for Bulk Solids Handling Technology
  • Port of South Louisiana
  • TBA Group
  • Cimbria

Cyber-attacks up 900% in three years

(Posted on 22/07/20)

Cyber-attacks on the maritime industry’s operational technology (OT) systems have increased by 900% over the last three years with the number of reported incidents set to reach record volumes by year end.

Addressing port and terminal operators during an online forum last week, Robert Rizika, Naval Dome’s Boston-based Head of North American Operations, explained that in 2017 there were 50 significant OT hacks reported, increasing to 120 in 2018 and more than 310 last year. He said this year is looking like it will end with more than 500 major cyber security breaches, with substantially more going unreported.

Speaking during the 2020 Port Security Seminar & Expo, a week-long virtual conference organised by the American Association of Port Authorities, Rizika said that since NotPetya – the virus that resulted in a US$300 million loss for Maersk – “attacks are increasing at an alarming rate”.

Recalling recent attacks, he told delegates that in 2018 the first ports were affected, with Barcelona, then San Diego falling under attack. Australian shipbuilder Austal was hit and the attack on COSCO took down half of the shipowner’s US network.

He said this year a US-based gas pipeline operator and shipping company MSC have been hit by malware, of which the latter incident shut down the shipowner’s Geneva HQ for five days. A US-based cargo facility’s operating systems were infected with the Ryuk ransomware, and last month the OT systems at Iran’s Shahid Rajee port were hacked, restricting all infrastructure movements, creating a massive back log.

Reports of this attack have gone some way in raising public awareness of the potential wider impact of cyber threats on ports around the world. Intelligence from Iran, along with digital satellite imagery, showed the Iranian port in a state of flux for several days. Dozens of cargo ships and oil tankers waiting to offload, while long queues of trucks formed at the entrance to the port stretching for miles, according to Naval Dome.

Emphasising the economic impact and ripple effect of a cyber-attack on port infrastructures, Rizika revealed that a report published by Lloyd’s of London indicated that if 15 Asian ports were hacked financial losses would be more than US$110 billion, a significant amount of which would not be recovered through insurance policies, as OT system hacks are not covered.

Going on to explain which parts of the OT system – the network connecting RTGs, STS cranes, traffic control and vessel berthing systems, cargo handling and safety and security systems, etc., – are under threat, Rizika said all of them.

“Unlike the IT infrastructure, there is no “dashboard” for the OT network allowing operators to see the health of all connected systems. Operators rarely know if an attack has taken place, invariably writing up any anomaly as a system error, system failure, or requiring restart.

“They don’t know how to describe something unfamiliar to them. Systems are being attacked but they are not logged as such and, subsequently, the IT network gets infected,” Rizika explained.

“What is interesting is that many operators believe they have this protected with traditional cyber security, but the fire walls and software protecting the IT side, do not protect individual systems on the OT network,” he said.

An example would be the installation of an antivirus system on a vessel bridge navigation system (ECDIS) or, alternatively, a positioning system in a floating rig DP (Dynamic Positioning), or on one of the dock cranes on the pier side of the port.

“The antivirus system would very quickly turn out to be non-essential, impairing and inhibiting system performance. Antivirus systems are simply irrelevant in places where the attacker is anonymous and discreet,” he said.

Latest News

Wärtsilä and Berge Bulk complete first inline shaft generator retrofit

(Posted on 08/02/23)

The technology group Wärtsilä has successfully retrofitted an inline shaft generator system... Read more


Columbia’s plans for digital platform to boost vessel performance

(Posted on 08/02/23)

The operational performance of a vessel is set to be boosted with an innovative new digital solution... Read more


Amer Shipping orders two bulk carriers from Concordia Damen

(Posted on 06/02/23)

Inland shipping construction yard Concordia Damen will deliver two 'CDS Dry Cargo 110' vessels to Amer... Read more


Swedish Club’s A- Rating reaffirmed

(Posted on 06/02/23)

A.M.Best Ratings Services Ltd has affirmed its Financial Strength Rating of A- (Excellent) and the Long... Read more


ClassNK issues AiP for jointly developed ammonia fuelled bulk carrier

(Posted on 27/01/23)

ClassNK has issued an Approval in Principle (AiP) for a large ammonia fuelled 210,000 DWT bulk carrier... Read more


Baltic Exchange: Will higher steel values mean bulkers hold value?

(Posted on 27/01/23)

Investors in middle aged dry bulk tonnage may be cheered by the impact of sustained higher recycled... Read more


NI survey into Straits of Malacca and Singapore shipping traffic

(Posted on 27/01/23)

As one of the most important strategic maritime passages in the world, linking the Indian and Pacific... Read more


Ship managers OSM and Thome agree to merge

(Posted on 23/01/23)

OSM Maritime Group and Thome Group have agreed to a merger of the two companies. By joining forces,... Read more


Swedish Club announces key management moves

(Posted on 23/01/23)

In a pivotal move aimed at further strengthening The Swedish Club’s long-term position in the... Read more


Danica Crewing Specialists adds Indian seafarers to crew pool

(Posted on 16/01/23)

International crewing expert Danica Crewing Specialists now has a presence in Mumbai, boosting its recruitment... Read more


TBA GroupPort of South LouisianaSailors SocietyBühler GmbHTelestack
  • Bühler GmbH
  • TOC Europe 2023
  • Port of Stockton

Subscribe to our newsletter

Keep up to date with the latest global news in bulk cargo handling and shipping