Navigating Cyber Risk At Sea
The maritime sector is not immune from the every day cyber risks that other transport industry sectors experience. with a high reliance on technology giving rise to similar cyber risk profiles and the ensuing threats vectors.
Ships that are now built rely on software to run their engines and GPS navigational systems to move from A to B, the impact therefore of a cyber attack from a hacker has the potential to cause severe disruption to the running of the ship.
There is an apparent lack of under reporting of cyber attacks in the shipping world with the true extent of cyber attacks not yet really known.
Cyber risk does not only exist at sea , cargo handling and container tracking at ports are also very dependent on technology which forms part of the cyber threat landscape that ships face.
To help this sector manage safety and security The International Maritime Organization, a United Nations agency released a set of draft guidelines on maritime cyber risk management which identified the following key areas:-
- Identify: Definition of the roles and responsibilities for cyber risk management of individuals in order to assess cyber risks
- Protect: The implementation of risk control processes to manage cyber attacks
- Detect: The installation of systems to detect new and existing cyber risks
- Respond: Procedures in place to provide cyber resilience and the ability to restore computer systems
- Recover: Effective recovery procedures to back up and restore shipping operations
http://www.imo.org/en/MediaCentre/HotTopics/piracy/Pages/default.aspx
Possible Types of Cyber Threats
1.Hackers accessing a shipping management systems so that data can be accessed providing details of future shipments and route.
2.Hackers utilizing a GPS system to direct a ship to unsafe waters which may lead to an attack from pirates so that cargo can be stolen
3.Cyber terrorist hacking into a cruise ships’ navigation system in order to cause loss of life or some form of physical damage to the ship.
4.Curtailment of a transportation ship by hackers accessing navigational systems and delaying the ship in reaching it destination and causing goods to perish.
5.The hijacking of a oil tanker via its GPS system by a hacker which leads to the tanker being taken to a different destination.
6. The cyber extortion of ships’ navigational systems that paralyzes it therefore making it is unable to move or reach its’ end destination.
The emerging cyber threat of the Internet of Things is also an new area of concern that will become more prevalent in the coming years.
Can Insurance Help?
The majority of Marine Insurance policies include a cyber attack exclusion clause which is likely to lead to the sector considering the purchase of a stand alone specific cyber insurance policy which will address a number of the associated cyber risks that the maritime sector faces.
It must be stressed that insurance is only part of the process of the cyber risk management process and should be treated as such.
Image : Shutterstock