IMB: Guard Against Threat of Cyber Attacks

By Joseph R. Fonseca
Thursday, August 21, 2014
IMB Guard against threat of cyber attacks

 

The International Maritime Bureau (IMB) is calling for vigilance in the maritime sector as it emerges that shipping and the supply chain is the ‘next playground for hackers’.

IMB said, “Recent events have shown that systems managing the movement of goods need to be strengthened against the threat of cyber-attacks.

“It is vital that lessons learnt from other industrial sectors are applied quickly to close down cyber vulnerabilities in shipping and the supply chain.”

The threat of cyber-attacks on the sector have intensified in the past few months, with cyber security experts and the media alike warning of the dangers posed by criminals targeting carriers, ports, terminals and other transport operators.

They argue that while IT systems have become more sophisticated and thus enabling companies to better protect themselves against fraud and theft, it has also left them more vulnerable to ‘cyber criminals’.

Speaking at the TOC Container Supply Chain Europe Conference in London recently, TT Club’s insurance claims expert Mike Yarwood said, “We see incidents which at first appear to be a petty break-in at office facilities. The damage appears minimal – nothing is physically removed.”

He added; “More thorough post incident investigations however reveal that the ‘thieves’ were actually installing spyware within the operator’s IT network.”.

Yarwood said that more commonly targets are individuals’ personal devices where cyber security is less adequate.

Hackers often make use of social networks to target truck drivers and operational personnel who travel extensively to ascertain routing and overnight parking patterns. The criminals were looking to extract information such as release codes for containers from terminal facilities or passwords to discover delivery instructions.

“In instances discovered to date, there has been an apparent focus on specific individual containers in attempts to track the units through the supply chain to the destination port. Such systematic tracking is coupled with compromising the terminal’s IT systems to gain access to, or generate release codes for specific containers. Criminals are known to have targeted containers with illegal drugs in this way; however such methods also have greater scope in facilitating high value cargo thefts and human trafficking,” Yarwood revealed.

Whilst it is difficult to get hold of exact numbers and statistics, the risks should not be underestimated, and in June the US Government Accountability Office warned about the possible threats to US ports.

In a stinging report, the organisation said that the actions taken by the Department of Homeland Security and two component agencies, the US Coast Guard and Federal Emergency Management Agency, as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.

KPMG warns that hackers are the new open sea pirates. Wil Rockall a director in the organisation’s cyber security team highlights that the cyber security of maritime control systems are controlled by engineers and not chief information security officers (CISOs) or chief information officers (CIOs). Lacking security controls, these systems are vulnerable to hackers.

“Most ports and terminals are managed by industrial control systems which have, until very recently, been left out of the CIO’s scope. Historically, this security has not been managed by company CISOs and maritime control systems are very similar.

“As a consequence, the improvements that many companies have made to their corporate cyber security to address the change in the threat landscape over the past three to five years have not been replicated in these environments. Instead engineers have often been left to implement and manage these systems – people who focus normally on optimising processes efficiency and safety, not cyber and security risks. It has meant that many companies and their clients are sailing into uncharted waters when they come to try and manage these risks,” he said.

Rockall added; “We have found that one of the main blockers in improving this is a real translation problem when corporate IT security teams attempt to impose their standards on industrial control systems or maritime control systems. KPMG’s work with the operator of one of the largest fleets of crude oil and oil products tankers and liquefied natural gas carriers in the world, found that bridging that gap and coming up with pragmatic solutions to improve industrial control systems security without compromising process efficiency or safety, are vital to the success of industrial control systems cyber risk management.”
 

Maritime Reporter October 2014 Digital Edition
FREE Maritime Reporter Subscription
Latest Maritime News    rss feeds

Maritime Security

Subsea Defense & the Changing Paradigm of Submarine Programs

Technology and dynamic mission profiles have driven change in the defense industry, Hydro Group Plc Managing Director Doug Whyte, explores the changing paradigm of submarine programs,

Bollinger Delivers 11th FRC to the US Coast Guard

Bollinger Shipyards, Inc. has delivered the William Trump, the 11th Fast Response Cutter (FRC) to the United States Coast Guard.   The announcement was made by Bollinger Chief Operating Officer,

US Navy Evaluating SEWIP for LCS

The U.S. Navy is evaluating a scaled-down version of the Surface Electronic Warfare Improvement Program (SEWIP) system for potential incorporation on future Littoral Combat Ships (LCS),

News

ClassNK Approves Niigata Dual-fuel Engine Design

Classification society ClassNK has granted approval to the design of the new 28AHX-DF dual-fuel engine developed by Niigata Power Systems Co., Ltd. The new engine

MacGregor Deck Equipment for Intership's Eco-bulkers

MacGregor, part of Cargotec, has secured a deck equipment contract from New Times Shipyard in China for Intership Navigation Co Ltd.'s three new 36,500 dwt laker-class bulk carriers.

W&O, LESER Partner to Deliver Safety Relief Valves

W&O, a global supplier to the marine and upstream oil and gas markets for pipe, valves and fittings, valve automation and engineered solutions, has partnered with

Electronics

From Security to Efficiency Modern Vessel Tracking

More so than many other fields of business, the maritime industry is focused on cost, which in turn gives the appearance of being conservative towards technology.

US Navy Evaluating SEWIP for LCS

The U.S. Navy is evaluating a scaled-down version of the Surface Electronic Warfare Improvement Program (SEWIP) system for potential incorporation on future Littoral Combat Ships (LCS),

New Hamburg Süd Ships to Feature Nacos Platinum Systems

L-3 SAM Electronics has announced  that, via its L-3 Marine Systems Korea subsidiary, it has been awarded a contract to provide its NACOS Platinum navigation, automation and control system,

Maritime Safety

W&O, LESER Partner to Deliver Safety Relief Valves

W&O, a global supplier to the marine and upstream oil and gas markets for pipe, valves and fittings, valve automation and engineered solutions, has partnered with

Marine Insurance & the “Human Factor”

Insurance underwriters of diversified maritime exposures see a wide variety of approaches taken by vessel operators to manage human error to control risk. They

MSC Approves SOLAS Amendments

SOLAS amendments to make IGF Code mandatory approved by Maritime Safety Committee   The International Maritime Organization’s (IMO) Maritime Safety Committee (MSC),

Software Solutions

Glosten Designing Vigor’s Alaska Class Ferries

Glosten using Nupas-Cadmatic software for Vigor’s Alaska Class Ferry project   Seattle-based naval architecture consultancy Glosten has joined the list of North

New Hamburg Süd Ships to Feature Nacos Platinum Systems

L-3 SAM Electronics has announced  that, via its L-3 Marine Systems Korea subsidiary, it has been awarded a contract to provide its NACOS Platinum navigation, automation and control system,

Transas Launches Web Map Service

Transas Marine has launched Transas Web Map Service (WMS)to provide transparent and easy access to navigation charts through common interface. Access to comprehensive

Logistics

Fednav Celebrates Anniversary Trio in Cleveland

Fednav Limited held a reception on board one of its vessels, the Federal Mayumi, at the Port of Cleveland yesterday to celebrate a trio of anniversaries: the 70th

Night Moves on America's Waterways

Overnight operations are certainly not unusual on America’s inland waterways, but that doesn’t make them any less hazardous. Onboard activities that seem so straightforward

CMA CGM Acquires OPDR

The CMA CGM Group has acquired the German shipping company Oldenburg-Portugiesische Dampfschiffs-Rhederei GmbH & Co. KG (OPDR), CMA CGM founder, chairman and CEO Jacques R.

 
 
Maritime Careers / Shipboard Positions Maritime Contracts Maritime Security Maritime Standards Naval Architecture Pipelines Salvage Ship Repair Shipbuilding / Vessel Construction Winch
rss | archive | history | articles | privacy | terms and conditions | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.1687 sec (6 req/sec)