IMB: Guard Against Threat of Cyber Attacks

By Joseph R. Fonseca
Thursday, August 21, 2014
IMB Guard against threat of cyber attacks

 

The International Maritime Bureau (IMB) is calling for vigilance in the maritime sector as it emerges that shipping and the supply chain is the ‘next playground for hackers’.

IMB said, “Recent events have shown that systems managing the movement of goods need to be strengthened against the threat of cyber-attacks.

“It is vital that lessons learnt from other industrial sectors are applied quickly to close down cyber vulnerabilities in shipping and the supply chain.”

The threat of cyber-attacks on the sector have intensified in the past few months, with cyber security experts and the media alike warning of the dangers posed by criminals targeting carriers, ports, terminals and other transport operators.

They argue that while IT systems have become more sophisticated and thus enabling companies to better protect themselves against fraud and theft, it has also left them more vulnerable to ‘cyber criminals’.

Speaking at the TOC Container Supply Chain Europe Conference in London recently, TT Club’s insurance claims expert Mike Yarwood said, “We see incidents which at first appear to be a petty break-in at office facilities. The damage appears minimal – nothing is physically removed.”

He added; “More thorough post incident investigations however reveal that the ‘thieves’ were actually installing spyware within the operator’s IT network.”.

Yarwood said that more commonly targets are individuals’ personal devices where cyber security is less adequate.

Hackers often make use of social networks to target truck drivers and operational personnel who travel extensively to ascertain routing and overnight parking patterns. The criminals were looking to extract information such as release codes for containers from terminal facilities or passwords to discover delivery instructions.

“In instances discovered to date, there has been an apparent focus on specific individual containers in attempts to track the units through the supply chain to the destination port. Such systematic tracking is coupled with compromising the terminal’s IT systems to gain access to, or generate release codes for specific containers. Criminals are known to have targeted containers with illegal drugs in this way; however such methods also have greater scope in facilitating high value cargo thefts and human trafficking,” Yarwood revealed.

Whilst it is difficult to get hold of exact numbers and statistics, the risks should not be underestimated, and in June the US Government Accountability Office warned about the possible threats to US ports.

In a stinging report, the organisation said that the actions taken by the Department of Homeland Security and two component agencies, the US Coast Guard and Federal Emergency Management Agency, as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.

KPMG warns that hackers are the new open sea pirates. Wil Rockall a director in the organisation’s cyber security team highlights that the cyber security of maritime control systems are controlled by engineers and not chief information security officers (CISOs) or chief information officers (CIOs). Lacking security controls, these systems are vulnerable to hackers.

“Most ports and terminals are managed by industrial control systems which have, until very recently, been left out of the CIO’s scope. Historically, this security has not been managed by company CISOs and maritime control systems are very similar.

“As a consequence, the improvements that many companies have made to their corporate cyber security to address the change in the threat landscape over the past three to five years have not been replicated in these environments. Instead engineers have often been left to implement and manage these systems – people who focus normally on optimising processes efficiency and safety, not cyber and security risks. It has meant that many companies and their clients are sailing into uncharted waters when they come to try and manage these risks,” he said.

Rockall added; “We have found that one of the main blockers in improving this is a real translation problem when corporate IT security teams attempt to impose their standards on industrial control systems or maritime control systems. KPMG’s work with the operator of one of the largest fleets of crude oil and oil products tankers and liquefied natural gas carriers in the world, found that bridging that gap and coming up with pragmatic solutions to improve industrial control systems security without compromising process efficiency or safety, are vital to the success of industrial control systems cyber risk management.”
 

Maritime Reporter November 2014 Digital Edition
FREE Maritime Reporter Subscription
Latest Maritime News    rss feeds

Maritime Security

Fighting for Ports Escalates in Libya

Military planes loyal to Libya's recognised government attacked on Sunday an opposing force that is seeking to seize the country's two biggest oil ports, officials said.

Security Threat in Yemen Shuts CNOOC's Nexen Facility

CNOOC Ltd's Nexen unit is shutting operations at an oil field and processing facility in Yemen due to a security threat, a Nexen spokeswoman said on Sunday.   The

Damen Outfitting First of Nine Bahamas Patrol Boats

The first of nine Damen Stan Patrol 3007s ordered by the Royal Bahamas Defense Force has arrived at Damen Shipyards Gorinchem in the Netherlands for outfitting.

News

Teekay Petrojarl Contracts Damen for FPSO Upgrade

Damen Shiprepair Rotterdam (DSR), part of Damen Shiprepair & Conversion (DSC), has been awarded an EPC contract by Petrojarl I LLC for the upgrade of its FPSO Petrojarl I.

NSRP Awards $11m for R&D Project Portfolio

The Executive Control Board of the National Shipbuilding Research Program (NSRP) has selected a new round of research and development projects for award, as part

Sekimizu Welcomes Shipper’s Revised Stance on Ballast Water

IMO Secretary-General Koji Sekimizu has welcomed the reconsideration by the International Chamber of Shipping (ICS) of its position towards the ratification by

Electronics

Transas Upgrades Simulator Complex in Batumi

The presidents of Georgia and Latvia open the Batumi State Maritime Academy renovated training center powered by the Transas simulators On November 27, 2014, President

Lowrance Renews Insight Genesis College Cup

Lowrance®, a world-leading brand in fishing electronics since 1957— announced today the renewal of its Insight Genesis™ College Cup. In its second year, the

NMEA Updates Installation Standards

2014 edition of NMEA 0400, Version 4.00 features extensive updates and new information   The National Marine Electronics Association (NMEA) has published Edition 2014, Version 4.

Maritime Safety

S.O.S. Written on Hawaii Beach Prompts Rescue

A swimmer in distress was rescued by a U.S. Coast Guard (USCG) helicopter after being swept out to sea near Hanakapiai Beach, Kauai, Friday.   A MH-65 Dolphin

Video: Crewman Medevaced from Oil Tanker

The U.S. Coast Guard (USCG) medevaced a Filipino crewmember from a tanker 23 miles south of Southwest Pass, Sunday.   Watchstanders with Coast Guard Sector New

Ship Recycling Experts Gather in Tokyo

Top ship recycling experts from around the globe gathered in Tokyo on December 10 at the ClassNK Ship Recycling Seminar to discuss the latest updates to the EU

Communication

Lowrance Renews Insight Genesis College Cup

Lowrance®, a world-leading brand in fishing electronics since 1957— announced today the renewal of its Insight Genesis™ College Cup. In its second year, the

NRL Researchers Demo Ship-to-Shore Data Link

Scientists at the U.S. Naval Research Laboratory (NRL) along with Mercury Continuity (MC) have demonstrated the Tactical Reachback Extended Communications (TREC) system in the port of Miami.

Maritime Reporter @ 75: The Daily Cartoon

Maritime Reporter & Engineering News was founded by John J. O'Malley (1905-1980) in 1939, and today ranks as the world's largest audited trade publication in the world serving the maritime industry,

Software Solutions

K Line to Expand Use of Eco-efficiency Software

Three further K Line vessels to install ClassNK-NAPA GREEN eco-efficiency software after reporting fuel savings during trials on an 8,600 TEU container vessel   NAPA

Breakthrough Capability Keeps Subs, Ships Safe

Interactive software that can dramatically cut the time it takes to plan safe submarine missions is crossing over to the surface fleet and is being installed

Lloyd's Register Foundation Funds Big Data Study

The Lloyd’s Register Foundation today launched its Foresight review of big data and announced a conditional grant offer of £10 million to support research by

Logistics

Marseille Fos Unveils Multimillion Growth Strategy

The Marseille Fos port authority has set out a vision for growth over the four years to 2018 in a strategic plan that puts developments costing $560 million at

Young Endeavour Sets Sail on World Voyage

The Royal Australian Navy operated Sail Training Ship Young Endeavour set sail from Sydney today for a 12-month voyage, circumnavigating the globe. Parliamentary

Port Workers in Argentine Grain Hub End Strike

Port workers in part of the Argentine grains hub of Rosario lifted a work stoppage on Friday, only a day after they went on strike over demands for higher year-end bonuses, a union official said.

 
 
Maritime Careers / Shipboard Positions Maritime Security Maritime Standards Pipelines Pod Propulsion Port Authority Salvage Ship Electronics Ship Simulators Winch
rss | archive | history | articles | privacy | terms and conditions | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.3033 sec (3 req/sec)