IMB: Guard Against Threat of Cyber Attacks

By Joseph R. Fonseca
Thursday, August 21, 2014
IMB Guard against threat of cyber attacks

 

The International Maritime Bureau (IMB) is calling for vigilance in the maritime sector as it emerges that shipping and the supply chain is the ‘next playground for hackers’.

IMB said, “Recent events have shown that systems managing the movement of goods need to be strengthened against the threat of cyber-attacks.

“It is vital that lessons learnt from other industrial sectors are applied quickly to close down cyber vulnerabilities in shipping and the supply chain.”

The threat of cyber-attacks on the sector have intensified in the past few months, with cyber security experts and the media alike warning of the dangers posed by criminals targeting carriers, ports, terminals and other transport operators.

They argue that while IT systems have become more sophisticated and thus enabling companies to better protect themselves against fraud and theft, it has also left them more vulnerable to ‘cyber criminals’.

Speaking at the TOC Container Supply Chain Europe Conference in London recently, TT Club’s insurance claims expert Mike Yarwood said, “We see incidents which at first appear to be a petty break-in at office facilities. The damage appears minimal – nothing is physically removed.”

He added; “More thorough post incident investigations however reveal that the ‘thieves’ were actually installing spyware within the operator’s IT network.”.

Yarwood said that more commonly targets are individuals’ personal devices where cyber security is less adequate.

Hackers often make use of social networks to target truck drivers and operational personnel who travel extensively to ascertain routing and overnight parking patterns. The criminals were looking to extract information such as release codes for containers from terminal facilities or passwords to discover delivery instructions.

“In instances discovered to date, there has been an apparent focus on specific individual containers in attempts to track the units through the supply chain to the destination port. Such systematic tracking is coupled with compromising the terminal’s IT systems to gain access to, or generate release codes for specific containers. Criminals are known to have targeted containers with illegal drugs in this way; however such methods also have greater scope in facilitating high value cargo thefts and human trafficking,” Yarwood revealed.

Whilst it is difficult to get hold of exact numbers and statistics, the risks should not be underestimated, and in June the US Government Accountability Office warned about the possible threats to US ports.

In a stinging report, the organisation said that the actions taken by the Department of Homeland Security and two component agencies, the US Coast Guard and Federal Emergency Management Agency, as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.

KPMG warns that hackers are the new open sea pirates. Wil Rockall a director in the organisation’s cyber security team highlights that the cyber security of maritime control systems are controlled by engineers and not chief information security officers (CISOs) or chief information officers (CIOs). Lacking security controls, these systems are vulnerable to hackers.

“Most ports and terminals are managed by industrial control systems which have, until very recently, been left out of the CIO’s scope. Historically, this security has not been managed by company CISOs and maritime control systems are very similar.

“As a consequence, the improvements that many companies have made to their corporate cyber security to address the change in the threat landscape over the past three to five years have not been replicated in these environments. Instead engineers have often been left to implement and manage these systems – people who focus normally on optimising processes efficiency and safety, not cyber and security risks. It has meant that many companies and their clients are sailing into uncharted waters when they come to try and manage these risks,” he said.

Rockall added; “We have found that one of the main blockers in improving this is a real translation problem when corporate IT security teams attempt to impose their standards on industrial control systems or maritime control systems. KPMG’s work with the operator of one of the largest fleets of crude oil and oil products tankers and liquefied natural gas carriers in the world, found that bridging that gap and coming up with pragmatic solutions to improve industrial control systems security without compromising process efficiency or safety, are vital to the success of industrial control systems cyber risk management.”
 


Maritime Security

White House: Iranian Ships' Actions in Gulf Increase Risk of Miscalculation

Actions by Iranian vessels in several encounters with U.S. warships in the Gulf this week are cause for concern and increase risks of miscalculation, the White House said on Friday.

Australia Warns DCNS after Security Breach

Australian defence officials warned French naval contractor DCNS to beef up security in Australia, where it is preparing to build a A$50 billion ($38.13 billion) fleet of submarines,

Scorpene Submarine Data Leak: Setback to Indian Navy

India has began multiple investigations to determine the extent of damage caused by the reported massive leak of secret data detailing the combat and stealth capabilities

News

White House: Iranian Ships' Actions in Gulf Increase Risk of Miscalculation

Actions by Iranian vessels in several encounters with U.S. warships in the Gulf this week are cause for concern and increase risks of miscalculation, the White House said on Friday.

Rickmers Holding, E.R. Capital Drop Merger Plan

Rickmers Holding AG and E.R. Capital Holding have jointly decided not to pursue the merger of their ship management activities.   For many years the companies

C-Job Designs Flettner Freighter for Switijnk

The Dutch shipping company family Switijnk has contracted C-Job Naval Architects to develop a Rotor Sail-equipped design to meet their specific loading and sailing profile.

Electronics

26 Hours of Information Recovered from El Faro's VDR

A group led by the U.S. National Transportation Safety Board (NTSB) has gathered information from the recovered voyage data recorder (VDR) of sunken cargo ship

e-Navigation Underway (North America) 2016

e-Navigation and the Gulf Area: meeting information needs where blue water, brown water and port facilities interact   San Jacinto College and the Seamen’s Church

Ocean Signal, AMI Marine Unveil E101V Float-Free EPIRB

Marine communications specialist Ocean Signal and VDR manufacturer AMI Marine will introduce a new float-free EPIRB with integrated voyage data recorder (VDR) memory

Maritime Safety

Danish Maritime Authority Supports Maritime Cultural Days

The Danish Maritime Authority's buoy tender ’POUL LØWENØRN’ will be alongside in Korsør in connection with the Maritime Cultural Days. The vessel will be open to visitors throughout Saturday,

ABS Makes it Safer to ‘Walk to Work’

ABS announced the publication of The ABS Guide for Certification of Offshore Access Gangways. The new Guide addresses certification for safety systems used for “walk to work” (W2W) crew transfers.

Scorpene Submarine Data Leak: Setback to Indian Navy

India has began multiple investigations to determine the extent of damage caused by the reported massive leak of secret data detailing the combat and stealth capabilities

Communication

26 Hours of Information Recovered from El Faro's VDR

A group led by the U.S. National Transportation Safety Board (NTSB) has gathered information from the recovered voyage data recorder (VDR) of sunken cargo ship

USCG Evaluates Comms Equipment in Alaska

Coast Guard Research and Development Center evaluates state-of-the-art communications equipment and Next Generation Incident Command System in Alaska   At nearly 663,

Connected Ships, Smart Data, Cybersecurity to Feature in SHIPPINGInsight

Ship connectivity, smart data and cybersecurity will be central themes on the agenda at the fifth SHIPPINGInsight Fleet Optimization Conference & Exhibition. The

Software Solutions

C-Job Designs Flettner Freighter for Switijnk

The Dutch shipping company family Switijnk has contracted C-Job Naval Architects to develop a Rotor Sail-equipped design to meet their specific loading and sailing profile.

MN100: MarineCFO

The Company: Founded in 1992, UA Business Solutions was a pioneer in the field of Enterprise Resource Planning (ERP) and an early Microsoft Partner. The ERP evolution

Fugro, US Army Corps of Engineers Ink Mapping Deal

Fugro has been awarded a photogrammetric and LIDAR surveying and mapping contract by the U.S. Army Corps of Engineers, St. Louis District, Missouri. The agreement

Logistics

Rickmers Holding, E.R. Capital Drop Merger Plan

Rickmers Holding AG and E.R. Capital Holding have jointly decided not to pursue the merger of their ship management activities.   For many years the companies

Vitol's Malaysia Terminal Suspends Ops after Spill

VTTI, the storage unit of world's largest oil trader Vitol, has suspended operations at its terminal in southern Malaysia following an oil spill, two industry sources said on Friday.

MN100: TPG Marine Enterprises, LLC

The Company: TPG Marine Enterprises, LLC is an operations, logistics and consulting company that specializes in all aspects of cargo movement on the Inland Waterways System.

 
 
Maritime Careers / Shipboard Positions Maritime Standards Naval Architecture Pipelines Pod Propulsion Port Authority Salvage Ship Electronics Shipbuilding / Vessel Construction Winch
rss | archive | history | articles | privacy | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.1223 sec (8 req/sec)