IMB: Guard Against Threat of Cyber Attacks

By Joseph R. Fonseca
Thursday, August 21, 2014
IMB Guard against threat of cyber attacks

 

The International Maritime Bureau (IMB) is calling for vigilance in the maritime sector as it emerges that shipping and the supply chain is the ‘next playground for hackers’.

IMB said, “Recent events have shown that systems managing the movement of goods need to be strengthened against the threat of cyber-attacks.

“It is vital that lessons learnt from other industrial sectors are applied quickly to close down cyber vulnerabilities in shipping and the supply chain.”

The threat of cyber-attacks on the sector have intensified in the past few months, with cyber security experts and the media alike warning of the dangers posed by criminals targeting carriers, ports, terminals and other transport operators.

They argue that while IT systems have become more sophisticated and thus enabling companies to better protect themselves against fraud and theft, it has also left them more vulnerable to ‘cyber criminals’.

Speaking at the TOC Container Supply Chain Europe Conference in London recently, TT Club’s insurance claims expert Mike Yarwood said, “We see incidents which at first appear to be a petty break-in at office facilities. The damage appears minimal – nothing is physically removed.”

He added; “More thorough post incident investigations however reveal that the ‘thieves’ were actually installing spyware within the operator’s IT network.”.

Yarwood said that more commonly targets are individuals’ personal devices where cyber security is less adequate.

Hackers often make use of social networks to target truck drivers and operational personnel who travel extensively to ascertain routing and overnight parking patterns. The criminals were looking to extract information such as release codes for containers from terminal facilities or passwords to discover delivery instructions.

“In instances discovered to date, there has been an apparent focus on specific individual containers in attempts to track the units through the supply chain to the destination port. Such systematic tracking is coupled with compromising the terminal’s IT systems to gain access to, or generate release codes for specific containers. Criminals are known to have targeted containers with illegal drugs in this way; however such methods also have greater scope in facilitating high value cargo thefts and human trafficking,” Yarwood revealed.

Whilst it is difficult to get hold of exact numbers and statistics, the risks should not be underestimated, and in June the US Government Accountability Office warned about the possible threats to US ports.

In a stinging report, the organisation said that the actions taken by the Department of Homeland Security and two component agencies, the US Coast Guard and Federal Emergency Management Agency, as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.

KPMG warns that hackers are the new open sea pirates. Wil Rockall a director in the organisation’s cyber security team highlights that the cyber security of maritime control systems are controlled by engineers and not chief information security officers (CISOs) or chief information officers (CIOs). Lacking security controls, these systems are vulnerable to hackers.

“Most ports and terminals are managed by industrial control systems which have, until very recently, been left out of the CIO’s scope. Historically, this security has not been managed by company CISOs and maritime control systems are very similar.

“As a consequence, the improvements that many companies have made to their corporate cyber security to address the change in the threat landscape over the past three to five years have not been replicated in these environments. Instead engineers have often been left to implement and manage these systems – people who focus normally on optimising processes efficiency and safety, not cyber and security risks. It has meant that many companies and their clients are sailing into uncharted waters when they come to try and manage these risks,” he said.

Rockall added; “We have found that one of the main blockers in improving this is a real translation problem when corporate IT security teams attempt to impose their standards on industrial control systems or maritime control systems. KPMG’s work with the operator of one of the largest fleets of crude oil and oil products tankers and liquefied natural gas carriers in the world, found that bridging that gap and coming up with pragmatic solutions to improve industrial control systems security without compromising process efficiency or safety, are vital to the success of industrial control systems cyber risk management.”
 

Maritime Reporter September 2014 Digital Edition
FREE Maritime Reporter Subscription
Latest Maritime News    rss feeds

News

KOTC Takes Delivery of Product Tanker Mutriba

Classification society ClassNK said it has completed work on the 31,445 GT product tanker Mutriba, built by Hyundai Mipo Dockyard Co., Ltd. (HMD) as part of a series

US Navy Orders Demonstration Craft from Willard Marine

Willard Marine, Inc. (WMI) announced it has been selected through a solicitation process to supply a demonstration model of a new, advanced combatant craft for the U.

Pink Lashings Raise Money for Breast Cancer Research

As the first Peters & May Pink Lashings shipment leaves Palma for Fort Lauderdale, the global marine transport company is calling all yacht owners to support its campaign to help raise £25,

Electronics

GOST Security System thwarts Break-in

GOST (Global Ocean Security Technologies), announced that its GOST Insight HD GPS Security System was instrumental in foiling the theft of electronics onboard a powerboat in Aventura, Florida.

Maritime Broadband Opens Office in Greece

Maritime Broadband has expanded its worldwide footprint by opening an office, Maritime Broadband Hellas, in Athens, Greece. The new office addresses the growing

Navico Acquires MARIS; Expands Portfolio

Navico Holding AS, parent company to the Simrad brand of navigational marine electronics, has reached an agreement to acquire MARIS (Maritime Information Systems A/S) from The Grieg Group.

Maritime Safety

AMSA Rescues 2 East of Darwin After Boat Sinks

The Australian Maritime Safety Authority (AMSA) coordinated the rescue of two men early this morning East of Darwin. About 4.30am AEDT this morning, AMSA detected

GOST Security System thwarts Break-in

GOST (Global Ocean Security Technologies), announced that its GOST Insight HD GPS Security System was instrumental in foiling the theft of electronics onboard a powerboat in Aventura, Florida.

USS Milius Departs on Deployment

The guided missile destroyer USS Milius (DDG 69) departed Naval Base San Diego Oct. 20 on an independent deployment to the Western Pacific and Indian Oceans.

Communication

Maritime Broadband Opens Office in Greece

Maritime Broadband has expanded its worldwide footprint by opening an office, Maritime Broadband Hellas, in Athens, Greece. The new office addresses the growing

Northrop Grumman Sponsors Maritime RobotX Challenge

Northrop Grumman Corporation is expanding its support for science, technology, engineering and math (STEM) education across the globe by sponsoring the Maritime RobotX Challenge in Singapore, Oct.

Much Activity During Danish Maritime Days

Danish Maritime Days was well visited, and there were many participants and great enthusiasm at the more than 50 events. Attendance at the many events tells that the maritime days were successful.

Software Solutions

GOST Security System thwarts Break-in

GOST (Global Ocean Security Technologies), announced that its GOST Insight HD GPS Security System was instrumental in foiling the theft of electronics onboard a powerboat in Aventura, Florida.

Northrop Grumman Sponsors Maritime RobotX Challenge

Northrop Grumman Corporation is expanding its support for science, technology, engineering and math (STEM) education across the globe by sponsoring the Maritime RobotX Challenge in Singapore, Oct.

New Bahamas Northwest Chart Set Upgrade

nv charts announces the release of its newly updated chart set for Region 9.1, Bahamas Northwest, including Bimini and Berry Islands, Nassau to Abaco, and Grand Bahama,

Logistics

Long Beach Cargo Continues to Climb

Cargo container traffic rose 7.3 percent in September at the Port of Long Beach compared to the same month last year, making for the Southern California seaport’s busiest September since 2007,

Continership Alliance Expands to US Trades

The CKYHE Alliance (COSCO, "K" LINE, Yang Ming, Hanjin Shipping, and Evergreen Line) has announced they will expand their cooperation scope to U.S. Trades and CKYHE

New Intermodal Rail Service from PortMiami

Florida East Coast Railway (FECR) and PortMiami, through a strategic alliance, are offering the Sunshine Gateway service, which includes on-dock intermodal rail capabilities.

 
 
Maritime Security Naval Architecture Navigation Offshore Oil Pipelines Pod Propulsion Salvage Ship Repair Ship Simulators Shipbuilding / Vessel Construction
rss | archive | history | articles | privacy | terms and conditions | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.2107 sec (5 req/sec)