IMB: Guard Against Threat of Cyber Attacks

By Joseph R. Fonseca
Thursday, August 21, 2014
IMB Guard against threat of cyber attacks

 

The International Maritime Bureau (IMB) is calling for vigilance in the maritime sector as it emerges that shipping and the supply chain is the ‘next playground for hackers’.

IMB said, “Recent events have shown that systems managing the movement of goods need to be strengthened against the threat of cyber-attacks.

“It is vital that lessons learnt from other industrial sectors are applied quickly to close down cyber vulnerabilities in shipping and the supply chain.”

The threat of cyber-attacks on the sector have intensified in the past few months, with cyber security experts and the media alike warning of the dangers posed by criminals targeting carriers, ports, terminals and other transport operators.

They argue that while IT systems have become more sophisticated and thus enabling companies to better protect themselves against fraud and theft, it has also left them more vulnerable to ‘cyber criminals’.

Speaking at the TOC Container Supply Chain Europe Conference in London recently, TT Club’s insurance claims expert Mike Yarwood said, “We see incidents which at first appear to be a petty break-in at office facilities. The damage appears minimal – nothing is physically removed.”

He added; “More thorough post incident investigations however reveal that the ‘thieves’ were actually installing spyware within the operator’s IT network.”.

Yarwood said that more commonly targets are individuals’ personal devices where cyber security is less adequate.

Hackers often make use of social networks to target truck drivers and operational personnel who travel extensively to ascertain routing and overnight parking patterns. The criminals were looking to extract information such as release codes for containers from terminal facilities or passwords to discover delivery instructions.

“In instances discovered to date, there has been an apparent focus on specific individual containers in attempts to track the units through the supply chain to the destination port. Such systematic tracking is coupled with compromising the terminal’s IT systems to gain access to, or generate release codes for specific containers. Criminals are known to have targeted containers with illegal drugs in this way; however such methods also have greater scope in facilitating high value cargo thefts and human trafficking,” Yarwood revealed.

Whilst it is difficult to get hold of exact numbers and statistics, the risks should not be underestimated, and in June the US Government Accountability Office warned about the possible threats to US ports.

In a stinging report, the organisation said that the actions taken by the Department of Homeland Security and two component agencies, the US Coast Guard and Federal Emergency Management Agency, as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.

KPMG warns that hackers are the new open sea pirates. Wil Rockall a director in the organisation’s cyber security team highlights that the cyber security of maritime control systems are controlled by engineers and not chief information security officers (CISOs) or chief information officers (CIOs). Lacking security controls, these systems are vulnerable to hackers.

“Most ports and terminals are managed by industrial control systems which have, until very recently, been left out of the CIO’s scope. Historically, this security has not been managed by company CISOs and maritime control systems are very similar.

“As a consequence, the improvements that many companies have made to their corporate cyber security to address the change in the threat landscape over the past three to five years have not been replicated in these environments. Instead engineers have often been left to implement and manage these systems – people who focus normally on optimising processes efficiency and safety, not cyber and security risks. It has meant that many companies and their clients are sailing into uncharted waters when they come to try and manage these risks,” he said.

Rockall added; “We have found that one of the main blockers in improving this is a real translation problem when corporate IT security teams attempt to impose their standards on industrial control systems or maritime control systems. KPMG’s work with the operator of one of the largest fleets of crude oil and oil products tankers and liquefied natural gas carriers in the world, found that bridging that gap and coming up with pragmatic solutions to improve industrial control systems security without compromising process efficiency or safety, are vital to the success of industrial control systems cyber risk management.”
 

Maritime Reporter May 2015 Digital Edition
FREE Maritime Reporter Subscription
Latest Maritime News    rss feeds

Maritime Security

Libyan War Plane Bombs another Tanker

A fighter jet operated by Libya's military force backed attacked an oil tanker that was about to anchor in the northern city of Sirte, reports local media.   Lt Gen.

US Navy Submarine to be Named USS New Jersey

The U.S. Navy's next Virginia-class attack submarine will bear the name USS New Jersey, says AP reports.   U.S. Secretary of the Navy Ray Mabus hosted a ship-naming

USS George Washington Completes Carrier Qualifications

Carrier Air Wing (CVW) 5 and the Nimitz-class aircraft carrier USS George Washington (CVN 73) completed its carrier qualifications (CQ), May 23. CQ allows

News

Dortmund Port's Throughput Up

In 2014, Dortmund’s combined goods throughput on ships and trains amounted to 5.7 million tonnes, compared to 5.3 in the previous year. 2.9 million tonnes (+600,000) of this was ship related.

Baltic Mercur II makes maiden voyage to Antwerp

This week Atlantic Ro-Ro Carriers (ARRC) celebrates the maiden voyage of the Baltic Mercur II via the port of Antwerp as part of their regular transatlantic service to the US Gulf.

USCG Provides Safety Tips to Paddlesports Enthusiasts

As the boating season unofficially begins, the 9th Coast Guard District is reminding paddlesport enthusiasts to take precautions to ensure safe trips and increase

Electronics

Huawei Bags MCT Submarine Cable Contract

Huawei Marine has signed a system design and construction agreement with a consortium comprising Telekom Malaysia Berhad, Symphony Communication and Telcotech

K-Sim Engine Chosen for Malaysia's Defense University

The National Defense University of Malaysia has selected Kongsberg Maritime’s Engine Room Simulator platform K-Sim Engine for its facility in Kuala Lumpur. The contract,

NAVTOR AS, Nautic AB Launch Complete Navigation Solution

E-navigation specialist NAVTOR has joined forces with Nautic AB, a provider of navigational equipment, charts and publications to the Swedish market, to launch NAVTOR NAUTIC AB.

Maritime Safety

USCG Provides Safety Tips to Paddlesports Enthusiasts

As the boating season unofficially begins, the 9th Coast Guard District is reminding paddlesport enthusiasts to take precautions to ensure safe trips and increase

Wärtsilä's' Propulsion for Use with US Compliant ELA

Wärtsilä has developed propulsion systems that are capable of operating with Environmentally Acceptable Lubricants (EALs) and comply with the US Vessel General Permit 2013 (VGP-2013).

USS George Washington Completes Carrier Qualifications

Carrier Air Wing (CVW) 5 and the Nimitz-class aircraft carrier USS George Washington (CVN 73) completed its carrier qualifications (CQ), May 23. CQ allows

Communication

Huawei Bags MCT Submarine Cable Contract

Huawei Marine has signed a system design and construction agreement with a consortium comprising Telekom Malaysia Berhad, Symphony Communication and Telcotech

KPCT Launches New Gulf Service

Containerized volumes are steadily increasing on the East Coast of India. Keeping pace with the growth, Krishnapatnam Port Co. Ltd. (KPCT) now offers a new service to the Gulf sector.

Inmarsat 3rd Global Xpress Satellite's Launch Delayed

Inmarsat has provided an initial update on the launch schedule for Inmarsat-5 F3 (I-5 F3) following the failure of the preceding Proton Breeze M launch from

Software Solutions

LR Establishes Applied Technology Group

Lloyd’s Register establishes the Applied Technology Group, centered around the activities of Martec Limited   The Applied Technology Group (ATG) describes is

SSI to Showcase New Software at Nor-Shipping

SSI informs it will showcase the latest versions of its CAD/CAM software, ShipConstructor and EnterprisePlatform, at Nor-Shipping 2015, June 2-5. SSI CEO Darren

Globavista Launch Software Product Update

Globavista drives greater efficiency in vessel fleets by providing enhanced operational intelligence to fleet managers with new software product updates, the developer announced.

Logistics

Dortmund Port's Throughput Up

In 2014, Dortmund’s combined goods throughput on ships and trains amounted to 5.7 million tonnes, compared to 5.3 in the previous year. 2.9 million tonnes (+600,000) of this was ship related.

Dubai Establishes Maritime Arbitration Centre

The Dubai Maritime City Authority (DMCA) is in the final stages of completing the rules for the first maritime arbitration centre in the Middles East: the Emirates

Gener8 Maritime to Go Public

Private equity-backed tanker operator Gener8 Maritime filed with the U.S. Securities and Exchange Commission (SEC) to proceed with an initial public offering worth up to $100m.

 
 
Maritime Careers / Shipboard Positions Maritime Contracts Maritime Security Pipelines Pod Propulsion Port Authority Salvage Ship Electronics Ship Simulators Winch
rss | archive | history | articles | privacy | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.1714 sec (6 req/sec)