Ransomware attacks highlight marine cyber risks

CERT-LatestNews Malware Security News ThreatsCybercrime Uncategorized

With over 90% of the world’s trade being carried by sea, insurance industry analysts warn that the shipping industry is a prime target for cyber attack.

Last month, a division of Danish transport company A.P. Moller-Maersk was hit by a cyber attack that affected several port terminals, including in the United States, India, Spain and the Netherlands.

The computer virus, which researchers are calling Petya, began in Ukraine and affected companies in dozens of countries. Maersk said the attack had caused outages at its computer systems across the world.

“The modern-day pirate is no longer going to walk onto a ship with a gun,” said Luis Gazitua, a partner at JAG Insurance Group in Coral Gables, Florida. “Now there are two guys behind a computer who can shut down a grid and shut down shipping routes.”

People may have believed the shipping industry didn’t have a cyber exposure, Mr. Gazitua said, “but the truth is everybody has cyber exposure.”

“Everybody’s connected to the internet,” he said.

Sean Donahue, New York-based senior underwriter for cyber and technology with XL Group Ltd., which does business as XL Catlin, agreed, noting that rather than just physical attacks on the high seas, “now it’s coming on a cyber security landscape.”

“It is a very serious issue for everybody,” Mr. Donahue said, “including the shipping industry due to the supply chain effects they can have on the world.”

Stefan Toi, senior broker with Aon’s professional risk solutions group in New York, said that “ransomware is pretty rampant across the globe right now, and what ransomware has the ability to do is to impair the operational functionality of every industry — shipping and logistics being no exception to that.”

“The airline industry certainly has been hit pretty hard this year,” Mr. Toi said. “Booking systems go down and the airline can no longer issue tickets, check in passengers, and it prohibits them from flying.”

On July 5, a joint industry group released the second edition of “The Guidelines on Cyber Security Onboard Ships,” international shipping association BIMCO said.

“The chapters on ‘contingency planning’ and ‘responding to and recovering from cyber incidents’ have been rewritten to reflect the fact that the guidelines are aimed specifically at ships and the remote conditions prevailing if a ship’s defenses have been breached,” said in a statement. 

A new subchapter on insurance has been added, looking at coverage after a cyber incident, BIMCO said. The guidelines are aligned with the recommendations given in the International Maritime Organization’s guidelines on cyber risk management which were adopted in June.

The Maritime Safety Committee met in June at the IMO’s London headquarters, and an IMO spokeswoman said the committee adopted a resolution on maritime cyber risk management in safety management systems that “reminds stakeholders that the mandatory International Safety Management (ISM) Code includes a requirement for all identified risks to ships, personnel and the environment to be assessed and for appropriate safeguards to be established.” 

“The resolution encourages Administrations to ensure that cyber risks are appropriately addressed in safety management systems no later than the first annual verification of the company’s Document of Compliance after January 1, 2021,” the spokeswoman said in an email.