Hackers a global threat to ships
Local maritime businesses gathered Wednesday to discuss the industry’s vulnerabilities to cyberattacks, an especially hot topic after a ransomware attack that disrupted operations for shipping giant A.P. Moeller-Maersk in late June.
“When you have a company the size and scope of Maersk … that’s big headlines,” said Niels Aalund, senior vice president of the West Gulf Maritime Association.
Yet these attacks can happen to companies of any size. Hackers may even target smaller companies as a way to access their larger customers.
That’s why roughly 190 ship owners, terminal operators, consultants, stevedore officials and others attended the cybersecurity seminar hosted by international shipping association BIMCO and the West Gulf Maritime Association. The event was held in the U.S. Coast Guard facility at Ellington Airport.
Maritime operations can tempt hackers in many ways. They’re critical to global commerce, transport valuable cargo and often use older technology, said Cynthia Hudson, CEO of New Jersey-based Hudson Analytix.
“There’s a lot of old stuff we are using every day to operate our businesses,”
Hudson said.
Companies should assume they’ve already been hacked. She said there are three kinds of companies: Those that have been hacked and don’t know it, those that have been hacked and don’t want to talk about it, and those that have been hacked and are talking about it.
Not knowing or not wanting to talk about it is likely why just 21 percent of respondents in a maritime survey said their company’s computer systems had been violated, said Michael Lund, a deputy secretary general for BIMCO.
He was citing a BIMCO survey released last year with IHS Fairplay. Lund said ships, in particular, have vulnerabilities that include obsolete operating systems, a lack of cybersecurity and safety policies, and unpatched software.
But having updated software doesn’t necessarily make companies immune to cyberattacks, said Jason Warren, cybersecurity expert for the Coast Guard’s Office of Port and Facility Compliance. Maersk wasn’t attacked through outdated software. It was attacked through software it uses for filing tax returns.
It was the first cyber incident of a maritime transportation system that disrupted the flow of global commerce, he said.
“This was a wake-up call for all of us,” he said.
Warren said Maersk shut down its systems after discovering the ransomware malware attack. Shutting down those systems highlighted several flaws. Maersk didn’t have key contacts saved offline, so the company wasn’t able to reach key people when the email and phone systems went down.
Another flaw was not knowing what systems, such as the security gate and access control, would be unavailable during extended outage. The company didn’t contact the Coast Guard for more than 70 hours, Warren said.
However, Maersk also took several positive steps that helped reduce the fallout. Warren said engineers acted quickly once learning the ransomware was spreading across its global network. It also focused on first restoring ports and facilities that had a larger impact in disrupting global commerce.
Still, Maersk disclosed last week, the cyberattack could cost it between $200 million and $300 million.
Warren added that the Coast Guard has a Navigation and Vessel Inspection Circular out for public comment. This establishes a starting point for the Coast Guard to assist the private sector in building a risk-management program.