A Busy Few  Months for Maritime Cybersecurity

A Busy Few Months for Maritime Cybersecurity

The late spring and early summer months have been busy for the maritime industry. Over the past few months there have been a series of reports issued by Allianz, DNV and the U.S. Coast Guard that examine trends and offer insights on maritime cyber and physical security that are likely of interest to Pacific Maritime readers. Before we begin to detail these reports, let’s examine the ransomware attack at the Japanese Port of Nagoya on July 5. Nagoya Port Ransomware Attack On or about July 5, the Port of Nagoya was shut down by a ransomware incident infecting computers that…
Read More
10 Threats You Need  to Know About in 2023

10 Threats You Need to Know About in 2023

Recently on my YouTube channel, I posted a video about 10 cybersecurity threats today’s executive needs to keep in mind (https://bit.ly/3HQ4Z2e). As I thought about this list, I realized it also applies to those of you in the maritime community. So, here is a review of those threats for your awareness. The list of cybersecurity threats is broad; however, here are 10 select threats discussed in this article: Nation-state attacks Artificial intelligence attacks Zero-day exploits Supply-chain attacks Insider threats Social engineering attacks Cloud security threats Internet-of-things (IoT) attacks Ransomware attacks Phishing attacks In November 2022, the Secretary of the U.S.…
Read More
Autonomous Ships: Cyber Risks Dead Ahead

Autonomous Ships: Cyber Risks Dead Ahead

I just finished reading the book Intelligent Automation by Pascal Bornet. It’s a fascinating look at the future implementation of artificial intelligence in today’s and future businesses. Since my role is to assess and understand the cybersecurity threats on the maritime sector, Bornet’s book caused me to look for analysis and resources regarding autonomous ships and their implementation. I was surprised at how much has been written on this subject. As an experiment, I suggest you do a Google search on terms such as “autonomous ships,” “autonomous seaports,” etc. I think you’ll be surprised. What I’d like to provide in this…
Read More
Another Seaport Under Cyber Attack

Another Seaport Under Cyber Attack

The Port of Lisbon in Portugal is attacked by LockBit ransomware. Put yourself in this manager’s shoes: It’s Christmas Day. You’re in the middle of the extended family meal of roast turkey with all the fixings. Suddenly, you’re interrupted by an urgent call from your seaport duty officer. She informs you that the website is down, and all the computer screens are showing an alert from a ransomware attacker extorting your port. Operations seem to be okay, but the ransomware alert is threatening. This is essentially the scenario faced by the Port of Lisbon on Dec. 25 last year. The…
Read More
Cyberspace Impacts and Ships and Seaports—U.S. Coast Guard Response

Cyberspace Impacts and Ships and Seaports—U.S. Coast Guard Response

Maritime cyber security risks are increasing for both ships and seaports. These risks and their consequences negatively impact national economies, shipping companies and seaports. There is increased attention on this by national governments, national coast guards and agencies abroad such as the International Maritime Organization (IMO). We also need a sense of how the U.S. Coast Guard is reacting to these threats. About a year ago, the Coast Guard published its Cyber Strategic Outlook to raise awareness and reemphasize the agency’s role in cyber security. Admiral Karl L. Schultz, Commandant of the U.S. Coast Guard, observed in his introduction to…
Read More
Shipboard Operational Technology:  At Risk from Human Error and Cyber Attacks

Shipboard Operational Technology: At Risk from Human Error and Cyber Attacks

As you stand on the bridge of a modern container ship, freighter, cruise ship, etc. what do you see? You see a variety of digital and analog systems including touchscreens, keyboards, mice/trackballs and even laptops. As a cybersecurity professional, I see a variety of opportunities for a cyber attacker to inject malware to take over systems or at least knock them out of service and imperil the vessel and cargo. Even an unprotected USB port on the bridge could actually be an opening for an attack. The new digitized bridges and engine rooms have revolutionized the operation of the ship;…
Read More
Seaport Cybersecurity – A Serious Undertaking

Seaport Cybersecurity – A Serious Undertaking

In January 2022, port facilities in Belgium, Germany and the Netherlands reported large-scale ransomware attacks that disrupted operations at oil terminals and prevented tankers from delivering energy supplies throughout the region. The attacks impacted at least 17 terminals, including those in Hamburg, Ghent, Antwerp-Zeebrugge and Rotterdam. The reported ransom demands were around $14 million, well above the average demand. In 2019, a Singapore-based public-private initiative called Cyber Risk Management (CyRiM) studied a hypothetical cyberattack against 15 Asian seaports. In their analysis – called the Shen Attack – the theorized cyberattack would be launched by a computer virus carried by a…
Read More
Maritime Security is Everyone’s Job

Maritime Security is Everyone’s Job

The challenge of securing ships and ports is not new. The Jack Sparrows of the world long have been trying to hijack ships, steal their cargo and misdirect the vessels onto the rocks, so pirates can harvest the booty that floats onto the beach. However, with better technology on ships and in ports, and new vectors available for the attacks, the necessary actions to predict and prevent physical and cyber assaults to shipping companies and seaports are increasing. There is more work to do to keep the buccaneers at bay, and there are new threats to consider in the maritime…
Read More
Maritime Cybersecurity Guidelines: Dissecting the Alphabet Soup

Maritime Cybersecurity Guidelines: Dissecting the Alphabet Soup

The world of maritime cybersecurity is relatively new, and there’s an increasing amount of information on this topic in the maritime media. In fact, Pacific Maritime Magazine has included a bi-monthly column focused on this topic to help readers better understand why cybersecurity is important to the trade and to offer some references and guidance to readers when they wish to learn more about cybersecurity for their ships and ports. In the area of international cybersecurity guidelines, there are several entities producing detailed cybersecurity recommendations that ship owners are expected to observe. These organizations include the International Maritime Organization (IMO),…
Read More