X-Industry

Digital Pirates

Posted by Mac McKee on December 9, 2023 at 9:00am

12310716294?profile=RESIZE_400xCybersecurity threats to the global supply chain have been well-documented in recent years, and sea-faring trade is no exception.  Shipping ports are being targeted by modern day digital pirates seeking to disrupt supply chains with targeted, sophisticated cyberattacks.

Long gone are the days when a commercial ship crew considered a rudimentary GPS system to be the sole state-of-the-art technology onboard.  Today, the maritime industry depends on smart AI systems and IoT devices that go beyond standard ubiquitous commercial satellite networks for navigation, communication, and cargo management.  The increasing use of this technology in the vast supply chain has made IoT security a key operational component because a single breach can have a significant impact on operations.[1]

These modern evolving systems are densely interconnected and rely on real time data exchange, making them highly efficient and flexible.  However, increased connectivity also opens up vulnerabilities to cyberattacks from foreign agents, terrorists and even competitors.

A global problem - The shipping industry has been a frequent target of ransomware attacks in recent years.  For example, in March 2023, Dutch maritime logistics company Royal Dirkzwager was hit by a ransomware attack from the Play group.  The attack involved the theft of data from servers, but did not affect operations. The company negotiated with the cybercriminals.  The Play ransomware group has also targeted government entities in Latin America and the City of Oakland.  In January 2023, about 1,000 vessels were affected by a ransomware attack against Oslo-based DNV.  DNV had to rebuild its ShipManager server environment and to resume full service, which was no small undertaking.

Europe has seen a string of ransomware attacks on ports in recent years.  Oil companies Oiltanking and Mabanaft, both owned by German logistics conglomerate Marquard & Bahls, suffered a cyberattack in February 2022 that crippled their loading and unloading systems.  Logistics and freight forwarding giant Expeditors International similarly announced a cyberattack last year that slowed its operations around the globe for months.  More recently, in early July 2023, the port of Nagoya, Japan’s busiest shipping port, was hit by a ransomware attack that prevented it from receiving incoming shipping containers for two days.  According to CNN, “the computer system that handles shipping containers was knocked offline,” and “the hack forced the port to stop handling shipping containers that came to the terminal by trailer.”  Furthermore, local news service Asahi Shimbun reported “the ransomware attack, apparently perpetrated by Lockbit, a Russia-based cybercrime organization, affected an estimated 15,000 containers and related businesses, including Toyota Motor Corp., which has a manufacturing hub in the region.”

Telco Standardization - The above examples not only highlight the regular occurrence of cyberattacks but also the complexity of tackling these challenges.  Cyberattacks can take various forms, including malware, ransomware, phishing, and even physical attacks on navigation systems.  A successful attack leads to critical operation disruption and financial losses, but that’s not all a breach in the maritime industry can have far-reaching consequences.  It can disrupt the entire supply chain, affecting inventory management, logistics, and cargo tracking.  Delays can be costly and even impact the availability of essential goods.

The need for interoperability - Much like any other industry undergoing a digital transformation, the maritime industry is evolving and connecting to smart mega-fabrics composed of all elements across a nation's critical infrastructure, thereby becoming increasingly important to make all maritime IT and OT frameworks secure and interoperable.

One operational vulnerability dispersed over all aspects of a digital maritime infrastructure is a complex network of OT systems headlined by IoT devices.  These sensors are prevalent in maritime operations and are used to monitor cargo, track vessels, and manage various channels of the supply chain.  IoT fabrics are made by a diverse group of manufacturers and comprise a wide range of legacy and modern technologies.  How do we ensure the security and resilience of these devices?

Recognizing the importance of maritime cybersecurity, international organizations and governments are developing guidelines and regulations to improve cybersecurity in the industry.  Compliance with these regulations is essential for protecting maritime assets.

But that’s not all.  The maritime industry needs to recognize that close internal and cross-industrial collaboration is essential for a successful universal cybersecurity framework.  Addressing maritime cybersecurity requires collaboration between various stakeholders, including shipping companies, port authorities and supporting industries, such as logistics, energy and beyond.

There is a need to revolutionize the supply chain with digital platforms that enable global operators to track, authenticate, and manage IoT enabled ports with a combination of IT/OT services.  Such secure platforms will increase transparency and automation for IoT-enabled ports and enable global port operators to securely integrate multi-party digital data services and IoT devices made by different manufacturers, such as sensors and cameras, into their ports.  This will allow ports around the world to establish data-driven operations based on reliable data - an essential function for today’s fast-paced shipping system.

Raising awareness across the industry and training personnel to recognize and respond to cyber threats is also crucial.  Finally, investing in robust cybersecurity measures is essential to protect maritime operations.  This includes implementing the latest encryption technologies, firewalls, data tampering detection systems, and regular IoT security assessments.

In conclusion, the increasing reliance on technology in the maritime industry has made cybersecurity a top priority.  Preventing cyberattacks and mitigating their consequences is essential to safeguard the global supply chain, protect valuable cargo, and maintain the safety and security of maritime operations.  It is a complex challenge that requires a multi-faceted approach, including technology, regulations, and industry-wide collaboration.

This article is presented at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  We can help provide cyber insurance through Cysurance.  Call for assistance.  For questions, comments, a demo or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com   

 

Weekly Cyber Intelligence Briefings:

 

Reporting: https://www.redskyalliance.org/

Website: https://www.redskyalliance.com/

LinkedIn: https://www.linkedin.com/company/64265941

Weekly Cyber Intelligence Briefings:

 

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/5993554863383553632

 

 

[1] https://www.thefastmode.com/expert-opinion/34122-fighting-digital-pirates-on-the-informational-high-seas

Views: 22
Tags: tr-23-340-003, piracy, digital pirates
E-mail me when people leave their comments –
Follow

You need to be a member of Red Sky Alliance to add comments!