Several hacks have proved that the shipping industry is no more secure and awareness in this regard is needed.
Staff at CyberKeel made a shocking discovery about the hack of the company’s systems by someone who planted a small virus when they investigated email activity at a medium-sized shipping firm.
Co-founder Lars Jensen viewed that the hackers would monitor all emails to and from people in the finance department. And when a firm’s fuel suppliers would ask for payment via email, they would change the message text and would add a different bank account number. And several million dollars were transferred to the hackers before the very company cottoned on.
He has long believed that the shipping industry needs to be more secure against hackers, after the cyber attack on “Maersk”, of which CyberKeel is the example.
Maersk, the badly affected firm after the NotPetya cyber attack in June, revealed that the incident could cost it more than $300 million in profits.
At the time Jansen launched his firm, three years ago, in coordination with Morten Schenk who is a former lieutenant in the Danish military and Jansen believes him to be the hacker of everything, they tried to offer penetration testing and investigative tests of security to shipping companies.
But they initially got a negative response and people advised him not to waste his time because they were pretty safe. But such sentiments are rare today.
NotPetya cyber-attack has consequently caused shut down of some port terminals managed by APM, finding the shipping industry insecure.
A report on the case by the cyber-security team at telecoms company Verizon has described the precision of the operation, stating,
“They’d board a vessel, locate by barcode specific sought-after crates containing valuables, steal the contents of that crate – and that crate only – and then depart the vessel without further incident,”.
But the ships, though increasingly computerised are vulnerable and worry for many.
Malware is designed to spread from computer to computer on a network, making the connected devices potentially vulnerable.
Patrick Rossi, member of the ethical hacking group at DNV GL, claims to know a cargo container, where the switchboard was shut down when ransomware found its way on the vessel.
According to Brendan Saunders, maritime technical lead at cyber-security firm NCC Group, crucial navigation systems such as the Electronic Chart Display have also been hit, concerned to a ship at an Asian port, but it was a large tanker weighing 80,000 tonnes.
A crew man brought a USB stick on board with some paperwork, needed to be printed. In this way, malware got into the ship’s computers and when the second crew man went to update the ship’s charts before sailing via USB, the navigation system got infected.
He says that “ECDIS systems pretty much never have anti-virus,”.
These incidents are deadly disruptive to maritime businesses, but truly catastrophic scenarios might involve a hacker attempting to destroy a ship itself, through targeted manipulation of its systems.
The experts are finding new ways into ships’ systems remotely. A cyber-security researcher used Ship Tracker app to find open satellite communication systems, VSat, on board vessels.
Even a targeted attack could alter the coordinates broadcast by the system, allowing someone to spoof the position of the ship.
The manufacturer of the VSat unit has blamed the customer in this case for not updating the default security credentials.
Recently, the Baltic and International Maritime Council (BIMCO) and the International Maritime Organisation (IMO) have launched guidelines designed to help ship owners protect themselves from hackers and to make them aware of the threats.