Maritime
Cyber Risk

What is Maritime Cyber Risk?

Maritime cyber risk is the possibility of assaults on ships and boats that cause fatalities or infrastructure damage. Hijacking, piracy, sabotage, and data theft are just a few of the many potential sources of maritime cyber threats. These threats are especially difficult since they call for physical access to a ship or vessel for an attacker to carry out an assault. Not only the individuals who are engaged in shipping freight transportation are at danger from maritime cyber hazards, but the whole maritime business is also at risk. By infiltrating mariners' information systems, malicious actors also are able to operate ships at sea covertly or wage continuing strikes against commercial targets with minimal advance notice.

How to Prevent Maritime Cyber Risk?

Being proactive with company cybersecurity is crucial given the increase in crimes. Owing to their dependence on computers and networks for commercial operations, maritime enterprises are especially vulnerable. The following advice potentially assists companies in reducing marine cyber risk:

• Create a clear information security policy that is adapted to the company's requirements and resources.
• Examine the existing cyber posture of the company utilizing the threat intelligence tools that are accessible. This shows any weaknesses and points out places where advancements are required.
• Use best practices including firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention (DLP), secure remote access, high encryption standards, and appropriate Jeanne d'Arc protocols.
• Use efficient training programs to teach staff members about internet security and ethical conduct.

What are the Types of Maritime Cyber Risk?

Untargeted cyberattacks and targeted cyberattacks are the two main categories that harm a maritime enterprise or a ship:

• Untargeted Cyberattacks - Untargeted assaults search for possible cyber vulnerabilities in several businesses or ships.
• Targeted Cyberattacks - Attacks that are targeted against a particular business or ship are more difficult to stop. During a 900 percent rise in attacks on ships and port infrastructure in 2020, attacks on ships climbed by 33 percent in frequency.

To identify and take advantage of flaws in a ship or a maritime enterprise, both of these assaults potentially make use of methods widely deployed online.

---

Cyberattack Techniques Used in Maritime

The different types of marine power systems and equipment are susceptible to a variety of cyberattacks methods. Therefore, it's crucial to be aware of these methods if users wish to prevent assaults. Spear phishing, water bombing tactics, malware infections, and ransomware encryptions are some of the most typical.

• Malware – A broad word for destructive software intended to harm a computer system without the owner's knowledge. Spyware, viruses, worms, and trojans are a few examples of typical malware kinds and names. Every system also includes flaws that malware potentially targets and exploits to take over. Links in emails and dubious websites are common ways for people to get malware. Our research analysts found that the costliest sort of assault is malware directed against enterprises. The average cost of recovery from an attack climbed by 11% in 2019 over 2018 while the average cost of recovery from malware infections increased by 21% over the same period.
• Water Holing – Water holing is a popular cyberattack technique that exploits vulnerabilities in networks and servers by flooding them with so much traffic that they function. This attack floods the target's network with requests that use up all of the available resources, preventing legitimate traffic from getting through. To execute this type of attack, attackers search for vulnerable systems online and intercept their connections before sending malicious requests directly to those systems. The target of a watering hole assault that took months to find was the American information technology business SolarWinds. The watering hole assault was carried out by spies working for a state to monitor cybersecurity firms.
• Denial of Service – This method overwhelms a network with data, preventing genuine users from getting to the applications they need. Multiple marine IoT equipment are taken over by these assaults simultaneously, and whole servers get infected. The number of denial-of-service attempts increased dramatically in 2019, from 8.4 million to 23,000 per day to 16 every minute, according to our statistics.
• Phishing – Cybercriminals want to elicit a reaction from a large audience by sending out a generic message to get into the company system or steal important data. They often do this by email and ask for some kind of action, including data sending, following, or connecting. Our research data found that a spear-phishing attempt that targeted the large fuels provider World Fuel Services (WFS), resulted in losses of an estimated $18 million.
• Social Engineering – Cybercriminals sometimes use social media to contact and persuade individuals to violate rules or divulge information that is used against them or their companies. As per our research 98% of assaults are the result of social engineering.
• Spear-Phishing – This kind of targeted attempt is similar to phishing, except it is directed at a specific individual or business. It tries to get information by sending tailored email requests or providing URLs that corrupt the system, and is often harder to identify than classic phishing. The number of COVID-19-related spear-phishing attempts climbed by 667% in 2020, while the number of banned suspicious communications aimed at remote employees surged by 30,000.
• Subverting the Supply Chain – Before they approach an organization or ship, fraudsters sometimes try to breach electronic systems.
• Brute Force – Systems systematically try to guess the password used by a criminal; these programs are successful if the passwords are basic.

---

When does Marine Cyber Risk Become Active?

Maritime shipping is one sector that is particularly at risk owing to its high concentration of infrastructure and critical assets. Our analysis finds that over 50% of all global trade passes through sea lanes, which makes them a prime target for hackers looking to inflict economic harm. As such, many organizations are now implementing enhanced security measures and working together to improve their resilience against cyberattacks. This includes improving cyber security protocols across all channels (physical, digital/logistical), training personnel in incident response and malware detection skills, and developing contingency plans in case of an attack (disaster recovery planning). Hence, it can be concluded that with several of the maritime cyber risks incidences that has been reported over the past few years, it is highly important for businesses to understand the level of risks involved and the amount of losses that these businesses may have to face. Thus, adopting to the right strategies by being agile is the only way out to remain proactive against the attackers.