Back in 2017 shipping giant Maersk fell victim to a global cyber-attack which saw operations disrupted for more than two weeks, equipment having to be destroyed, and $300 million being spent to ensure recovery. The threat of cyber-attacks are unfortunately no element of the past with many still taking place today, seeing seafarers succumb to phishing emails and providing sensitive information.
With technology constantly developing in the form of new computers, software, and communication platforms, staying on top of the technology can be a struggle, especially for seafarers who are working night and day to ensure the safety of their ships. This sees seafarers being placed in the vulnerable position of falling victim to cyber-attacks and phishing emails, whereby hackers can gain access to ship systems, cease communication methods, and damage the overall reputation of the company.
The impact of cyber-attacks
If a hacker is able to access a vessel what does that mean for the ship and crew?
One of the main elements that can be accessed is the manipulation of navigation systems. This can see the hacker either sending false navigation information to the crew, seeing the vessel sail off course, or sending false information regarding the vessel’s location to the shore-side team. Alongside this, hackers can also gain access to monitoring and control systems. Due to systems today being interconnected this could see access being gained from systems ranging from the water treatment system to the engine management system.
Communication systems are another area which are heavily targeted, if there is no communication onboard the vessel reports are unable to be sent out, communication between vessel and onshore cannot take place, and critical situations are unable to be reported.
Lastly, unintentional disclosure of security related and sensitive information is something which is frequently seen because of a successful hacking attempt. Sharing of this information could lead to financial loss, extortion, and damage to a company’s reputation.
During the webinar, Dr Michael H Thurlbeck, CEO Stapleton International, shared statistics from Inmarsat that highlight the impact that a cyber-attack could have on a vessel: “On a typical vessel today, an engine room alone can have anything between 1000-2000 sensors, this transmits the same amount of information per month which is equivalent to anybody surfing the internet for 65 consecutive years.” This this volume of data being transmitted globally by ships provides a staggering amount of information for hackers to potentially get their hands on.
Challenges for the crew
Onboard a vessel, seafarers are tasked with many laborious, time consuming roles to ensure the overall running and safety of the vessel – this often leaves them with little time to look at IT issues. Alongside this many seafarers have reported a lack of IT training making it impossible for them to keep up with the constantly evolving systems and software that is presented to them.
Florian Zum Felde, chief operating officer, Waterways – a company specialising in IT solutions and services for the maritime industry – commented on this issue during the webinar: “From feedback – which we very often receive – once newly introduced systems are onboard there is insufficient training for the newly introduced systems, so sometimes the crew don’t know how to deal with such systems on board.”
“Sometimes with IT issues the crew is completely on its own. Now because we have the different timezone sometimes there are no IT personnel available on shore side to answer questions. What we have learned is that very often we have a missing familiarisation with IT procedures.”
Alongside the lack of technical training a lot of seafarers have not been trained when it comes to third party software and technology, such as USB sticks which can transfer viruses and malware into the computer systems onboard. Due to constantly changing requirements and technology seafarers are unsure as to which threats could and have happened and what the consequences are if such threats arise.
The dangers of phishing
Defined by the Oxford dictionary as: “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers”, phishing emails are the biggest threat to seafarers when it comes to cyber-attacks.
Felde commented on the danger of phishing emails for the shipping industry: “In these emails sometimes links are provided. When you click on the link, you will be asked to enter very sensitive information, for example: the vessel schedule, if you have goods onboard, if you have weapons onboard, if you have armed guards onboard, how many crew you have on board and so on. With this information the hacker has a good picture [of how] to attack the vessel maybe in the next port.”
In an attempt to educate and heighten awareness regarding phishing emails, Waterways have designed a training protocol which sees the company working with shipping companies to send seafarers onboard vessels test emails to see if they are opened, clicked and sent information.
The company recently worked with a customer with almost 100 vessels in their fleet, Waterways sent 292 emails to all the vessels which saw an open rate of 92% which translates to 269 emails being opened by seafarers onboard. The link which was included within the email was clicked by 90 seafarers with an interaction rate of 44 which means that those 44 seafarers clicked the link, opened the website, and entered the sensitive information that was being asked for.
When it came to the reply rate for the email, 31 seafarers replied directly to the email with the sensitive information, Felde commented on these results: “We have a reply rate of 31 seafarers, they disclosed cooperate related information to us very easily. You could say it’s a good result because talking about 100 vessels, we have 30% click rate, but in the end please always be reminded every click or response poses the major security risks.”
Supporting the crew
So, what can be done to support seafarers?
Seafarers require training surrounding internet usage not only on the vessel devices but their private devices as well, training on software and systems and to be educated on how to deal with threats from email attacks.
Crew need to be trained on when to give access, when not to, and how to report these emails if they suspect them to be an attempted hack. Felde expanded: “We need to train the crew on how to deal with updates, how to deal with password policies, how to deal in general with onboard IT technology. We need to train them to understand the threats for ship operations because then they are aware – they need to know what can happen if they open an email, if they give access to somebody who they maybe don’t know.”
One way in which crew support is provided by Waterways is via regular feedback after a phishing email campaign has been sent out. This allows the seafarers to understand their mistakes and further their knowledge on what to look out for in an email. As well as this the feedback sessions act as a constant reminder of the importance of IT security onboard.
It is hoped that once seafarers have received increased training on these issues the amount of successful cyber-attacks experienced by the industry will decrease, Felde says: “With training and with a well-trained crew we are quite convinced that the industry will be able to drastically reduce cyber risk and improve operational business, and processes.”