Strategies to overcome Maritime’s emerging digital threats

July 25, 2023
Most operators will need to start at the beginning when developing their approach to cyber risk management.

Digitalization is ushering in a new era of precise, efficient, and responsible operations through sophisticated maritime software products, allowing the industry to modernize at an accelerated pace. Although digitalization creates multiple benefits like sustainable operations and competitive vessel performance, data collection and transmission can also yield vulnerability to cyberattacks. With the growing modernization of shipping operations, the industry must also modernize its cyber defenses.

With pressure from the International Maritime Organization (IMO), the UN’s looming emissions goals mounting, and a growing appetite for holistic insight across industries, maritime operators have chosen to accept these risks and embrace digital tools. Still, many remain unaware of the magnitude of the threats they face and the steps that they must take to protect their fleets during this time of rapid change.

Maritime’s Unique Challenges

Although the threat of cyberattacks is near-universal for modern businesses, maritime operators are navigating a complex landscape and a unique set of circumstances compared to their counterparts in other industries. To start, digitalization is a new phenomenon in the sector—and it’s not because leaders have been dragging their feet. The fact is that technology has only recently advanced enough to support the kind of ongoing, low-latency connectivity at sea that operators need to make investments in digitalization worthwhile.

Then, there is the relative age of the global fleet. Most ships currently sailing—(between 52 and 85%, depending on vessel type) are over 10 years old, and a significant portion (58% of general cargo ships, for example) were built before 2003. Put simply, these ships were built and designed long before connectivity at the current scale was thought to be possible. As a result, most operators are achieving their digitalization goals by updating legacy environments with IoT devices rather than building vessels with cyber hygiene in mind.

Finally, with 90% of global trade touching marine shipping, the increasing frequency of attacks—like those on Maersk in 2019 and DNV earlier this year—the fiscal, business, and safety implications of cyberattacks on vessels and software providers are sobering. Vessels are cyber-physical targets; accessing these networks gives attackers free rein to stall ships, initiate hazard events, and even take lives. That makes ships high-value targets for attackers looking for timely payouts.

When combined, these three factors become a perfect storm for cyber vulnerability, and attackers have noticed. During 2020, the number of maritime cyberattacks increased by 400%—and that came on the heels of a 900% jump in attacks on vessels and ports over the prior three years. In 2021 alone, the industry saw five serious and high-profile attacks—on K Line, CMA, CGM, Swire Pacific, and Danaos—the total losses from which cost hundreds of millions of dollars.

The Elements of Strong Cyber Protections

Though any company may fall victim to cyberattacks, there are steps that leaders can take to mitigate the consequences. Those who engage in digitalization will need to choose providers and services that support cyber hygiene as effectively as they do data analytics and recording. But, given how new maritime cyber is as a field, operators may not know where to begin.

Most operators will need to start at the beginning when developing their approach to cyber risk management. They’ll need to build a foundation based on four pillars:

  • An experienced teamCybersecurity within maritime is still a growing concept, so putting together a diverse team with cross-organizational insight may be a challenge, but it’s a critical element of any strong cyber program. Leaders may want to look to external experts in operational technology (OT) and information technology (IT) cybersecurity, internal stakeholders with a deep understanding of maritime operations, and new hires with experience in cybersecurity.
  • A comprehensive asset inventory—Having comprehensive insight into what you’re protecting is critical to building out processes and managing vulnerabilities. Maritime operators will need to identify and list all equipment and machinery on each vessel and within the enterprise at large, noting their relative importance to operations, role in existing safety protocols, and connectivity status. Also of note are areas that operators plan to integrate into their networks in the future.
  • ·A catalog of potential scenariosUnderstanding what could happen is key to preventing it. On vessels, digital breaches can have significant physical repercussions so teams should review their standard hazard assessments to identify how connected systems may fit into incidents. Using this list as a guide, operators can begin to outline comprehensive protections and effective response plans.
  • A domain-specific security stack—Though they share some features, OT and IT cybersecurity are different beasts, even when they’re both on land. Added to the additional challenge of protecting a vessel at sea, marine cybersecurity teams will be in truly uncharted waters. While some elements—like two-factor authentication—carry over seamlessly, others—like managed attack response services—will need to be specialized to the specific needs of maritime environments.

These pillars act as a foundation to guide the thoughtful, effective, and enterprise-specific plans needed to protect today’s maritime operations. Critically, operators must consider these elements as part of their overall digitalization journeys, not as an afterthought.

Building these two programs together helps ensure they’re inextricably linked and reliable enough to protect everything in the fleet’s ecosystem—from maintenance checks to crew payment to their ability to compete for charters—and the broader community from the consequences of an attack. 

Well-Rounded Insight

Of course, the above is only the beginning. Each vessel and business will need to pursue policies, software, and safeguards that make sense for them which means the process will be an ongoing one. It will rely on a continuous commitment to improvement and a well-rounded understanding of not only the business and maritime industries but the cyber threats that emerge along the way.

Leaders interested in building a digital fleet that is secure by design may want to connect with experts in digital transformation and cyber security for maritime vessels for guidance. While it can feel uncomfortable to give outsiders insight into operations, the fact remains that third-party input is critical now.

Yes, the field of maritime cybersecurity starts from nothing in many ways, but the landscape marine operators face is not unprecedented. Every industry that pursued digitalization had to contend with uncharted territories at some point in their journeys, so following the lead of experts who have faced these issues in the past can help inform strategies that support successful digitalization and strong security postures.

About the authors:Paul Sells is CEO and President of ABS Wavesight, a maritime software company dedicated to helping shipowners and operators streamline compliance while maintaining competitive, more efficient and sustainable operations. He is responsible for leading the development and innovation of purpose-built, integrated data-driven solutions that help clients gain more visibility into their existing operations to mitigate risk and deliver operational excellence. Paul holds several patents and joins ABS from Mira Labs, Inc. where he was Vice President of Customer Experience. He also served in the U.S. Navy, where he was a Lead Petty Officer. Paul graduated from the University of Tennessee with a degree in Mechanical Engineering and received a Master of Business Administration from the College of William and Mary.

Sameer Bhalotra is the co-founder and CEO of ActZero, a security company based in San Francisco, California. He previously worked in cybersecurity at Google and as a board member of numerous security start-ups. In government, he served as senior director for cybersecurity on the National Security Council staff at the White House, cybersecurity and technology lead for the Senate Select Committee on Intelligence, and in various roles in the intelligence community. He is affiliated with the U.S. State Department Foreign Affairs Policy Board, U.S. Secret Service Cyber Investigations Advisory Board, Center for Strategic and International Studies, Stanford University's Center for International Security and Cooperation, and Harvard University’s Kennedy School of Government. He holds a Ph.D. in applied physics focused on quantum tech and photonics from Stanford University and a BA in physics and chemistry focused on lasers and electronics from Harvard University.

About the Author

Paul Sells | CEO and President of ABS Wavesight

Paul Sells is CEO and President of ABS Wavesight, a maritime software company dedicated to helping shipowners and operators streamline compliance while maintaining competitive, more efficient and sustainable operations. He is responsible for leading the development and innovation of purpose-built, integrated data-driven solutions that help clients gain more visibility into their existing operations to mitigate risk and deliver operational excellence. Paul holds several patents and joins ABS from Mira Labs, Inc. where he was Vice President of Customer Experience. He also served in the U.S. Navy, where he was a Lead Petty Officer. Paul graduated from the University of Tennessee with a degree in Mechanical Engineering and received a Master of Business Administration from the College of William and Mary. 

About the Author

Sameer Bhalotra | cofounder and CEO of ActZero

Sameer Bhalotra is the co-founder and CEO of ActZero, a security company based in San Francisco, California. He previously worked in cybersecurity at Google and as a board member of numerous security start-ups. In government, he served as senior director for cybersecurity on the National Security Council staff at the White House, cybersecurity and technology lead for the Senate Select Committee on Intelligence, and in various roles in the intelligence community. He is affiliated with the U.S. State Department Foreign Affairs Policy Board, U.S. Secret Service Cyber Investigations Advisory Board, Center for Strategic and International Studies, Stanford University's Center for International Security and Cooperation, and Harvard University’s Kennedy School of Government. He holds a PhD in applied physics focused on quantum tech and photonics from Stanford University and a BA in physics and chemistry focused on lasers and electronics from Harvard University.