05 December 2022

The increasing reliance on wireless communications technology, and particularly the internet, across the maritime industry has had a dramatic effect on the volume of cyber-attacks that ship owners and operators are now having to face. Vessel owners incorporate connectivity at sea via very small aperture terminal (VSAT), delivering ship-board services through WiFi and ethernet, which are not necessarily secure. In the past three years alone, the number of reported attacks has increased by 900% and is set to continue on an upward trajectory for the foreseeable future. With the average cost of an attack measured in millions of dollars, cybersecurity has now become the top-ranked serious business risk globally according to the Allianz Risk Barometer.

However, while most other major industries have invested heavily in their fixed and wireless network security systems, the maritime sector has been slow to take cyber-protection seriously, leaving them vulnerable and easy targets for organised hacking groups. This position is amplified in many SE Asia countries by the fact that there has been a traditional reluctance by businesses in the region to invest in cyber protection systems, preferring to take the view that cybersecurity preventative measures are too expensive and not always necessary. However, with recent attacks on five of the world’s major container ship operators including Maersk, COSCO and South Korea’s Flagship carrier HMM in 2021, operators cannot continue to assume that an attack won’t happen to them.

As a vast maritime area, the shipping industry plays a hugely important role in the economic health of all the countries located in the SE Asian region. Naturally, all actors in the maritime chain - massive convoys of container ships, fishing fleets, offshore oil and gas activity operators, and owners of vessels and port infrastructure – require reliable, secure wireless communications to enable navigation, weather forecasting, collision avoidance, ship to shore communications, etc. And now, all face an existential threat to their annual revenues and national economies due to bad actors.

While the financial impact of a data breach or ransomware attack can be substantial, modern-day vessels are becoming increasingly reliant on a sophisticated network of automated systems to ensure the smooth operation of the ship including navigation, communication systems, power, fuel management and cargo control. This means that if not fully protected, hackers can easily take full control and threaten the safety of the ship; the crew and its cargo and are particularly vulnerable to the growing threat of a geo-politically motivated attack.

Given this level of risk, owners and operators cannot afford to be complacent and need to start to up their game to do all they can to protect not just their operational technology (OT) systems but their onboard IT and ship to shore communications as well. To assist in the process a good starting point is to check out the International Maritime Organisation’s (IMO) Guidelines to Cybersecurity onboard ships. The IMO has a mandate to make trade and travel by sea as safe and secure as possible and develop suitable regulations and guidance to help operators to manage and mitigate threats that could potentially compromise their vessels at sea.

The guidelines have been in force since 1 January 2021 and maritime organisations, including vessel owners and operators across SE Asian region, must now be able to demonstrate that they can execute an effective cybersecurity plan that addresses the risks in a way that improves the security of their operations. For owners of both newbuilds and in-service vessels, this represents an opportunity to gain a full understanding of their connected systems, and thoroughly protect their ships.

The impact of the IMO resolution means that to keep sailing, all ship’s owners globally must integrate cybersecurity into their safety management systems including methodically developing, implementing, and maintaining a cybersecurity management program including mapping IT and OT systems, identifying areas vulnerable to external and internal cybersecurity threats and undertaking a risk assessment of all IT and OT networks.

While regulations may vary from country to country, worldwide flag authorities are now closely scrutinising vessels for compliance with the basic requirements to enable continued access to their ports and onshore facilities. One scheme that can help owners to demonstrate compliance with IMO’s regulations as well as the International Safety Management (ISM) Code, the International Ship and Port Facility Security (ISPS) Code and flag requirements is the Maritime Cyber Baseline Certification program.

Supported by the Royal Institute of Naval Architects (RINA), the Maritime Cyber Baseline Certification scheme provides an affordable and practical way for vessel owners and operators to achieve compliance with the IMO guidelines and help to continually improve their cybersecurity to counter emerging threats and remain cyber resilient.

To achieve certification for a vessel is relatively straight forward. Applicants follow a practical pathway starting with answering a series of easy-to-understand questions and complete an online verified self-assessment. This is followed by an assessor review and verification of all systems and processes. Vessel owners are then provided with any necessary recommendations and advice on what they need to improve to achieve certification. Once verified certification is awarded for three years with annual self-assessments needed to demonstrate continued compliance.

Given the simplicity of the process and the potential risk to their business of non-compliance any owners and operators across the globe that have yet to comply with the IMO regulations would be well advised to get certified as quickly as possible.