The logistical system ensures goods circulate in the global trade system uninterrupted; however, there may emerge a threat that jeopardizes the huge logistical chain, even with one of the important links like a seaport targeted by cyber terrorists. The computerization of navigation and other important vessel and transportation management systems has brought as many benefits like cost efficiency and speed as it has vulnerabilities. Just as new technologies have penetrated the system of vessels control, so too have cybercriminals taking advantage of overreliance on IT and crew reduction. From changing the course of vessels of moving drugs in the biggest international seaports undetected, cybercriminals have succeeded in doing tremendous damage to the industry, yet companies would go silent before they would release the compromising reports of the cyber vulnerability of the transportation system and its elements. Measures like a concerted effort of European and other nations, the enforcement of legislation stimulating information sharing, and the use of an integral risk-based approach can be instrumental in mitigating the risk of cyber-attacks. The point is that cyber-attacks are more dangerous than believed due to under-reporting and other factors; thus, preventive measures are needed for the global trade market to remain busy and bustling with unhindered activity.
Cyber Threat Is More than Real. Nothing to Be Upbeat about
Whoever thinks of cyber-attacks as being nothing to worry about should consider the losses the different elements of the transportation system incur and the monetary gains of attackers. As with defense, aerospace, health insurance, banking, and entertainment industries, the maritime transportation sector has taken plenty of blows dealt by cyber offenders. Maritime interconnectedness goes on being a principal asset for American strategic and economic interests. The presence of such interests in the sector lure unscrupulous, opportunistic cyber criminals who can do great damage to the maritime transportation system. In the maritime sector, the actual incidence of attacks remains unknown, for businesses prefer not reporting the cases to going public with the record of assaults to avoid the risk of setting security experts, insurers or regulators, and investors alarmed. Thus, as of now, these reports are few and far between. Why they maritime transportation industry players also keep a low profile on the matter is because of what the revelation can mean to the industry. Once revealed, the number and rate of successful attacks can set other potential attackers thinking an effort may be worth taking, which is sure to ruin the quasi-strong image of security and impenetrability. However, the lack of reports is taking away from problem urgency that needs to be tackled and that quickly. Other analysts agree that if the number of known cases is low, it is because the maritime community has stayed tight-lipped with regard to attacks. In addition, timing and as well as luck have played into the hands of sector players. The use of state-of-the-art cyber safety technologies, the lack of attack opportunities, and immunity from such are not the case.
However, the elements of the maritime transportation system may be said to create opportunities for cyber criminals to capitalize on. Ports do not go to the bother to evaluate the security of their transportation hub. The Brookings Institution studied six American ports in 2013 only to find that one out of six had assessed its vulnerabilities to a cyber assault. No facility had done anything to develop a response plan in the event of such attack. A federal program was a recipient of 2.6 billion dollars in security improvement funds; however, no more than 1% of these has been spent on cyber security initiatives. While ships are becoming larger, crews are getting smaller. To quote an example of the tendency, The Triple E Maersk was the world’s biggest container vessel that was set to be launched soon at the time of article writing. Standing at 400 meters in length and having the capacity of an impressive 18.000 containers, it requires no more than 13 individuals to run.
Excessive reliance on modern information technologies and computerized systems can be counterproductive, considering the scope of appliances susceptible to hacking. Rear Admiral Paul Thomas opines that hackers are capable of rendering navigation systems disabled, interfering with vessel control, misappropriating secret information, and cutting off communications. The maritime industry has made a transition to technology in attempts to reduce delivery schedules and cost and improve production. Clearly, ship designers are becoming increasingly reliant on the automation of all systems, which aggravates the hacking risks that can result in principal system disruption. Indeed, virtually every vessel has built-in software managing its engines. As suggested by NCC Group, the vulnerabilities of security in maritime sector software are possible to use to lead vessels to run aground or malfunction. The international information assurance company has found the Electronic Chart Display and Information Systems, an IT product employed in the sector, to show the signs of vulnerability. The intense application of computer systems for container inspection, the handling of commodities at marine ports, merchandise distribution, quick unloading, and navigation. Overall, what are in an increased danger of a cyberattack are marine radar, cargo tracking, and automation identification systems, satellite communication, and vessels navigation.
Other analysts have identified but three chief sources of weakness in transportation system security, such as Electronic Chart Display and Information System, which is actually the system for viewing digital nautical charts, marine Automatic Identification System, and GPS. The spread of refined technologies prone to cyber assaults via radio frequency interference, whether intentional or otherwise has been the case recently. The natural causes of interference may also leave the system exposed. The technologies include Global Maritime Distress and Safety System, Voyage Data Recorder ”Black Box,” Computerized Automatic Steering System, GPS, Fluxgate, and Gyro compass systems, Automatic Radar Plotting Aid, Radio Direction and Ranging, Automatic Identification System, and Electronic Chart Display and Information System. Hackers can wage attacks against Enterprise Resource Planning software programs that are at the hub of all major processes and data of the majority of shipping companies. ERP is an integrated combination of software programs overseeing different business aspects like human resources, finances, and business processes, and assets.
It is not that only separate categories of the system using the technologies and systems are in peril. All maritime stakeholders stay exposed to the risk of cyber intervention since those conducting assaults look for ways to gain access to maritime networks. They stand to lose forasmuch as attacks may necessitate port closedown or delays, which entails financial losses to varying extents. With a single port out of operation, all connecting regional ports sustain losses. To quote a related example, losses caused by the closedown of 29 West Coast ports for the period of 11 days in 2002 turned 11 billion dollars. A decade after, in 2012, ports in the Northeastern part of the country lost five times as much. The interruption caused by Hurricane Sandy resulted in the deficit in the amount of 50 billion dollars. Labor disputes that erupted in the October of 2014 in ports on the Western Coast set Asian partners feeling the outcomes of undelivered commodities. Although the hurricane has nothing to do with cyber dangers any more than it is preventable, the example shows the price of interruption in the operations of a port, an element of a complex logistical transportation systems. A cyber-attack, if successful, can prove even more devastating than the hurricane has. The example shows that the interference with the critical element of the system for whatever reason results in consequences that make themselves felt even at the other far end of the system, and financial terrorists may do what hurricane or labor disputes do if not worse.
Someone’s losses is someone else’s gains, that is to say, cyber attackers targeting the components of the logistical transportation system derive profit from leaving trade facilities financially devastated. When it comes to money theft, attackers may mislead a company into transferring money straight to offenders, as was the case in the September of 2014 when cyberterrorists targeted money flows between bunker suppliers and shipping lines in what was the main-in-the-middle attack. Criminals may use ransomware, which is a cyber-assault, whereby offenders encrypt the database or computer of a victim who has no option left except to pay ransom money to receive the key for data decryption. In the maritime sector, there is no particular difference between ransomware and terrorists’ seizing or hijacking a ship and keeping it along with the crew hostage until paid for their release. When it comes to a container terminal, attackers may penetrate databases monitoring the location of containers within a terminal. In the case of a shipping line, such attack can come in the shape of operational or customer database encryption.
However, offenders can generate money by utilizing the elements of the maritime transportation system they use to receive significant, albeit illegal profit. It may be in the illegal movement of cargo that attackers may be interested. The illicit substance smuggling in Antwerp described in what will follow is one of cases in point while another is the breach of a customs system in Australia. The penetration of the port or customs system allowed offenders to move cargo unauthorized. Small wonder that the scrutiny of the facilities identified as many as 50 potential attack points against which to wage an assault, with penetration either facilitating or enabling attackers to move goods, without permission being granted. At times, the breach of one or two of such points would suffice to launch and fulfill an attack. Various organizations, such as logistics companies, shipping lines, customs authorities, terminals, ports, producers, and IT data portal providers, situated in a wide range of countries can have such attack points. Furthermore, attackers can avail themselves of multiple attack points within one company scattered throughout departments in multiple countries despite these not using the same IT infrastructure. With this in view, ghost shipping, which is sending a shipping container from one point to the other, without any facility employee having any idea, is an easy and straightforward operation to carry out.
A maritime cybersecurity group, Cyber Keel described the a group of narcotic smugglers as having recruited hackers at the back end of 2013 to move the illicit substances through the Port of Antwerp considered one of the biggest ports in Europe, the facility being second only to Rotterdam. How the intruders compromised the security of the transportation system element was through the avoidance of remote terminals to enable the release of containers, whereupon they erased the container transportation information ascribing this to ghost shipping. Given the information that ended up in the hands of the offenders, they would have provoked port disruption and extreme congestion if they had wanted to. Such instances compromise the reputation of commercial ports, its stakeholders, and the system of logistics. The very news of unrestrained moving of drugs through the port facility evokes negative images despite it being defined as a hostile culpable effort of cybercriminals. Lethal toxic substances could have been where drugs were, and extremists from al Qaeda or ISIS can stoop down to bringing such container aboard a cargo ship.
There is no better way to stress the gravity of the cyber threat in the maritime transportation sector than producing a wide range of actual examples of attacks. A trial over a Chinese producer is pending, with the defendant accused of having waged a zombie attack by implanting malware in inventory scanners in a desire to misappropriate supply chain intelligence. The malware of an undisclosed Chinese producer from Shandong province stole logistical, fiscal, and customer data. The Senate Committee on armed services reported hackers from China to have waged an attack called the advanced persistent threat in a winning effort. Contractors in the American Transportation Command experienced the assault in 2008. The US army appears reliant on commercial ships for humanitarian and strategic contingencies, with 95% of dry cargo of the American Forces delivered on a yearly basis. What happened back then was that the Chinese military came to compromise a variety of systems on the commercial vessel contracted by the Transportation Command for logistics routes. As follows from FBI reports, 8 TRANSCOM technical service providers and 2 shipping companies had their cyber system intruded in the timeframe between June 2012 and May 2013.
Somali pirates access navigational data online to set their choice on vessels to attack. Choice made, they go on to impel a vessel to turn off their navigational appliances. The pirates have also been known to fabricate the data making others believe they are in a different location at the moment. Who used to look like a group of armed, albeit otherwise inapt buccaneers now seem to be a genuine threat in terms of cyber safety. Speaking of simulated situations, scholars from the University of Texas employed a custom-made device to trick the GPS of an 80 million dollars’ worth of yacht causing it to steer off the course. Although simulated, the possibility may apply to larger ships in the maritime transportation system. The price of the vessel shows computerized navigational systems, no matter how sophisticated, do fall victim to virus-induced glitches.
As far as tools and approaches are concerned, cyber attackers are going to great lengths to find access to protected network systems responding to new security measures. To shut down ports or disrupt the navigation systems of vessels, cyber criminals may need no more than to purchase low-cost GPS jammers online. Losses caused by such GPS-jamming devices can run into billions, as they lead ship traffic to come to a standstill. New or preexisting Wi-Fi ports, conventional landline connections, and USB-introduced dangers like the extraction of information in Edward Sowden’s fashion or the installation of malware like Stuxnet. Attackers can take advantage of vulnerabilities in smaller systems to access bigger networks. While the approach may take plenty of time to apply for routine hacktivists, nation-state sympathizers and drug smugglers are likely to believe it the credible investment of resources.
Recommendations
Maritime stakeholders and the US Department of Homeland Security should predict the risks to maintain conditions for commerce flow to grow maximized all the while avoiding the establishment of regulation with the potential of reducing the pace of trade and obstructing business. Ship and port network systems endeavor to put new technologies into service making a shift from conventional stand-alone systems. The integration of maritime industrial control systems is under way. The transportation system would be better off having the US Department of Homeland Security continuing its cooperation with the program of the National Institute of Standards and Technology of the Department of Commerce. One of things for the Administration to do is make an emphasis on the recently established Cyber Threat Intelligence Integration Center that accumulates information related to cybersecurity across the government. It is essential to simplify the reporting of cyber dangers ensuring the interdepartmental exchange of information and the swift, unimpeded reporting of a danger to a department concerned seeing that attacks may materialize in a matter of seconds. Stakeholders will be able to respond to a cyber danger in a timely manner.
The system of transportation would also be best served by having Congress take measures. What the legislative body will need will be to readdress laws on stimulating the exchange of cyber information. The US Computer Emergency Readiness Team and the Department of Homeland Security have been in the vanguard of such information sharing before. With both in the lead, stakeholders will need to agree on danger-defining language. Congress will need to stimulate cyber data exchange among port stakeholders at private businesses, agencies, and federal departments in a legal fashion making it easier than it presently is. The stimulating of data sharing embraces cooperation with international partners since US port networks have no way of knowing the means by which cybercriminals may attack the elements of the transportation system. At the domestic level, agencies ought to address simplicity and continuity in cyber danger identification, such as the severity and definition of attacks, dangers, and solutions all the while refraining from the establishment of catchall regulations that do nothing but obstruct business. The involvement of state legislative institutions like Congress will show political will and dedication to maritime transportation security at all levels. It is not that the inter-institutional cooperation or involvement of Congress caliber state bodies is inapplicable in other countries since their economies have as much to offer in terms of lucrative transportation logistical targets as the USA does.
Countries need to conduct awareness raising programs in the maritime industry. National cybersecurity offices, port authorities, and shipping companies must introduce cybersecurity training. A shared strategy and development of good practices for the implementation of information and communications technology system and technology development will guarantee security by design for all vital maritime IT elements. Policy makers need to add cybersecurity to present maritime policies and regulations that tend to address the physical components of safety and security for the most part. Organizations like the EU Commission and the International Maritime Organization would better align EU and international polices in the maritime transportation sector to minimize the counterproductive fragmentation of maritime governance between national, European, and international levels. What the recommendation offers is the approach synthesizing the policies adopted at different levels into a unified code of regulation, which can make for an efficient system of cyber-attack prevention through a concerted effort. A strong recommendation is that organizations involved in the transportation system use an integral risk-based approach, identify all vital assets that require due protection, and evaluate maritime cyber risks.
Conclusions
The maritime transportation system has gained a new look in recent decades, which has brought its benefits like speed and cost efficiency. However, the computerization of the transportation system and its instruments, such as vessels, has increased their exposure to cyber threats. Somali pirates change the course of ships, narcotic dealers arrange for drug-stuffed containers to pass control points undetected, the US military experience attacks waged by the Chinese who also target companies linked to the maritime transportation. Unfortunately, the lack of adequate reporting has but worsened the status quo in the industry, as it presents the situation as controllable, without disclosing the appalling facts of maritime cyber security compromising. The industry actors should have more sense than to leave the cases unreported at least to investigative bodies. Measures like a concerted effort of European and other nations, the enforcement of legislation stimulating information sharing, and cyber risks evaluation can help reduce the number of cyber-attacks. Maritime facilities would do better to improve their security and conduct routine safety assessment.
Bibliography
Belmont, Kate B. “Maritime Cyber Attacks: Changing Tides.” The Maritime Executive, November 16, 2015. Accessed March 7, 2016. http://www.maritime-executive.com/blog/maritime-cyber-attacks-changing-tides
CCICADA. “CCICADA Addresses the Growing Threat of Maritime Cyber-Attacks.” January 29, 2015. Accessed March 7, 2016. http://www.ccicada.org/2015/01/29/ccicada-addresses-the-growing-threat-of-maritime-cyber-attacks/
CCICADA. “Cyber Attacks Could Paralyze US Ports, Captain Moskoff Tells CCICADA.” January 29, 2015. Accessed March 7, 2016. http://www.ccicada.org/2015/01/29/cyber-attacks-could-paralyze-us-ports-captain-moskoff-tells-ccicada/
Cyber Keel, Maritime Cyber-Risks. Virtual Pirates at Large on the Cyber Seas. (Copenhagen, Denmark. 2014), 15-17. http://www.sfmx.org/support/amsc/cybersecurity/webdocs/Maritime%20Cyber%20Crime%2010-2014.pdf
“Cyber Security Aspects in the Maritime Sector.” ENISA. European Union Agency for Network and Information Security. n.d. https://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/dependencies-of-maritime-transport-to-icts
Paganini, Pierluigi. “Modern Maritime Ships Are Considered a Privileged Target for Hackers and Pirates that Are Increasing Their Pressure on the Maritime Shipping Industry.” Security Affairs. March 31, 2015. Accessed March 7, 2016. http://securityaffairs.co/wordpress/35504/hacking/hacking-maritime-shipping-industry.html
Pauli, Darren. “Infected Chinese Inventory Scanners Ships off Logistics Intel.” The Register. July 11, 2014. Accessed March 7, 2016. http://www.theregister.co.uk/2014/07/11/infected_chinese_inventory_scanners_ships_off_logistics_intel/
Solomon, Michael G. Security Strategies on Windows Platforms and Applications. 2nd ed. Jones & Bartlett Publishers, 2013. https://books.google.com.ua/books?id=hYhSAAAAQBAJ&pg=PA299&dq=ERP+software+platforms&hl=uk&sa=X&ved=0ahUKEwjD9unO867LAhVq8HIKHY8-DHsQ6AEIMjAA#v=onepage&q=ERP%20software%20platforms&f=false
Wagstaff, Jeremy. “All at Sea: Global Shipping Fleet Exposed to Hacking Threat.” Reuters. April 23, 2014. Accessed March 7, 2016. http://www.reuters.com/article/us-cybersecurity-shipping-idUSBREA3M20820140424
Walters, Riley. “The US Needs to Secure Maritime Ports by Securing Network Ports.” The Heritage Foundation. February 23, 2015. Accessed March 7, 2016. http://thf_media.s3.amazonaws.com/2015/pdf/IB4353.pdf
