Prevention better than cure, as hackers get more sophisticated

Friday, March 26th, 2021 in: News

Being cyber secure is one of those things that every ship owner and terminal operator wants, but some don’t understand what it means or how to achieve it.

In this article we lay out the risks, what an attack can do to an operation and most importantly, how to avoid one.

The bottom line is that hackers are sophisticated, swift and continually changing their approach. It has been reported many times in recent years that cyber incidents are on the rise. One survey by Naval Dome, an Israeli defence company, estimated that there had been a 400% growth in attempted attacks on maritime targets between February and June 2020.

An attack often comes out of the blue, and the results can be devastating. Plus, size of enterprise appears to be no deterrent.

A burglar, for example, will case a joint before entering, taking what they want, perhaps making a mess, and leaving. Vital information may be stolen. In the cyber world it is the same, except the ‘mess’ may be harder to spot, more difficult to clear up and may go much deeper and be more damaging to a business. If a hacker accesses a ship’s digital core, it could prevent any internet-enabled activity. A ship without the ability to communicate could quickly be deemed ‘off hire’ by a charterer or lose its class certification.

Furthermore, studies show that companies less than five years old that are hit by a cyber-attack increase their risk of going bankrupt within the next six months by 60%.

In the last few months numerous container majors and even the IMO have been victims and Covid-19’s social restrictions have seen the increased use of remote connectivity by OEMs, technicians, and others to service ships. This is likely to have widened the possible attack surfaces and increased the number of incidents further still.

IMO guidelines

The IMO guidelines are designed to create a system of continuous improvement for cyber-risk management. Shipowners and operators must now be able to demonstrate that they have taken cyber risks fully into account in their SMS and that they are improving their risk management and adapting their procedures and processes as the complexity and danger from digital attacks evolves.

The first steps to take when updating your cyber risk management are to specify which of your systems are critical, what vulnerabilities do they have, and who will be responsible for administering and supervising those systems. Once that is complete, risk control processes must be regularly tested, and where there are lessons to be learned, these should be embedded within ongoing resilience and contingency planning.

Cyber-insurer Astaara has analysed the new rules in depth and can explain the new processes and obligations in more detail.

Where Astaara comes in

Failure to comply with IMO cyber recommendations can have huge consequences. If an owner of a vessel cannot show that it has performed appropriate due diligence in managing its cyber risks in line with the new guidelines, the vessel may be detained or ultimately found to be unseaworthy.

Similarly, many financing agreements require compliance with all elements of the ISM Code. It is therefore possible that a breach of the Code could put a borrower in default on his loan contracts.

Astaara Risk Management can successfully guide shipping companies through the five fundamental stages of compliance. Using a three-stage delivery model (discovery, verification and report) the Astaara Cyber SMS Review provides shipping companies and their ships with a review of their cyber capabilities against Astaara’s Cyber IMO SMS Maturity Model. We provide a gap analysis and report back showing your cyber posture relative to the IMO standards, and where you can improve.