Cyber Pirates Prowling Ship Controls Threaten Another Big Shock

In February 2019, a large container ship sailing for New York identified an intrusion by cyber pirates on board that startled the US Coast Guard.

Though the malware attack never controlled the vessel’s movement, authorities concluded that weak defenses exposed critical functions to “significant vulnerabilities.”

A maritime disaster didn’t happen that day, but a warning flare rose over an emerging threat to global trade: cyber piracy is able to penetrate onboard technology that’s replacing old ways of steering, propulsion, navigation, and other key operations. Such leaps in hacking capabilities could do enormous economic damage, particularly now, when supply chains are already stressed from the pandemic and the war in Ukraine, experts including a top Coast Guard official said.

“We’ve been lucky so far,” said Rick Tiene, vice president with Mission Secure Inc., a cybersecurity firm in Charlottesville, Virginia. “More and more incidents are happening, and the hackers are getting a better understanding of what they can do once they’ve taken over an operational technology system. In the case of maritime — whether it be the ports or the vessels themselves — there is a tremendous amount that could be done to harm both the network and physical operations.”

Rear Admiral Wayne Arguin, the Coast Guard’s assistant commandant for prevention policy, said shipping faces cyber risks similar to those in other industries — it’s just that the stakes are so much higher given that almost 80% of global trade moves on the sea. While Arguin declined to put a number on the frequency of attempted break-ins, he said “I feel very confident that everyday networks are being tested, which really reinforces the need to have a plan.”

“A potential intentional attack could really stress the system and we’re certainly thinking about how to shore that up,” Arguin said in an interview. “When you couple that with the sensitivity of supply-chain disruptions, it does have the potential to be devastating to the marine transportation system.”

That universe includes not just ship operators but port terminals and the thousands of logistics links in global supply chains that are increasingly interconnected.

Hackers have hit major logistics operations several times already this year. Jawaharlal Nehru Port Trust, India’s busiest container port, suffered a ransomware attack in February.

A targeted attack on Expeditors International of Washington Inc., a large freight-forwarding company, crippled its systems for about three weeks and led to $60 million in expenses.

Blume Global Inc., a supply-chain tech company based in Pleasanton, California, said in early May that a cyber incident temporarily made its asset-management platform inaccessible.

Source: Bloomberg

To read the full original article, please go to: https://www.bloomberg.com/news/articles/2022-06-28/cyber-pirates-prowling-ship-controls-threaten-another-big-shock

Sharing is caring!