Nowadays, the maritime industry has become increasingly vulnerable to cyber threats. From shipbuilders to IT vendors to ports, no part of the industry is immune. Since 2022, there were five major maritime cybersecurity incidents* highlighting the need for increased vigilance and improved cybersecurity measures.
One of the incidents occurred at Singapore shipbuilder Sembcorp Marine, where an unauthorized user gained access to the IT network through third-party software. Although the company stated that it did not expect the incident to have a significant fiscal impact, it nevertheless underscores the need for robust cybersecurity measures to prevent such incidents from happening.
Another incident occurred at Voyager Worldwide, a Singapore-based maritime IT solutions vendor whose operations support more than 25% of shipping companies worldwide. In December 2022, the company fell victim to a cyberattack that brought all systems down. According to DSLAB, the incident seemed to have spread cyberattacks to shipping companies through IT service vendors.
In addition, a Marine IT company and four additional shipping companies suffered ransomware damage in December 2022. The cyberattack group “PLAY” published data of the affected companies on the dark web in January 2023.
Port of Lisbon
The Port of Lisbon was suspended for four days after a cyberattack on the port’s website and internal computer system on the 25th of December 2022. Lock Bit, a cyberattack group, claimed to be behind the incident and threatened to release stolen data unless they were given $1.5 million by the 18th of January.
The stolen data contained sensitive information could increase the risk of other cyberattacks, such as phishing.
Norwegian shipping classification society DNV has confirmed that its software was hit by a ransomware attack on January 7. DNV stated that 70 customers operating around 1,000 vessels were impacted by the attack, close to 15% of its total fleet.
*Digital Ship 1st Quarter 2023, p.18
The rising threat of Ransomware and Malicious Tools
The rise of cyberattacks on software update servers used on ships is expected to increase and affect ships and shipping companies. To prevent such attacks, more advanced cybersecurity measures should be put in place on ships as they are considered critical infrastructure. Additionally, recent reports on 2022 global ransomware family detections show a significant increase in ransomware attacks. Some of the most prevalent ransomware families detected include LockBit, HelloXD, Zeppelin, and Phobos. Furthermore, various malicious tools were used in global ransomware campaigns in Q3 2022, such as remote access trojans (RATs) and ransomware-as-a-service (RaaS) platforms, highlighting the ongoing threat posed by ransomware attacks and the need for robust cybersecurity measures to prevent them.
Lessons learned from cyber attacks
The recent cyber attacks on the maritime industry highlight the importance of not only protection but also response plans. Companies need to establish an internal threat team to assess emerging threats and regularly update response plans. Data protection and recovery strategies should be put in place, including network segmentation to reduce the attack surface and ensure operations can continue even if the network is knocked offline. Additionally, a contingency plan must be in place to keep operations running while recovering from a cyberattack. Taking these crucial steps can help maritime companies enhance their cyber resilience, reduce the risk of cyber-attacks, and minimize the potential impact of any incidents that do occur.
UNI VM, the awarded solution for Maritime Cyber Safety
Uni is a virtualization solution for vessels that provides a high availability, active-active cluster for managing onboard systems and applications. It offers customization options that can adapt to any IT infrastructure on board, utilizing existing equipment and high-end specs. MarPoint’s Central Management Platform provides a holistic approach to IT infrastructure management, ensuring a seamless and efficient operation.
MarPoint’s solutions are designed to comply with IMO 2021 guidelines and IACS URs E26 & E27 for cyber safety, making them a reliable choice for businesses seeking to enhance their cyber resilience and minimize the risk of cyber attacks.
The Evo2 Router is an ABS Class-Approved multi-WAN network management solution that provides seamless internet connectivity, independent of the airtime provider. Equipped with redundant hardware components, it ensures true failover and advanced network management capabilities.
Its enterprise-grade firewall, DNS and application filtering, and network segmentation provide a strong basis for cybersecurity and safe operations. The router’s control panel and reporting system make it easier to monitor and manage the vessel’s network infrastructure, while its integration with MarPoint’s Network Asset Management platform allows for automated asset discovery and documentation processes.
M.I.T.S. Global: Maritime IT Onboard Services
M.I.T.S. Global offers safe and high-quality IT services in over 160 ports across 60+ countries, with more service stations added regularly.
Our global network of maritime partners ensures professional, cost-effective, and time-efficient services for scheduled and emergency needs. We provide a range of services including IT infrastructure inspection, maintenance, recovery, software installation, patching, and cable checks and repairs. Our aim is to simplify the complexities of port and travel restrictions and save costs by eliminating the need for your IT engineers to travel to distant locations.
Maritime IT Managed Services for Effective Cybersecurity
MarPoint’s unique added value IT Managed Services can provide a dedicated IT project manager and a committed IT team for 24/7/365 via an automated ticketing system with standardized response times according to the event.
Maritime IT Managed Services provide continuous monitoring and vulnerability assessments to detect and resolve potential threats quickly. These services also assist in developing response plans and establishing data protection and recovery strategies.
Recent cyberattacks highlight the need for the maritime industry to prioritize cybersecurity. Proactive measures can minimize harm to businesses and the industry.
MarPoint offers customizable, compliant, and value-added solutions to enhance cyber resilience, reduce risks, and minimize the impact of incidents.
In today’s rapidly evolving cyber threat landscape, investing in MarPoint’s solutions is essential for any shipping company seeking to protect assets, reputation, and the bottom line.