Vessel Vulnerabilities: Why Attackers Increasingly Target Maritime

Maritime is at the center of global trade and many sectors rely upon the industry for safe transportation of critical goods. For instance food imports and building supplies. Despite this criticality, maritime infrastructure remains vulnerable and largely insecure. This article outlines some vulnerabilities, especially relating to vessels out at sea.

Systems within vessels are impacted by OT/IT convergence, lacking maritime-specific defense and system visibility, and this is not helped by lack of policies and training. These vulnerabilities are combined with increased attacker incentives, relating to vessel criticality, potential for disruption and piracy.

OT/IT convergence

Convergence of OT/IT systems onboard vessels inevitably leads to an increase in potential vulnerabilities that can be explored to penetrate vessel systems. Outdated hardware and software make development of new viruses for vessels as simple as adopting existing ones from the offshore industry.

System Visibility

Many organizations lack visibility over their vast and complex networks, leaving a potential myriad of entry points for would-be criminals.

Maritime specific cyber defense

This is worsened by maritime’s lack of preparedness for cyber attacks. There are few maritime specific protection tools, such as Intrusion detection systems for NMEA protocols. In addition, maritime OEMs are slow to patch new vulnerabilities, generally attributed to lacking industry level cyber awareness.. This leaves many great opportunities for hackers.

Policies and Training

In extension, the industry generally lacks cybersecurity policies, crew cyber training, and cyber hygiene and awareness. This contributes to the lack of preparedness, making vessels an easy target for attackers.

Incentives

Finally, these vulnerabilities are becoming increasingly problematic, due to increased incentives for attackers to target maritime. Firstly, vessels play a key role within the global supply chain. This means attacks have expensive and far-reaching consequences, which is ideal for attackers incentivized by disruption.

The maritime sector is also a “perfect” target for terrorist attacks as simple cyber penetration can lead to ship collisions, sinking and explosions, leading to substantial collateral damage. A final motivation is piracy. This problem is still rampant in many areas and modern (“commercial”) pirates employ advanced tools provided by cybercriminals. One example is to steer a vessel off course, and lead them into an area where pirates can effectively invade the vessel. Another is blocking communication from ship to shore, preventing the crew form calling for help.

Source: Hellenic Shipping News