Unlike enterprises or fixed-location systems, maritime vessels face unique challenges due to rotating crews and remote positions. A lack of industry-wide cybersecurity practices has robbed the industry of hundreds of millions of dollars. Turning a blind eye to this danger is an open surrender to cyberattacks, leaving countless openings for opportunistic hackers to infiltrate ships’ software systems.
Hijacked ships being held for ransom or run aground into a reef or dock, risks catastrophic damage to humans and natural habitats alike. Beyond that, the blow dealt with a company’s reputation may take years to recover from, resulting in a significant loss of revenue and consumer confidence. Notably, Maersk’s 2017 cyberattack had a rapid response, resulting in a minimal loss of only 300 million dollars.
In order to secure investments and ensure security, practical solutions must act on their own, without human intervention.
Unique Challenges
Today’s market has no lack of quality cybersecurity software, but when it comes to the maritime industry and its unique set of challenges, most of the existing solutions do not fit.
Legacy solutions lack viability. No cybersecurity software accounts for protecting a floating mini-city forced into radio silence. Cargo ships, cruise liners, and offshore rigs face greater cybersecurity challenges than the International Space Station. The difference is: astronauts spend two years preparing for a single mission, while deckhands have zero computer expertise.
Modern maritime vessels rely on unstable, low-bandwidth, and choppy communication. With such a massive area and so few people, there is no room for an IT expert. In reality, the inability to secure a vessel with maritime-focused cybersecurity solutions is of greater concern than a poorly screened crew.
These increasingly digitally-managed ships rely on outdated systems, some running Windows XP, without a means to properly encrypt information. If a compromised ship has been given new coordinates, the onboard system has no cloud to rely on and no IT department to ask. Tech support is simply unavailable at sea.
Even if a ship’s captain were to determine that a security breach has occurred, they would have no way to address it. Without regulated protocols to secure all connected devices from ship to port, the frequency of cyber-attacks will continue to climb.
Solutions
Crews and cargo transport all kinds of smart devices– each a potential gateway for hackers. The first step to countering a cyberattack is acknowledging it. Any viable system which is expected to block an attack can not shut down and wait for instructions. The risk of irreversible damage is too great.
Conclusion
An immobile ship loses money and a compromised ship ruins reputation. With our global economy becoming increasingly accessible, we at Elron expect to see a rise in global shipping and cruising. A secure maritime industry is a secure global economy.
To make this a reality, the ecosystem must develop and implement maritime-specific solutions. Rapid and autonomous response cybersecurity solutions are the only option. Patchworking legacy solutions are ineffective and risk the whole ecosystem.
A product that can act quickly and self-correct is an essential piece of technology when it comes to a vessel’s security. Simply encouraging companies to implement a cybersecurity solution by 2021 is not enough. We are investing in securing the industry today.
About Zohar Rozenberg