CYBER-ATTACKS on the maritime industry's operational technology (OT) systems are expected to reach record numbers by year end, after soaring 900 per cent over the past three years
In addressing port and terminal operators during a recent online forum, Robert Rizika, Naval Dome's Boston-based head of North American Operations, explained that in 2017 there were 50 significant OT hacks reported, increasing to 120 in 2018 and more than 310 last year. He said this year is looking like it will end with more than 500 major cyber security breaches, with substantially more going unreported.
He said that since NotPetya - the virus that resulted in a US$300 million loss for Maersk - 'attacks are increasing at an alarming rate'.
Emphasising the economic impact and ripple effect of a cyber-attack on port infrastructures, Mr Rizika revealed that a report published by Lloyd's of London indicated that if 15 Asian ports were hacked financial losses would be more than $110 billion, a significant amount of which would not be recovered through insurance policies, as OT system hacks are not covered.
Going on to explain which parts of the OT system - the network connecting RTGs, STS cranes, traffic control and vessel berthing systems, cargo handling and safety and security systems - are under threat, Mr Rizika said all of them.
'Unlike the IT infrastructure, there is no 'dashboard' for the OT network allowing operators to see the health of all connected systems. Operators rarely know if an attack has taken place, invariably writing up any anomaly as a system error, system failure, or requiring restart.
'They don't know how to describe something unfamiliar to them. Systems are being attacked but they are not logged as such and, subsequently, the IT network gets infected,' Mr Rizika said.
'What is interesting is that many operators believe they have this protected with traditional cyber security, but the fire walls and software protecting the IT side, do not protect individual systems on the OT network,' he added.
Where OT networks are thought to be protected, Mr Rizika said they are often inadequate and based on industrial computerised system, operating in a permanent state of disconnection from the network or, alternatively, connected to port systems and the equipment manufacturer's offices overseas via RF radio communication (wi-fi) or a cellular network (via SIM).
SeaNews — 13 Aug 2020