CYBER-ATTACKS on the maritime industry's operational technology (OT) systems are expected to reach record numbers by year end, after soaring 900 per cent over the past three years
In addressing port and terminal operators during a recent
online forum, Robert Rizika, Naval Dome's Boston-based head of North American
Operations, explained that in 2017 there were 50 significant OT hacks reported,
increasing to 120 in 2018 and more than 310 last year. He said this year is
looking like it will end with more than 500 major cyber security breaches, with
substantially more going unreported.
He said that since NotPetya - the virus that resulted in a US$300 million loss for Maersk - 'attacks are increasing at an alarming rate'.
Emphasising the economic impact and ripple effect of a
cyber-attack on port infrastructures, Mr Rizika revealed that a report
published by Lloyd's of London indicated that if 15 Asian ports were hacked
financial losses would be more than $110 billion, a significant amount of which
would not be recovered through insurance policies, as OT system hacks are not
covered.
Going on to explain which parts of the OT system - the
network connecting RTGs, STS cranes, traffic control and vessel berthing
systems, cargo handling and safety and security systems - are under threat, Mr
Rizika said all of them.
'Unlike the IT infrastructure, there is no 'dashboard' for
the OT network allowing operators to see the health of all connected systems.
Operators rarely know if an attack has taken place, invariably writing up any
anomaly as a system error, system failure, or requiring restart.
'They don't know how to describe something unfamiliar to
them. Systems are being attacked but they are not logged as such and, subsequently,
the IT network gets infected,' Mr Rizika said.
'What is interesting is that many operators believe they
have this protected with traditional cyber security, but the fire walls and
software protecting the IT side, do not protect individual systems on the OT
network,' he added.
Where OT networks are thought to be protected, Mr Rizika
said they are often inadequate and based on industrial computerised system,
operating in a permanent state of disconnection from the network or,
alternatively, connected to port systems and the equipment manufacturer's
offices overseas via RF radio communication (wi-fi) or a cellular network (via
SIM).
SeaNews — 13 Aug 2020