Hub Blog

10th August 2020

Prevention as a means to improve maritime—mitigating the risks of cyberattack

As the world continues to battle against the impact of Covid-19 and the working changes it has brought about, the real risks of a cyberattack have magnified. According to the World Economic Forum, cyberattacks are now one of the top five global risks. This is an upwards trend irrespective of industry sector, and the maritime industry is no exception.

Cybersecurity for Space and other Critical National Infrastructure Domains was the topic of our recent 2050 Innovation Hub virtual event, presented by Matteo Merialdo, a Security Research and Development Expert at Rhea Group.

According to a recent British Ports Association (BPA) report, the number of attacks made against organisations has quadrupled in the past few months. Cyber-criminals are aggressively targeting the maritime industry for many reasons, including the vulnerabilities exposed as knowledge workers in many companies transition to working from home. This creates a major risk for security because the attack surface has expanded, making it harder to secure company assets and data.

Like the countries battling against the Covid-19 virus know all too well, mitigating the risks of a cyber security attack is rather like a virus control strategy. It is far better to prevent an attack in the first place, by implementing some basic hygiene approaches such as strong passwords and up to date virus protection, properly configured firewalls and ongoing network monitoring, than trying to fight it off once an infection has occurred. This is one of the underlying problems facing maritime and all other industries. Not enough is being invested in cyber defence to reduce cyber-crime, which currently costs the world economy around $2 trillion a year.

More recent cyberattacks are increasingly well funded and sophisticated, designed not just to disrupt operations by using ransomware to restrict access to data, but advanced malware to actually destroy an organisation’s ability to process data in the future. As levels of automation employed increase, for example with autonomous machinery and robot ships, the strategic risks posed by these kinds of cyberattacks will increase significantly.

This threat was experienced first-hand in the maritime sector by Maersk. Its ‘NotPetya’ attack in 2017 was explicitly designed to destroy data-processing capability and it cost the company $350m in lost revenues. But it’s not just IT and office systems that are vulnerable. Operational technologies, including industrial control systems, SCADA systems and ship-borne non-Internet facing systems are all vulnerable to cyberattacks. In 2018, Forrester Research highlighted that 60% of the organisations they surveyed had suffered a breach to their industrial control (ICS) or supervisory control and data-acquisition (SCADA) systems. Now that figure will be even higher.

As our seminar with Rhea Group highlighted, apart from implementing basic hygiene principles, the most effective way to ready an organisation for the threats of a cyberattack is to use a cyber range, such as the CITEF platform. This is a virtualised, safe environment in which three ‘security by design’ needs are supported: knowledge development (education); system development (R&D), and system assurance (certification).

Using a cyber range, cyberattack response plans can be rigorously tested and teams can be trained to cope with the latest threats. Employing technology like digital twins, realistic emulations can be conducted to rigorously test and evaluate responses to attack. It is suitable for use by critical national infrastructure providers such as the Port of Tyne, which is a designated Operator of Essential Services (OES).

The use of cyber ranges is set to increase very rapidly. According to Gartner, less than 1% of organisations were using cyber ranges in 2018 and their deployment is expected to rise to 15% of organisations by 2022, including the Port of Tyne.

In the future, as ports begin to introduce greater levels of automation and connectivity, using Internet of Things (IoT) technology, properly mitigating the risks of a cyberattack will become more important. Security breaches in the maritime sector will threaten the operation of mission critical systems that organisations like the Port of Tyne rely on every day. Once security is compromised it is too late, so it’s important to take full advantage of resources like cyber ranges and prevent these problems from occurring.