Connect with us

Hi, what are you looking for?

Tech & Science

Shipping industry at risk of cyberattacks by hackers and pirates

The shipping industry is facing a wide range of attacks from actors with a variety of motives. The activity is steadily increasing but many shipping companies are still oblivious to its presence. As explained in a BBC report today, shipping firms believe both their logistics systems and their ships are “pretty safe.”
It’s becoming clear that’s far from the case though. There’s been a variety of cyberattacks against the industry recently, ranging from the NotPetya ransomware to targeted attacks on individual firms. In some instances, the malicious actors are regular fraudsters looking to make money from the companies.
This was the case at a shipping firm that inadvertently sent millions of dollars to criminals. The hackers had placed malware that tampered with emails containing invoices from the firm’s fuel supplier. When an invoice arrived, the malware would change the bank account number to make the payment to.

A worker stands near a crane unloading shipping containers from a cargo ship at a port in Lianyungan...

A worker stands near a crane unloading shipping containers from a cargo ship at a port in Lianyungang
China Daily China Daily Information Corp – CDIC / Reuters


READ NEXT: Over half of Windows 7 PCs have no antivirus installed
In others known attacks, modern-day pirates are using cyberattacks to seek out valuable goods on ships. One example cited by the BBC included a case that Verizon’s cybersecurity team was asked to handle.
An unnamed global shipping firm was hacked by pirates. They accessed its IT systems to monitor the progress of valuable goods through its network. After identifying vessels containing the target goods, they boarded the ship and made off with a container found using its barcode.
On a grander scale, entire ships are being held up by malware infecting their systems. Container ships, tankers and other merchant vessels have been infected by viruses that leave their navigation equipment, engine controls and on-board machinery inoperable. Often, the malware makes its way onto the ship through low-tech methods, such as a compromised USB stick. The crew are usually unaware of the risks that removable storage can pose.
The problem is becoming so severe that some vessel operators are looking back in time for a solution. Earlier this month, Fortune covered how World War Two-era radio systems are being brought back as a fall-back option in the event of GPS failure.

A cargo ship passes through the Panama Canal's Miraflores Locks in Panama City on May 9  2013

A cargo ship passes through the Panama Canal's Miraflores Locks in Panama City on May 9, 2013
Rodrigo Arangua, AFP/File


READ NEXT: Microsoft sees cyberattacks as part of the ‘fabric of reality’
Solutions being developed separately by the U.S., U.K., South Korea and Russia all use conventional radio waves instead of modern-day hackable protocols like GPS. Jamming the system requires a transmitter around a million times more powerful than a regular GPS jammer. Shipping companies involved in the trials are said to be welcoming the idea as it allows the GPS signals to be cross-checked with another technology.
The rise in cyberattacks against shipping firms is an important reminder that no industry is immune from cyberthreats. Only recently have vessel operators come to realise the glaring holes in their approaches to cybersecurity.
The International Maritime Organisation (IMO) has published a set of guidelines to help ship owners secure their software, signalling a shift in attitude inside the industry. Mending the problem is likely to take a long time though, even as awareness grows.

Written By

You may also like:

Entertainment

On December 3rd, veteran actress and musician Alicia Witt made her debut at 54 Below in New York City.

Business

While many hiring managers may overlook a white lie or two, a well-written CV will clearly include examples of your individual contribution.

Business

Alberta government juggles needs of AI data centre infrastructure while maintaining energy stability and affordability.