Cyber security has become front of mind for the Australian maritime industry in recent months, with the Government highlighting transport as a focus area in its Cyber Security Strategy, and the establishment of a Port Cyber Security Forum earlier this year.

A report from the World Economic Forum highlights cyberattacks on critical infrastructure – including maritime transportation – as the world’s fifth highest risks in 2020. That’s quite a feat in the year that we’ve had.

It also comes at a time when the maritime industry is evolving at a rapid pace, aiming to improve service levels and efficiency. We’re seeing the introduction of intelligent transportation systems (ITS) becoming more connected and complex, which – while necessary to drive innovation – can leave shipping companies open to attack.

Balancing act between innovation and security

The grey area in meeting this balance is the transition period – maritime organisations moving from older to new, more intelligent systems creates an opening where there are often vulnerabilities to be discovered.

Innovation stops for no one and the maritime industry is no exception, but some of the most common threats hindering it include staff or suppliers unintentionally causing cyber incidents; cyber criminals breaching shipping operations or altering documents to enable drug smuggling or similar criminal activity; and threat actors halting ship-to-shore functions, stopping the flow of goods.

As the industry responsible for the vast majority of Australia’s trade, the appetite and necessity to become more digitised are strong, with the aims of improving efficiency and reducing cost. Shipping companies strive for optimised voyages where things like load condition, fuel consumption and machinery performance can all be automated and remotely monitored.

This drive is leading to strong investment in maritime autonomous systems (MAS), where modern ships can be remotely monitored, and even controlled, from land.

The balance is off where it comes to protecting these assets – system visibility and cybersecurity maturity in the sector are relatively low. This is not just an issue in Australia, but worldwide and the nature of the industry means worldwide effort is needed to improve this.

Malcolm Bailie talks cyber risks. Credit: Nozomi Networks

Challenges include ships accommodating devices and systems that are unknown to their operators. Crew are also not typically trained on how to identify phishing emails, potential ransomware attacks or even manage network access control.

The cost here is huge – beyond the incredible financial damage that can come from transport systems shutting down, which can be further enhanced by insurance premium hikes, local and international reputation can take a serious hit.

Even the most dramatic and detrimental of events such as a vessel capsizing due to hacking are extremely unlikely, but not impossible through cybercrime. The impetus to protect these systems needs to be as strong as the impetus to innovate.

Visibility over the unknown

To help reduce risk, comply with international shipping standards and meet insurer requirements, shipping companies need to invest in cyber resiliency. Key to this is the identification of all maritime assets and tracking their communications. Networks should be monitored for vulnerabilities, threats and unusual behaviour that might indicate a cyberattack.

Operational technology and IoT visibility can be used to improve operational availability and cyber resiliency, both becoming vital assets to the industry. This is particularly important in the transition period from older to newer systems, aiding and helping to secure the industry’s complex digital transformation needs.

The lack of visibility over often unknown systems is a key issue to address – security and operations teams need a simple way to inventory these systems and gain deep visibility across all of them.

Once that inventory is complete, shipping companies can get a macro view of the ITS in place, the role of each system and traffic between them, and automated alerts that bring hardware, software and device changes to your attention.

With the right technology and a focus on best practices, maritime organizations can increase operational resiliency and enable secure transformation at a crucial time for Australia.

This will not just drive Australia’s maritime industry, but other industries such as manufacturing, which are crucial to our economic recovery and require secure, efficient import and export of materials

Malcolm Bailie is manager solutions delivery and projects (APAC) for industrial cyber security, operational technology and IoT company Nozomi Networks