The new face of piracy: cyber crime is threatening the shipping industry
When you think of the word pirate, you probably start to imagine the yo ho ho, Jack Sparrow-sort of buccaneer from Disney movies.
Modern-day piracy comes in two varieties. There’s the digital kind: people illegally downloading music or films from the internet.
Then there’s the more traditional kind: groups who hijack sea vessels to steal the cargo, or hold the crew hostage and demand ransom. The East African country of Somalia has become synonymous with modern-day piracy due to the high number of attacks originating from there.
The International Maritime Bureau reports that there has been 156 incidents of this kind of piracy in the first nine months of 2018, compared to 121 in the same period last year.
Now it seems that these two kinds of pirates are merging together.
Piracy has gone high tech, and cargo ships, oil tankers, and superyachts are facing an increasing threat from cyber attacks. Last year, for example, the “NotPetya” virus (the one that brought the NHS system to its knees) destroyed maritime giant Maersk’s computer network, causing estimated damage of $300m.
And this isn’t just an issue for shipping companies, but one that could have severe consequences for the global economy. In the UK alone, the marine and shipping industry supports around £40bn of business turnover.
Skull and bones
To find out about the shipping industry’s battles with cybercrime, I spoke to Itai Sela, a former Israeli navy commander and now the chief executive of cyber security firm Naval Dome.
As Sela explains, cyber hackers can attack ships in multiple ways.
Critical systems, such as propulsion and navigation – even machinery as simple as the elevators – can be locked and made unusable until a ransom is paid. GPS can be affected to change a ship’s course, bringing it closer to shore for pirates to attack, or to cause it to run aground.
Radars can be jammed so a ship’s crew won’t know what is around them – in busy shipping lanes, not having a working radar can lead to a collision.
There’s also the risk of ecological disasters – valves can be opened by hackers, leading to oil spills. Compounding these issues is the fact that the crew on a ship often won’t even know that they’ve been hacked.
“The crew onboard a vessel make most of their decisions based on displays from these systems, so changing them can lead to accidents,” Sela adds.
“This is the new piracy. It’s very easy to lock your systems onboard a ship, and then you can’t use those systems anymore.”
It is hard to get reliable figures on the actual number of cyber attacks on the maritime industry, as it is not in the interest of companies to admit when they’ve been hacked – many shipping insurance policies have a clause called CL380 which excludes claims resulting from cybercrime.
However, according to a study by law firm Jones Walker, nearly 80 per cent of large US maritime companies admitted to being the target of a hack within the past year, and 10 per cent of survey respondents reported that an attack was successful.
“It’s easier to say it was human error or a technical failure, rather than admit it was a cyber attack,” adds Sela.
Black flag
There are an estimated 50,000 cargo ships sailing around the world at any time, and practically all of them are vulnerable to cyber attacks, for a number of reasons.
Most ships are old, and are running computer systems that are highly outdated – Sela says that some vessels are still running on Windows NT, an operating system that was first released back in 1993.
These older systems are not regularly updated, so are more vulnerable to cyber attackers – they’re simply easier to hack.
“Those systems are very old. Once you get through their firewall, you can do anything you want,” he warns. “A cyber attack can affect an entire fleet.”
Another reason is that the current methods of cyber security are flawed.
Most ships use “standalone” systems – that is, they’re kept separate and not connected to the internet or to one another. In theory, this should keep them insulated from cyber attacks, as bugs can’t spread from computer to computer.
However, this doesn’t work in practice – these standalone systems still have to be connected on occasion, for instance to receive new information or for maintenance.
Often, a ship’s systems will get infected when they’re connected to ones at port, or to the company’s onshore operations, which have been previously attacked by a hacker.
“From a hacker point of view, it’s easier to hack a standalone system than a connected one, because a standalone system isn’t being monitored. I can send my attack, it is autonomous, and I can do whatever I want,” Sela warns.
Man the lifeboats
So, what are the solutions to this form of piracy? First, companies could replace the old, redundant systems on their ships with modern ones. However, this could be prohibitively expensive, especially if they have dozens or hundreds of ships in their fleet. Ports and shore-based operations should also become more cyber resilient, as these are often the route that hackers use to infect a ship’s systems.
Naval Dome’s own solution aims to protect the systems on a ship from attack. The company replicates a ship’s systems, and then stores them on secure USB drives. When the crew needs to use a system, they plug the device into a computer, creating a secure working environment.
The device can block attacks, monitor and alert the crew to any viruses, and prevent rogue programs from being installed. Sela adds that ship systems often run faster from the device than they would on the original hardware. Essentially, Naval Dome is creating a bubble around a ship’s systems to keep them safe.
“The idea is to do something that the market can easily adapt, doesn’t require a lot of time and money, and will protect against external and internal threats,” he adds.
Stormy waters ahead
The UK is heavily focused on preparations for Brexit, but perhaps businesses and politicians should also consider the risk of this cyber piracy.
Many have raised concerns about supply-chain disruptions to medicines or manufacturing caused by Brexit, but little thought appears to have been paid to how these could be exacerbated by cybercrime – if hackers are able to disrupt shipping, this could lead to even longer delays to crucial supply chains.
It is therefore in everyone’s interest for the shipping industry to become more vigilant, not just for pirates off the starboard side, but digital ones lurking on the cyber seas. Forget Jack Sparrow, these new kinds of pirates have the potential to do more damage to the economy than even a cliff-edge no-deal Brexit.