Shipping Industry on Hackers Radar

Security experts have expressed deep dismay at Hackers attacking Shipping firms, which they are able to successfully compromise.

Having plagued a wide variety of business sectors and industries, Cyber criminals have now turned their focus on the Shipping Industry. Recently, hackers had a field day attacking a shipping firm, and this came to light when a staff at Cyberkeel checked the email activity of a shipping firm and was shocked at the outcome.

“Someone had hacked into the systems of the company and planted a small virus,” explains co-founder Lars Jensen. “They would then monitor all emails to and from people in the finance department.”

The attack was aimed at deceiving the company to transfer the payment to a bank account owned by the cyber criminals. It happens when the fuel supplier sends an email to the company asking for payment, the virus would change the content of the email and the bank account number before it was read by the recipient.

“Several million dollars, were transferred to the hackers before the company cottoned on” says Mr. Jensen.

In December 2013, the US Federal Bureau of Investigation had issued a statement warning companies about this type of attacks. They mentioned three specific cases where $1.65 million was siphoned off by cyber criminals.

In June we have seen how NotPetya ransomware created havoc and hit some major companies across the US and Europe. One of the hardest to get the blow was Copenhagen-based Maersk. Now, as the dust settled, Maersk in a statement has revealed that the total cost of dealing with the ransomware could be $300 million range.

Post Maersk NotPetya attack, security experts had raised concern about protecting the shipping industry against hackers – the revelation and finding by CyberKeel is just another example.

Cyberkeel has launched 3-years ago, and Mr. Jensen teamed up with Morten Schenk, who Jensen describes as “one of those guys who could hack almost anything”. Morten Schenk is a former lieutenant in the Danish military.

Cyberkeel initially wanted to perform penetration testing to shipping companies, and the initial response from these companies was too cold. Jensen recalls “I got pretty consistent feedback from people I spoke to and that was, ‘Don’t waste your time, we’re pretty safe, there’s no need’.

The consequences of suffering from the NotPetya cyber-attack for Maersk included the shutting down of some port terminals managed by its subsidiary APM.

Today, the scenario has changed. The NotPetya attack on Maersk has pushed these companies against the wall. Maersk experienced the serious consequence and had to shut down some port terminals, which was handled by their subsidiary APM. The shipping industry finally woke up to the harsh reality that their operation is vulnerable to digital disruption.

To compromise the system of the shipping firm will enable attackers to access sensitive information. One serious concern that came to light was when a global shipping conglomerate system was hacked by pirates. They were looking for information about a particular cargo, which they wanted to seize. Telecom company, Verizon explains how they carried out the operation.

“They’d board a vessel, locate by barcode specific sought-after crates containing valuables, steal the contents of that crate – and that crate only – and then depart the vessel without further incident,” it states.

Ships with more computer are potentially vulnerable, and it’s a great cause to worry. Malware and ransomware are designed in a way that spread from one computer to another computer on a network.

“We know a cargo container, for example, where the switchboard shuts down after ransomware found its way on the vessel,” says Patrick Rossi, who works within the ethical hacking group at independent advisory organization DNV GL.

Safe at sea

It’s obvious that the shipping industry, like many others, has a lot of work to do on such issues. But awareness is growing.

The Baltic and International Maritime Council (BIMCO) and the International Maritime Organization (IMO) have both recently launched guidelines designed to help ship owners protect themselves from hackers.

It’s obvious that the shipping industry has lots to catch up when it comes to cyber security. The International Maritime Organization has introduced certain guidelines to educate ship owners about the vulnerability, and how to protect themselves from cyber attack.

Patrick Rossi points out that an ignorant crew who has no understanding of the risk he carries in a USB stick should be made aware of the vulnerabilities. This is also important because the personnel keep changing frequently.

Shipping industry carries 90 percent of the world’s trade, and we have seen how Maersk has experienced significant damage to their business operation, thanks to NotPetya. Now before the world ask what’s next, it’s high time that the shipping industry pulls up their anchor and sail safely with comprehensive cyber protection.