Cyber Risk on Automation of the Maritime Industry

Impact of Cyber Risk on Autonomy for the Maritime Industry


The increasing automation in marine vessels has brought significant benefits to the shipping industry, including increased efficiency, reduced labour costs, and improved safety. However, it has also brought new cybersecurity risks that need to be addressed to ensure the safety and security of crew, cargo, and the vessel itself.

One of the significant risks is the potential for technical failures or malfunctions that can cause accidents and put human lives at risk. Another risk is overreliance on automation, which can lead to complacency and reduced vigilance among the crew. In situations where the automated systems fail or encounter unexpected circumstances, the crew may not be adequately prepared to respond quickly and effectively, leading to potentially catastrophic consequences.

Moreover, there is a risk of cyber attacks on automated vessels, as such vessels rely heavily on computer systems and connectivity. A cyber attack could disrupt the vessel's operations, compromise sensitive information, or even take control of the vessel, putting it and its crew in danger.



"Shipowners globally should heed the lessons learnt from corporate cyber-attacks, costing millions of dollars to rectify and wiping billions off company's share values."

- Cameron Livingstone, The Nautical Institute



Cybersecurity Risk in Marine

Maritime expert Cameron Livingstone of The Nautical Institute quoted the following for an article, “As ships become more technologically sophisticated, methods an attacker could use to disable ship and shore-based technology are widening. GNSS spoofing, radar jamming, AIS interference and shore-based communication shutdowns are increasingly common.

One of the main cybersecurity risks associated with automation in marine vessels is the potential for cyber-attacks on the vessel's control systems. These systems control critical functions such as propulsion, navigation, and communication, and a successful cyber-attack could lead to significant damage, loss of control, or even sinking of the vessel.

An example pointed out by Livingstone is based on an incident in 2019 involving the British tanker Stena Impero. The vessel was boarded and detained by Iranian forces after she maneuvered suddenly into Iranian waters due to GNSS spoofing, which caused deliberate interference with her positioning.

There are many ways in which ships could be intercepted, especially as they become more autonomous and remotely operated. As humans are removed from technical processes, problems are less likely to be detected quickly. These technologies could be manipulated by attackers to cause collisions and generally disrupt vessels.

Another risk is the potential for unauthorized access to sensitive data and systems, such as cargo manifests, crew records, and financial data. This information can be valuable to cyber criminals for a variety of malicious purposes, including ransomware attacks, identity theft, and fraud.

To mitigate these risks, vessel operators need to implement robust cybersecurity measures, including firewalls, intrusion detection systems, and regular vulnerability assessments. They should also provide cybersecurity training to crew members to ensure that they are aware of the risks and can take appropriate action to prevent cyber-attacks.


Conclusion

This increasing cyber threat requires action now. In response, legal requirements are being increased, such as IMO 2021, a resolution requiring ship owners to invest in cybersecurity.

“Potential cost to vessel owners far outweighs the cost of implementing appropriate cybersecurity protocols. Physical and electronic measures should be considered, as well as appropriate cyber insurance (H&M and P&I)," says Livingstone. "Shipowners globally should heed the lessons learnt from corporate cyber-attacks, costing millions of dollars to rectify and wiping billions off company's share values."

In conclusion, while automation in marine vessels brings many benefits, it also brings new cybersecurity risks that must be addressed. By implementing appropriate cybersecurity measures, vessel operators can ensure the safety and security of their crew, cargo, and vessel in the face of cyber threats.



About the Author

Ruben George