Vessel Vulnerabilities: Why Attackers Increasingly Target Maritime
Systems within vessels are impacted by OT/IT convergence, lacking maritime-specific defense and system visibility, and this is not helped by lack of policies and training. These vulnerabilities are combined with increased attacker incentives, relating to vessel criticality, potential for disruption and piracy.
Convergence of OT/IT systems onboard vessels inevitably leads to an increase in potential vulnerabilities that can be explored to penetrate vessel systems. Outdated hardware and software make development of new viruses for vessels as simple as adopting existing ones from the offshore industry.
Many organizations lack visibility over their vast and complex networks, leaving a potential myriad of entry points for would-be criminals.
Maritime specific cyber defense
This is worsened by maritime’s lack of preparedness for cyber attacks. There are few maritime specific protection tools, such as Intrusion detection systems for NMEA protocols. In addition, maritime OEMs are slow to patch new vulnerabilities, generally attributed to lacking industry level cyber awareness.. This leaves many great opportunities for hackers.
Policies and Training
In extension, the industry generally lacks cybersecurity policies, crew cyber training, and cyber hygiene and awareness. This contributes to the lack of preparedness, making vessels an easy target for attackers.
Finally, these vulnerabilities are becoming increasingly problematic, due to increased incentives for attackers to target maritime. Firstly, vessels play a key role within the global supply chain. This means attacks have expensive and far-reaching consequences, which is ideal for attackers incentivized by disruption.
The maritime sector is also a “perfect” target for terrorist attacks as simple cyber penetration can lead to ship collisions, sinking and explosions, leading to substantial collateral damage. A final motivation is piracy. This problem is still rampant in many areas and modern (“commercial”) pirates employ advanced tools provided by cybercriminals. One example is to steer a vessel off course, and lead them into an area where pirates can effectively invade the vessel. Another is blocking communication from ship to shore, preventing the crew form calling for help.
Source: By Jessie Hamill-Stewart University of Bristol/University of Bath, Dmitry Mikayhlov Reperion, Andrew Sallay (ed.) Reperion