Register for a free trial
Social

Maersk cyber attack – a catalyst for container industry

Fri 01 Sep 2017 by Rebecca Moore

Maersk cyber attack – a catalyst for container industry
CargoSmart’s Live Incident Monitoring Dashboard showing Maersk vessels and APM terminals’ ports

Maersk’s experience of a hacking attack in June caused shockwaves through the box industry, but hopefully will act as a wake-up call for shipping lines to protect themselves with new initiatives and technology against such an attack

The container industry has been left reeling after a cyber-attack crippled Maersk Group’s logistics IT systems – but a positive response to come out of it is that it has raised awareness of the problem among ship operators and terminals, meaning they will do more to protect themselves against this threat.

Cyber security shipping analyst CyberKeel chief executive Lars Jensen called it a “wake-up call for the industry” and said that CyberKeel had warned repeatedly of the likelihood of ransomware (and similar) attacks. When Cyberkeel launched in 2013, this was not seen as a significant threat but he noted (as of June) that over the past 12-18 months, there had been a gradual change and that there is now a recognition that cyber security may be a genuine threat. “However we also find that this recognition in many cases still does not translate into the allocation of appropriate resources to properly investigate the company's current level of cyber security,” he warned.

Meanwhile, blockchain technology could have saved Maersk Group from the attack – the irony of this is Maersk Line began working this year with IBM to implement that technology.

“A wake-up call for the industry” Lars Jensen (CyberKeel)

Blockchain expert Antony Abell, managing director of blockchain solutions company TrustMe commented: “If Maersk had completed their shift from their existing electronic data interchange to a blockchain-enabled platform, then the ransomware attack on them would not have taken place.”

Jody Cleworth, chief executive freight forwarder Marine Transport International, explained that one particular problem for the supply chain is the large number of stakeholders involved – just “one weak link” can open them up to attack, she said.

“We are seeing more shipping firms make the move towards blockchain and, as a result, vastly increasing their process security. This is because blockchains run in a sterile environment. The only way to get data in is through the chain – an attack cannot work and, if it did, it would leave clues for forensic scientists to trace back to the perpetrator.”

While blockchain technology prevents cyber attacks from happening, there is other technology that helps to mop up the damage. Step forward software provider CargoSmart, which played a critical role in helping smooth the supply chain after the Maersk incident. Immediately following the cyber attack, shippers were not able to track their cargo or know which terminals were impacted.

CargoSmart used its Global Vessel Voyage Monitoring Center which is based in Hong Kong and monitors live vessel movements using data from multiple sources and tools. While Maersk’s own tracking system was offline, CargoSmart updated its free pop-up tool, the Live Incident Monitoring Dashboard.

“We were able to quickly provide visibility to the location and speed of all of Maersk’s container vessels based on live vessel updates from the Automatic Identification System,” CargoSmart chief commercial officer Lionel Louie told Container Shipping & Trade.

Its dashboard also provided a projected ETA, which is calculated by a sophisticated algorithm that analyses vessels’ historical routes and speed patterns, along with current speeds and locations, to provide estimated times of arrival.

Mr Louie summed the benefits: shippers and logistics service providers who used the tool had fast visibility to their vessels’ location and ETAs and information about which terminals had vessels arriving without having to call their carrier or forwarder repeatedly for updates.

Class societies have also launched initiatives to boost cyber-defence. DNV GL has produced a three-pronged approach that enables maritime organisations to take on the challenge of controlling cyber security risks adapted to an industry with limited budgets. The recommended practice for cyber security resilience management for ships and mobile offshore units in operation (DNV GL-RP-0496) was designed to simplify the task of controlling cyber security risks, not only for IT-skilled personnel but also for a wider audience with minimal cyber security expertise.

DNV GL senior cyber security service manager Patrick Rossi pointed out that although a lot is known about cyber security risks relating to IT, less is known about operational technology (OT), which is just as critical, if not more so, when it comes to cyber threats. By looking at these aspects in relation to cyber security at the design and build phases, risks in both areas can be managed and “a competency bridge can be built between the two worlds”, he said, making it possible to use the more readily available cyber security know-how from IT within the OT domain.

As digitisation gains momentum in the box ship industry, cyber security has never been more important. The legacy of the Maersk incident may be that ship operators boost their cyber security defences. Mr Jensen said that the incident “hopefully will act as a catalyst for the maritime industry to further enhance their cyber security posture.”