Page 48: of Maritime Logistics Professional Magazine (Jul/Aug 2017)

47 49

Port Security

What is the threat to shipping?

At the beginning of June, Maersk became a high profle vic- tim of the Petya/Notpetya virus, demonstrating the obvious

When everything is connected to digital risk realities that a.) even the largest and most prepared everything, do you need to physically organizations are vulnerable to cyber attack, and b.) the big- ger they are, the harder they can fall. Petya locks users out of hijack an aircraft to damage it? Do you networks (as in the Aramco attack) and there are reports that need to plant a bomb on a gas pipeline

Maersk had to resort to manual, handwritten processes for re- to cause an explosion? Would you need cording manifests during the period in which it responded to to physically break into an electricity the ransomware attack. substation to disrupt the power supply

The most catastrophic attack could be a malware assault on and cause a blackout? No, you could do a large vessel at sea such as an oil or LNG tanker or on a drill- these things using malware.

ing platform. Modern vessels and maritime assets are heavily connected to the Internet and have many potential attack vec- tors for malware: reported to their Internet security service were aimed at indus- » Operating software and navigation systems (GPS, trial computers such as PLCs and one industrial computer in AIS and ECDIS) that are updated by maintenance a fve is attacked each month. Looking at any modern industrial nd service providers and supply chain; equipment, process or infrastructure, it usually has multiple » Operator and port maintenance systems and data external network connections including: (vessel health, manifest data, etc.); • A direct Internet connection for remote management » Hydrocarbon accounting software; access to the ICS; » Safety systems such as Emergency Shutdown, • OEM and supply chain organisations update Blowout Prevention, HIPPS and Burner industrial equipment; Mana gement Systems; • Administration and maintenance systems and data » On board IT infrastructure for use by crew; (pr ocess health, logistics, etc.); » Communications systems.

• Many in-house and third party line of business systems; • Government and other supervisory and regulatory

For example, an application like Stuxnet could take control systems and communications; and of an important safety system on a drilling rig such as a blow- • Portable media.

out preventer and take it offine, or alter its behaviour, when the rig is operational. This could be designed to cause an ex-

Even the most critical infrastructure has many potential at- plosion with loss of life and damage to the environment to say tack vectors over which the owners and operators may have nothing of fnancial and reputational consequences. partial or very little control. The answer to this vulnerability is

Who would do such a thing? Well, terrorists or a hostile extension of the scope of enterprise risk management to sup- state is the simple answer. ply chain and digital risk.

Do shipping companies and the owners of maritime assets

Type What is it? Why?

Bots Small apps that allow an attacker to have some functionally specifc DDoS attacks, stealing logins control over a device like a PC. and personal info

Ransomware An app that restricts access to data or functions in a computer. Payment of ransom

Spyware An app that installs itself then communicates to a third party Stealing logins etc.

Rootkit Software that installs deep in an operating system to provide extensive, Multiple possible purposes very hard-to-detect control

Trojan A fle that appears harmless but contains malware Infection, distribution

Virus Any malware that copies itself and spreads over a network or via some Infection, distribution other vector like USB drive

Worm Malware that exploits vulnerabilities in an operating system. Infection, distribution 48 Maritime Logistics Professional July/August 2017 | |