In February 2019, a large container ship sailing for New York identified a cyberintrusion on board that startled the US Coast Guard. Although the malware attack never controlled the vessel’s movement, authorities concluded that weak defenses exposed critical functions to “significant vulnerabilities.”
A maritime disaster did not happen that day, but a warning flare rose over an emerging threat to global trade: cyberpiracy able to penetrate on-board technology that is replacing old ways of steering, propulsion, navigation and other key operations.
Such leaps in hacking capabilities could do enormous economic damage, particularly now, when supply chains are stressed from the COVID-19 pandemic and Russia’s war in Ukraine, experts including a top Coast Guard official said.
Illustration: Louise Ting
“We’ve been lucky so far,” said Rick Tiene, vice president of Mission Secure, a cybersecurity firm in Charlottesville, Virginia. “More and more incidents are happening, and the hackers are getting a better understanding what they can do once they’ve taken over an operational technology system. In the case of maritime — whether it be the ports or the vessels themselves — there is a tremendous amount that could be done to harm both the network and physical operations.”
Coast Guard Rear Admiral Wayne Arguin, the branch’s assistant commander for prevention policy, said shipping faces cyberrisks similar to those in other industries — it is just that the stakes are so much higher given that almost 80 percent of global trade moves on the sea.
While Arguin declined to put a number on the frequency of attempted break-ins, he said: “I feel very confident that every day networks are being tested, which really reinforces the need to have a plan.”
“A potential intentional attack could really stress the system, and we’re certainly thinking about how to shore that up,” Arguin said in an interview. “When you couple that with the sensitivity of supply chain disruptions, it does have the potential to be devastating to the marine transportation system.”
That universe includes not just ship operators, but port terminals and the thousands of logistics links in global supply chains that are increasingly interconnected.
BlueVoyant, a New York-based cyberdefense platform that in April analyzed 20 well-known shipping companies, said some strides have been made since last year, but “there are more cyberdefense actions the industry can take to make things more secure.”
A wider survey into third-party cyberrisks showed that 93 percent of respondents acknowledged suffering direct breaches tied to supply chain weaknesses, with the average number of intrusions rising to 3.7 last year from 2.7 in 2020, BlueVoyant external cyberthreat assessments director Lorri Janssen-Anessi said.
Hackers have hit major logistics operations several times this year.
Jawaharlal Nehru Port Trust, India’s busiest container port, suffered a ransomware attack in February. A targeted attack on Expeditors International of Washington Inc, a large freight-forwarding company, crippled its systems for about three weeks and led to US$60 million in expenses. Blume Global, a supply chain tech company based in Pleasanton, California, in early May said that a cyberincident temporarily made its asset management platform inaccessible.
“You’ve picked on an industry that has a lot of vulnerable areas,” said Jennifer Bisceglie, CEO of Interos, a supply-chain risk management company based in Arlington, Virginia.
The ocean shipping industry is the backbone of global goods trade, but when it comes to cybervulnerabilities, its broad reach is an Achilles’ heel. The biggest companies are playing catch-up and, after years of struggling to make money, now have the resources to invest in upgraded ship-to-shore technology.
Hapag-Lloyd, Germany’s largest shipping line, in April announced that it would become the first carrier to equip its entire fleet of containers with real-time tracking devices.
Most of the large container lines use remote sensors for functions such as monitoring engine performance, maintaining cooling systems or opening a pump valve. Electronic charts and collision-avoidance mapping can be updated on shore and shared remotely. Many new ships ordered during this period of peak profitability would be fitted with more online connectivity to land-based operations.
Such advances add visibility and efficiency, but they also potentially make the jobs of hackers easier, experts said.
“Ships were quickly connected to the Internet using satellite communications, but without all the other security controls needed to be safe and secure at sea,” said Ken Munro, a security specialist at Pen Test Partners, a cybersecurity company with clients in the maritime industry. “So now shipping operators are frantically trying to build these controls back in, but are struggling with decades-old equipment on board that can be really hard to secure.”
To help guard against the threats, the International Maritime Organization, a UN agency responsible for safety and security, issued guidelines that companies were supposed to adopt starting last year.
Some analysts said those regulations have not had enough of the intended effect and led to a wide range of responses.
“Some were very proactive and started doing the work long before the regulations,” said Rahul Khanna, global head of marine risk consulting at Allianz Global Corporate & Specialty, a unit of Germany-based financial services company Allianz SE. “On the other end of the spectrum, you had people who are aware and doing just the bare minimum just to get the certificate in their files.”
Even modern ships have a patchwork of systems from different manufacturers that have taken cybersecurity in varying degrees of seriousness, said Andy Jones, former chief information security officer at A.P. Moller-Maersk, the world’s second-largest container carrier. “Some operators have taken this seriously, but with substantial fleets and ships that are probably over 30 years old, it is a very tall order.”
Jakob Larsen, a maritime security specialist at Bimco, one of the world’s biggest associations representing shipowners, defended the industry’s position on cyberprotections as “relatively strong” and on par with other sectors.
Although increased digitization brings “more and more of an attack surface,” he said instances where operational controls have been hacked are rare and technically difficult to pull off.
“This idea that someone can take over the control of a ship and do all sorts of things, while it might be technically possible for a really skilled hacker who has the time to do it, in reality it’s not really something that we’re seeing,” Larsen said. “Theoretically, yes in can happen, and of course we have to constantly stay updated with our defenses and pay attention to new threats.”
Khanna said there is a “huge underreporting” when ships are attacked and “the ones who say they haven’t been, just don’t know about it.”
Across industry and government, there is agreement that there needs to be more information sharing.
“Everybody needs to be all-in in this game and understand when there are vulnerabilities — getting that information out quickly is going to be thing that continues the help use close doors,” Arguin said.
For some observers, a wake-up call about the stakes involved came in March last year, when the Ever Given — one of the world’s largest container ships — ran aground and blocked traffic in the Suez Canal for almost a week.
The incident, blamed partly on strong winds, cut off much of Europe’s trade with Asia and threw supply chains off kilter for several weeks.
“The Suez incident made everybody realize that global supply chains are actually quite vulnerable,” Munro said. “Not that Suez was a hack — it wasn’t — but it so easily could’ve been.”
Saudi Arabian largesse is flooding Egypt’s cultural scene, but the reception is mixed. Some welcome new “cooperation” between two regional powerhouses, while others fear a hostile takeover by Riyadh. In Cairo, historically the cultural capital of the Arab world, Egyptian Minister of Culture Nevine al-Kilany recently hosted Saudi Arabian General Entertainment Authority chairman Turki al-Sheikh. The deep-pocketed al-Sheikh has emerged as a Medici-like patron for Egypt’s cultural elite, courted by Cairo’s top talent to produce a slew of forthcoming films. A new three-way agreement between al-Sheikh, Kilany and United Media Services — a multi-media conglomerate linked to state intelligence that owns much of
The US and other countries should take concrete steps to confront the threats from Beijing to avoid war, US Representative Mario Diaz-Balart said in an interview with Voice of America on March 13. The US should use “every diplomatic economic tool at our disposal to treat China as what it is... to avoid war,” Diaz-Balart said. Giving an example of what the US could do, he said that it has to be more aggressive in its military sales to Taiwan. Actions by cross-party US lawmakers in the past few years such as meeting with Taiwanese officials in Washington and Taipei, and
Denmark’s “one China” policy more and more resembles Beijing’s “one China” principle. At least, this is how things appear. In recent interactions with the Danish state, such as applying for residency permits, a Taiwanese’s nationality would be listed as “China.” That designation occurs for a Taiwanese student coming to Denmark or a Danish citizen arriving in Denmark with, for example, their Taiwanese partner. Details of this were published on Sunday in an article in the Danish daily Berlingske written by Alexander Sjoberg and Tobias Reinwald. The pretext for this new practice is that Denmark does not recognize Taiwan as a state under
The Republic of China (ROC) on Taiwan has no official diplomatic allies in the EU. With the exception of the Vatican, it has no official allies in Europe at all. This does not prevent the ROC — Taiwan — from having close relations with EU member states and other European countries. The exact nature of the relationship does bear revisiting, if only to clarify what is a very complicated and sensitive idea, the details of which leave considerable room for misunderstanding, misrepresentation and disagreement. Only this week, President Tsai Ing-wen (蔡英文) received members of the European Parliament’s Delegation for Relations