Global shipping vulnerable to hackers

By Danny Palmer
25 Apr 2014 View Comments
container-ship-transport

The shipping industry is vulnerable to hackers, as cargo ships begin to use more and more connected devices and automated systems while traversing the open seas. These cyber security loopholes could be exploited to make a freighters' cargo an easy target for teams of pirates and cyber criminals.

Further reading

According to a report by Reuters, hackers have already deployed cyber attacks in order disrupt ports and the ships docked within them for purposes ranging from disabling vessels by filling networks with malware, or infiltrating systems to target specific docked cargo to steal. There are also reports that hackers have shut down a floating oil rig by breaking into its systems and causing it to tilt at an angle, making it unable to continue operating.

As ships run with smaller crews and more automated systems, the fear is that they could become vulnerable to attack while sailing across the globe, with with criminals able to take advantage of them in isolated international waters.

Researchers have previously demonstrated how it's possible for hackers to use techniques such as disrupting GPS signals to force a ship to change course, which could leave the containers dangerously exposed to the threats posed by pirates.

While there's not yet much evidence that ships - still used to transport 90 per cent of the world's cargo - are regular victims of cyber attacks, there are concerns that there will soon be a rush of hackers ready to exploit vulnerable systems.

Those fears are compounded by the suspicion that shipping firms often don't report known cases for rear of causing alarm to investors and insurers. And in many cases they don't know they're being attacked at all.

Wil Rockall, director of KPMG's cyber security team, believes shipping could be particularly vulnerable because IT and cyber security systems in the industry haven't developed as quickly as those in other sectors.

"Most ports and terminals are managed by industrial control systems which have, until very recently, been left out of the CIO's scope. Historically, this security has not been managed by company CISOs and maritime control systems are very similar," Rockhall said.

[Please turn to page 2]

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

25 %
45 %
10 %
20 %