The United States has 360 river and sea ports, and these borders result in the need for guaranteed security. Harbors located at possible water gateways into the United States are crucial for ensuring that only designated cargo and persons can enter or leave; a cyber attack on these ports endangers public safety.
In regards to trade, the United States spends $1.3 trillion in annual cargo (imports and exports). Ninety-five percent of the goods shipped to or from the United States is by sea; therefore, if trade was interrupted by a hacker, America would lose a significant amount of money and could be lacking certain products.
Although this did not occur in the United States, this event illustrates the large potential for cyber attacks and the lack of defense available.
Maritime activities and procedures have become increasingly electronic due to technological advances like digital charting resulting in greater opportunities for hacking
Todd Humphreys, a professor at the University of Texas and an expert in GPS, displayed how susceptible this industry is to hacking. Using a $3000 machine made from just an antenna and GPS spoofer as well as a laptop, he was able to hack into the navigation system of super-yacht in the Mediterranean Sea.
An example of cyber attacks that occurred due to the hacking of these systems is the piracy that occurs off the coast of Somalia. Pirate ships choose their targets by monitoring the online navigational data of the ships; once targeted, the location is either removed or altered.Keeping data and information secure in the maritime industry is difficult since it is an international market. Large shipping lines, for instance, have offices in over 100 countries; roughly half of these offices they do not own. Therefore, offices have their own IT infrastructure and data sharing occurs.
Shipping lines also do not own and cannot control the technology of all the vessels they operate. Since they are not operating some of the vessels, there is a window for a third party to take control.
Cyber attacks have detrimental effects due to the high costs and long recovery times needed
When maritime procedures are disrupted due to cyber attacks, the parties involved lose a significant amount of money and time. When only one port is attacked, the estimated losses are one billion dollars for every day the port is compromised. Since attacks generally have an aftermath that can affect the company for multiple days, these companies are facing multi-billion dollar losses.
A study done by the National Association of Manufactures and the National Federation of Retailers showed the monetary impact of the West coast ports being shut down. The study found that if the ports were shut down for five days, each day's cost would be roughly two billion dollars; if the duration was longer, the cost per day increased. The study also depicted how other factors like imports, exports, and economic output was effected.
Hacking on multiple oil rigs depicts the lengthy (and costly) recovery period that comes after a cyber attack. A floating oil rig off the coast of Africa was tipped sideways while another rig was infected with malware by a hacker. It took 19 days to get rid of the malware resulting in high productivity and monetary losses.
Maritime industry working to increase both cybersecurity and awareness to decrease threats and enable sailors to combat attacks
Taking action against cyber attacks has been a more recent change. Few maritime infrastructures have reacted to the increasing likelihood for cyber attacks as few ports have conducted assessments and even less have developed responses. Cyberkeel did an investigation to determine vulnerabilities in the hardware of the largest 50 container shipping lines; thirty-seven of the fifty were susceptible to hacking.
The US Department of Transportation Maritime Administration (MARAD) worked with the Ship Operations Cooperative Program (SOCP) to develop a computer based training. This step is a first for the United States in terms of giving vessel owners and operators knowledge to reduce and combat attacks. In addition, marine simulations have been created to allow a mariner to practice responding to a cyber attack.
The Coast Guard has teamed up with many organizations including American Association of Port Authorities to evaluate cyber vulnerabilities. Their ultimate goal is to incorporate cyber risk management into the already existing procedures for safety and security.
This comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis is a very well put-together post, I knew cyber security was a national concern, but I never thought about it with the maritime industry, so I learned a lot by reading your post! In the first paragraph, you start out very strong, by explaining all of the most important ways that cyber security and hackers can affect the maritime industry. The reader can read just that first paragraph, and automatically know the topic and direction of the post.
ReplyDeleteOne suggestion I have for improvement is to rework your explanatory title. Your title is great in that it is explanatory, but I find it to be a little too long and seems to run-on. Maybe even just adding some punctuation could make it smoother. For example: “Maritime facilities are at great risk for cyber attack, due to increased technology use and lack of security, thus leaving the United States infrastructure vulnerable”. I believe the first subtitle could be improved in the same way – either by shortening it or adding some punctuation. Another small improvement that can be made is to the table. The table is missing a title. If I am scanning quickly through the post, without reading the text, I am not going to know what the table is representing.
All in all, those were just minor details that I believe should be improved. I really like the content and the overall layout of your post. I learned a lot about cyber security issues in maritime through your multiple international examples. It is very obvious that this is a large issue that needs to be resolved somehow, or these cyber attacks are going to keep occurring more and more, and more and more money is going to be lost.
In your post, you focus a lot on money issues associated with these cyber hacks. Congresswoman Candace Miller raised another possible detrimental consequence of a cyber attack: the release of dangerous chemicals. She gives liquefied natural gas as an example. She is worried that a breach of the cyber systems of a ship carrying natural gas could cause the release of this chemical into the environment and therefore very badly harm the surrounding life, and possibly even public safety. There is much more at stake than just money losses.
Sources:
https://thestack.com/security/2015/10/12/cyber-attacks-on-u-s-ports-risk-chemical-disaster/