Latest news with #maritimecybersecurity
The Guardian
7 hours ago
- The Guardian
Spy ships, cyber-attacks and shadow fleets: the crack security team braced for trouble at sea
Ships being taken over remotely by hackers and made to crash is a scenario made in Hollywood. But in a security operations room in Oslo, just a few metres from the sparkling fjord and its tourist boats, floating saunas and plucky bathers, maritime cyber experts say not only is it technically possible, but they are poised for it to happen. 'We are pretty sure that it will happen sooner or later, so that is what we are looking for,' says Øystein Brekke-Sanderud, a senior analyst at the Nordic Maritime Cyber Resilience Centre (Norma Cyber). On the wall behind him is a live map of the ships they monitor and screens full of graphs and code. Two little rubber ducks watch over proceedings from above. In an unstable world, shipping, ports and terminals are taking on enormous strategic importance as targets for destabilising infrastructure and espionage. This is particularly relevant in the Nordic countries, which share land and sea borders with Russia. Finland and Sweden are now Nato members and all countries are beefing up their defence capabilities amid hybrid attacks and rising fear of war. With the ever increasing digitalisation of ships – and, as a result, more opportunities for hacking – plus rapidly sharpening AI tools to speed up getting around complicated systems, it is a case of when, not if. 'These systems [on ships] are very complex and it is hard to understand how to operate them. But with AI you can just keep asking questions: 'How does this component work?', 'Can you go through this 300-page manual and find me the password?' So everything goes fast,' says Brekke-Sanderud. Based in the headquarters of the Norwegian Shipowners' Association on the quayside of the Norwegian capital, Norma Cyber works alongside it and the Norwegian Shipowners' Mutual War Risks Insurance Association (DNK). The three organisations came together two years ago to set up a shipping security and resilience centre to monitor the global threat of war, terror and piracy – physical and digital. They also carry out work on behalf of the Norwegian government. While remotely crashing a vessel is technically possible, hackers hoping to cause chaos need not go to such dramatic lengths. Simply making something on a ship stop working could lead to a blackout on a vessel or systems malfunctioning, says Lars Benjamin Vold, Norma Cyber's managing director. And there is mounting evidence that states are looking to harness these powers against their adversaries at sea. Iran is already understood to have researched how to use cyber-attacks to disrupt ballast systems – which pump water into vessels to ensure stability – to affect ships and satellite systems. And April saw an unprecedented hack that allegedly took out 116 Iranian Vsat modems – used in satellite communication by ships – simultaneously. 'When you talk about nation states, it is about their will to do something,' says Vold. While potential 'threat actors' such as Russia and China have extensive capabilities, these also have to align with their mission, which could change at any time. So while the threat level has been relatively consistent, maritime vulnerabilities are on the rise. 'Things are digitalising more and more, so there are more potential ways in,' says Vold. Norma Cyber has also reported civilian vessels such as fishing boats, research ships and cargo vessels being used for espionage in the Baltic, north Atlantic and the Arctic. USB devices have also been used to infiltrate maritime systems, including by a China-linked threat actor called Mustang Panda. Last year, Norma Cyber noted 239 disruptive cyber-attacks on the maritime sector, with the pro-Russian group NoName057(16) behind most of them. Sign up to Global Dispatch Get a different world view with a roundup of the best news, features and pictures, curated by our global development team after newsletter promotion Perhaps counterintuitively, the increased reliance on digitalisation ends up putting more demand on old-fashioned navigational skills. When crews come up against jamming of satellite navigation systems in the Baltic – Finland has accused Russia of being behind such disruptions – they are left with little option but to navigate without it. 'Good seamanship is the best mitigation measure,' says Vold. But as well as the invisible threats of the digital world, the maritime industry is also facing unprecedented physical problems. Vladimir Putin's growing shadow fleet of hundreds of unregulated vessels carrying sanctioned crude oil from Russia to predominantly China and India poses a growing threat to the environment and the global shipping infrastructure. The shadow fleet is made up of ageing oil tankers, the identities of which are hidden to help circumvent western economic sanctions imposed on Moscow. Estimates of their number range from 600 to 900 vessels, according to some sources. Threats to ships can also come from within. Engines, elevators and water purification systems are all potential targets on board. And with 15% of crew members internationally either Ukrainian or Russian, the composition of crews on ships has taken on new significance since Russia's full-scale invasion of Ukraine. 'If you have a Russian captain on a ship carrying aid to Ukraine, those don't mix that well, right?' says Svein Ringbakken, managing director of DNK. 'So those are sensitives that are being addressed in the industry.' Line Falkenberg Ollestad, an adviser at the Norwegian Shipowners' Association and an expert on the shadow fleet, fears its growing presence is creating a 'parallel fleet' of underinsured substandard ships operating on the sidelines, where they do not know what is happening on board or the conditions and wages of its seafarers. If there were to be an environmental incident on one of the vessels, she says, it also poses a threat to Norway's coastline. Some ships listed as sanctioned by the US are still operating, she says. Most of them are at least 15 years old. 'Our concern is that the situation is getting worse the longer it continues.' Another big question, she adds, is whether the whole situation has already gone too far to come back from. 'Is the shadow fleet that is operating outside the western jurisdictions the new way? Or can we reverse this?' Ollestad asks. 'And the answer is: we don't know.'
Malay Mail
09-05-2025
- Business
- Malay Mail
Bridging gaps for a resilient maritime future — Marhaini Mohd Noor, Mohammad Tariqur Rahman
MAY 9 — Malaysian maritime cybersecurity has experienced episodes of cyberattacks. Vulnerability in maritime cybersecurity affects the productivity of the nation's critical economic sector. Several issues have been discovered as key contributing factors to the instability in cybersecurity. While having the advantage of strategic geographic positioning as a maritime hub in the region, the density of shipping traffic and critical shipping lanes expose the seaports, logistics networks, and shipping systems to cyberattacks. The aspiration for the integrated seaport ecosystems targeting key seaports in Malaysia to ensure smooth integrated operations as well as fluidity in customs procedures opens a room for a malfunction of the system, mostly due to its structural and operational complexity. It not only results in compromised efficiency but also opens the door for cyberattacks. Inescapably, owing to digitization and the demand for an integrated smart port, dependence on potentially insecure artificial intelligence (AI) and Internet of Things (IoT) devices adds to the vulnerability of maritime cybersecurity and harms the productivity of the entire maritime operation. The digital transformation, accompanied by cybersecurity attacks, has emerged as a significant concern for maritime supply chain network agents. The Lloyd Register- a technical and professional services organisation and a maritime classification society - has documented an alarming surge in cyberattacks over the last ten years, with an annual increase of 27 per cent. A lack of readiness of the maritime workers who are yet to be trained for cybersecurity awareness has contributed to the maritime vulnerability to cyberattacks. Inadequate cybersecurity awareness and training make them inefficient at recognizing, stopping, or reacting to cyber threats. Finally, a lack of standardized cybersecurity policies, enforcement mechanisms among stakeholders, and legislative gaps and fragmentation make it difficult to coordinate and implement measures effectively. Hence, a multi-stakeholder approach that integrates technology, policy, and capacity building is necessary to provide a robust maritime cybersecurity framework. Albeit Malaysia has put in place many laws and guidelines relevant to its maritime industry, with a strong basis for maritime cybersecurity in the current regulations. However, regular updates, cooperation from stakeholders, and strict enforcement are necessary for them to be effective. Despite having the guidelines and compliance checks by Malaysia's Marine Department and port authorities as the main methods of enforcement, stakeholders differ in how they implement them. Malaysia's cybersecurity training and enforcement have room for improvement following the examples of those in Singapore, the United States, and Norway. While strengthening its cybersecurity skill pool through national initiatives and partnerships, the majority of training in Malaysia concentrates on general IT rather than requirements unique to the maritime industry. Malaysia has put in place many laws and guidelines relevant to its maritime industry, with a strong basis for maritime cybersecurity in the current regulations. However, regular updates, cooperation from stakeholders, and strict enforcement are necessary for them to be effective. — Reuters pic Because it has a lower tech profile and fewer opportunities for specialised education, the marine industry has trouble luring top personnel. There are still gaps in areas like infrastructure, training, and readiness, especially in smaller businesses and lesser-known ports, even though Malaysian ports and shipping corporations are making progress in implementing contemporary cybersecurity measures. Important practices for managing information security system may include developing computational tools for risk management; implementing detection–blocking techniques to restrict network access to authorized systems; securing email accounts with multi-factor authentication; installing physical barriers, surveillance cameras, and rapid-response alarm systems; having advanced antivirus software; managing RFID usage to protect the personal data; and using VPNs on remote working laptops. Additionally, establishing international collaboration among maritime stakeholders with aligned risk perceptions, a certification authority to oversee the creation of pseudonyms for ship maritime mobile service identity, a risk assessment library to share mitigating measures and risk experiences, and a 'port cyber resilience officer' portfolio can play a critical role in maritime cybersecurity. In Summary, to adequately prepare for massive cyberattacks, the sector needs improved system integration, more standardized training programs, increased cooperation, and more robust regulatory enforcement. Investing more in highly qualified workers and cutting-edge technology would be essential to enhancing Malaysia's maritime industry's overall cybersecurity resilience. * Dr Marhaini Mohd Noor is Senior Lecturer at the Faculty of Maritime Studies, Universiti Malaysia Terengganu; while Professor Dr. Mohammad Tariqur Rahman is the Executive Director (Development, Research and Innovation) at the International Institute of Public Policy and Management (INPUMA), Universiti Malaya * This is the personal opinion of the writer or publication and does not necessarily represent the views of Malay Mail.
