Welcome
Summary
Course
Exam
Certificate
V-ID Terminal
Library
News
Support
My Account

Profiled Partners

  • Döhle Yachts
    Managing Perfection
  • Be Cyber Aware At Sea
    A Global Maritime & Offshore Initiative.
  • Be Cyber Aware At Sea
    A Global Maritime & Offshore Initiative
 

 
 

Cyber attack could sink ships, Government advice warns

The Telegraph, 16 September 2017 
September 18th 2017
The Telegraph, 16 September 2017
The British government has recently released guidelines regarding cyber security on ships - this spans shipping to superyachts and its advice cannot and should not be ignored. You can read the guidance in full on our partner website, Be Cyber Aware At Sea. You can read Ben Riley-Smith's article for The Telegraph online here

Cruise ships could be sunk by cyber terrorists, official Government guidance has warned in a drive to improve protections from online attacks. 

Vessels could be vulnerable to “kidnap, piracy, fraud [and] theft of cargo” if their computer systems are compromised, the Transport Department said. 

At worse a cyber-hack could result in “risk to life and/or the loss of the ship”, the industry was also told.

The concern is that hackers could distort mapping equipment or the ship's controls, causing it to hit another vessel or run aground. 

The dire warnings were made in a “Cyber Security for Ships” code of practice, written by the Institution of Engineering and Technology and distributed by Whitehall. 

Fears that a commercial vessel could be sunk, causing untold loss of life, provide a chilling example of how exposed the transport sector is to cyber-crime. 

Experts told this newspaper that any ship that relies on a computer system – such as electronic location trackers – could be vulnerable. 

They urged companies to make sure crews are trained in “old seamanship” so they could keep control of ships which come under attack. 

In recent years the Government has put resources into building Britain’s protections to cyber-attacks, both in the public and private sector.

The National Cyber Security Centre, part of Britain's spy hub GCHQ, was opened in February 2017 to improve the country's “cyber resilience”. 

In the document released this week, the Transport Department spells out the vulnerabilities of the shipping industry in the 21st century. 

“The maritime sector is a vital part of the global economy, whether it is carrying cargo, passengers or vehicles,” it reads. 

“Ships are becoming increasingly complex and dependent on the extensive use of digital and communications technologies throughout their operational life.

“Poor security could lead to significant loss of customer and/or industry confidence, reputational damage, potentially severe financial losses or penalties, and litigation affecting the companies involved.”

The dangers of a ship becoming “compromised” by a hack – be it from criminals, terrorists or a rival country – are also spelled out in explicit terms. 

An attack could lead to “physical harm to the system or the shipboard personnel or cargo – in the worst case scenario this could lead to a risk to life and/or the loss of the ship”. 

It could also impact “the health and safety of staff and other people impacted upon by the work activities being undertaken and to whom a duty of care is owed”. 

Furthermore a hack could damage “the ability of the ship to operate safely and to not endanger other ships, maritime structures or the environment”. 

The prospect of ships having their controls taken over and steered off course is all too real, according to a leading cyber security expert. 

Prof Alan Woodward of the Surrey Centre for Cyber Security told The Sunday Telegraph that tests have shown even super yachts could be hacked. 

“In the last 18 months people have suddenly realised the vulnerability of shipping. It is one of those things that people tend to not think about.

“Shipping is just as dependent as any other modern form of transportation on electronic devises. We have to be aware that signals can be spoofed. 

“We’re not just talking about super tankers and big cruise ships. Basically anything that has any form of automation on it including yachts could be vulnerable.”

The Government guidance on shipping gives an insight into how such attacks could be perpetrated, warning the industry that those on board should not remain above suspicion. 

“Personnel security aspects are also important. The insider threat from shore-based or shipboard individuals who decide to behave in a malicious or non-malicious manner cannot be ignored,” it read. 

“Ship owners and operators need to understand cyber security and promote awareness of this subject to their stakeholders, including their shipboard personnel.”