Maritime cyberattacks are alarmingly increasing!

In a recent eye-opening study, maritime cybersecurity firm CyberOwl joined forces with global law firm HFW to shed light on the state of cybersecurity in the maritime Industry.

The research, conducted by maritime innovation agency Thetius, surveyed over 200 industry professionals, spanning from top-level executives to seafarers, and uncovered critical deficiencies in cyber risk management across the entire shipping sector and its extensive supply chain. These maritime cyberattacks came to the limelight despite progress made by IMO 2021.

The Skyrocketing Costs of Maritime Cyberattacks

The research revealed a shocking truth about the maritime industry – the colossal price shipowners pay in the wake of maritime cyberattacks, especially when they succumb to ransom demands. Shockingly, the data on maritime cyberattacks revealed that shipowners were shelling out an average of over US$ 3.1 million to cybercriminals. This revelation paints a grim picture of the industry’s susceptibility to cyber threats.

Furthermore, the study disclosed a concerning reality: despite the vast financial risk, most shipowners continue to underinvest in cybersecurity. Astonishingly, more than half of the respondents revealed that they allocated less than US$100,000 annually for cybersecurity measures. This discrepancy between the high cost of cyberattacks and inadequate investments in defense mechanisms is a ticking time bomb that the maritime industry must address urgently.

The research also exposed significant uncertainties concerning cybersecurity insurance within the marine industry. Nearly two-thirds of the surveyed professionals were unsure whether their insurance policies covered maritime cyberattacks, leaving many shipowners exposed to potential financial ruin in the event of an attack.

Maritime Cyberattacks and Supply Chain Vulnerability

When it comes to suppliers, only 55% of industry suppliers were asked by shipowners to demonstrate their cyber risk management procedures. This oversight highlights the lack of emphasis on comprehensive cybersecurity practices in the industry’s supply chain, adding another layer of risk to an already precarious situation of maritime cyberattacks.

Navigating Maritime Cyberattacks and Seafarer Preparedness

One of the most unsettling revelations was that over 25% of seafarers admitted they were unclear about the actions required of them during a cyber incident. This lack of awareness about maritime cyberattacks among the individuals on the front lines of operations poses a significant risk, as their actions can directly impact the outcome of a cyberattack.

Intriguingly, the research also found that the more senior an individual’s role within an organization, the less likely they were to be aware of the potential threats posed by cyberattacks. This highlights the need for improved communication and awareness at all levels of the maritime industry to ensure a more robust defense against cyber threats.

A Call to Action

The cyberattacks on the maritime industry present a significant challenge that cannot be ignored. The research findings clearly indicate that more must be done to secure the industry’s digital infrastructure. Increased investments, improved communication, and better awareness among all stakeholders are essential to ensuring the maritime sector remains resilient against cyber threats. The report serves as a wake-up call to the industry, prompting a call to action to protect the vital global supply chains upon which we all depend.

Daniel Ng, CEO of CyberOwl, emphasizes the importance of using data to guide decisions. “The findings in this report help shipping leaders benchmark their own organizations. This goes beyond anecdotes and hearsay to statistics, backed by data-driven evidence from the fleets that CyberOwl monitors. Maritime cyber risk management is a continuous journey, prioritisation is key. Identifying where the real gaps are will help the shipping sector make smarter decisions, so it is no longer the weak link in the cyber resilience of global supply chains,” said NG.

Tom Walters, a Partner at HFW, adds another layer to the discussion He points out that technology in the shipping industry is evolving rapidly, especially with the introduction of new technologies like autonomous ships.

“Technology in the shipping industry is changing at an astonishing pace. The use of IT already underpins so much within global supply chain operations, and as we look to the future and the adoption of alternative propulsion systems and autonomous ships, the importance of cyber security will only become more important. It is abundantly clear from our research that the shipping industry needs to do a lot more to protect itself from cyber threats,” said Walters.

However, Nick Chubb, the Managing Director of Thetius, reminds us that despite the progress made, there’s still a gap between industry expectations and the reality on the ground. This gap underlines the need for better coordination and a heightened focus on cybersecurity.

“Our industry has made great progress in recent years, both in terms of increasing awareness of cyber security and taking the action needed to close security gaps. But we have found that significant disconnects still exist between the industry’s expectations of cyber security and the realities on the ground,” said Chubb.

The maritime industry must act quickly. Prioritizing cybersecurity and fixing the gaps in defenses is essential to protect the future of maritime cybersecurity and global supply chains. It’s time to take action.