IHS Fairplay Maritime Cyber-security Survey – the results

A hand on cyber attacks in shipping: The IHS Fairplay survey found that one in five has been the victim of a cyber attack. Credit: PA
A hand on cyber attacks in shipping: The IHS Fairplay survey found that one in five has been the victim of a cyber attack. Credit: PA

One in five respondents to the first maritime cyber-security survey conducted by IHS IHS Markit in association with BIMCO has acknowledged that they have been a victim of a cyber attack, with 40% of respondents confirming that they had preventative measures in place before they were attacked.

Of the more than 300 people that responded across the shipping industry, 21% confirmed that their company’s computer systems had been violated, 57% said they had not suffered an attack, while 22% declined to respond.

Malware was the most common form of attack at 77%, with phishing coming in second at 57%.

Many respondents pointed to old or out-of-date technology increasing vulnerability and that even the most basic systems could be affected.

“No one wants to admit the vulnerability of their systems. Ours are based on 1990s-era systems using unsupported Microsoft products (old versions),” said one respondent.

“The cyber-security challenge isn’t just securing the vessels – it goes right back to the basic information security in the office onshore,” said another.

Of those respondents who acknowledged that their systems had been compromised, 67% experienced IT downtime, 48% lost corporate data – email, personal data, payroll, human resource information, etc. – and 21% endured some form of financial loss.

In terms of cost, half of those attacked faced costs of less than USD5,000, but a quarter were hit for between USD5,000 and USD50,000.

Two respondents reported that the incident cost them more than USD500,000.

Half of those who have been a victim detected the attack within 0–6 hours, while 75% detected the attack within 24 hours.

Some 58% of those attacked reported that their onshore systems were affected and half of those attacked either experienced system downtime or server disruption.

Around 10% of those claimed to have lost business as a result.

Global positioning systems were named as the most vulnerable shipborne system, closely followed by electronic chart display and information systems (ECDIS).

Some 75% of the attacks were the result of outside activity. Of the remaining quarter, which were in-house attacks, 85% responded with changes to system access.

In terms of preventative measures, of those survey respondents who confirmed they have security measures in place, 74% rely on firewalls, followed by intrusion detection systems, and best practice protocols.

Only 16.8% of shipowner and shipmanager survey partcipants have incorporated cyber-security guidelines into their fleet management systems.

Only 22% of participants responded in the affirmative when asked if their employees had undergone any cyber-security training.

One key finding of the survey is that respondents tend to hold back on information about their systems being compromised. Only 45% of those attacked have made that information available to the whole company and more interestingly, only 11% have told their insurers. Some 80% of those attacked were not covered by their insurers.

“A year or so ago, a cyber-security expert stated that if you are a large company that believes that you have never been hacked, you are wrong. Many companies do not report hacking activity, even when it involves breaches of customers’ records,” said a respondent.

Many survey respondents called for more transparency. “Victims should share the cases with the public at large to ensure that those involved can set up a self-protection [system] from the cyber attack. These experiences could be shared through BIMCO, IMO for instance,” one respondent suggested.

Another added, “There should be reporting of incidents and an assessment of severity. This might help allay some fears and allow insurers to better assess the risk and therefore the pricing of cover.”

“Shared real-time intelligence on threats would help improve everyone’s defence and vigilance,” added another.

Launched in late July, the survey ran for four weeks and was promoted on social media and via email. More than one-third of the survey respondents were based in Europe with nearly 20% based in Asia, and over a quarter hailing from North America. More than a quarter of respondents were shipowners and managers.

Views on what leading personalities in the shipping industry make of the maritime cyber survey results conducted by IHS IHS Markit in association with BIMCO will be published shortly following the recent roundtable discussion held at this year’s SMM event, which included owners, shipmanagers, classification societies, security consultants, communication suppliers, and equipment manufacturers.