Ransomware cyber attacks are a “very high” threat for the maritime industry, while the threat from cyber terrorists is low, according to Denmark’s cyber security strategy.
The Danish Maritime Authority (DMA) published its Cyber and Information Security Strategy for the Maritime Sector 2019-2022, prompted by a threat assessment from Denmark’s Centre for Cyber Security (CFCS). The CFCS threat assessment concluded that the general cyber threat to the maritime sector is directed against commercials business, rather than maritime operations.
The assessment discounted threats from “destructive cyber attacks”, but stressed that “maritime lines of communication”, such as vessels and ports, might become targets during times of conflict.
Instead, it highlighted the “very high” threat from cyber criminals facing the maritime industry, with a “considerable threat” from cyber criminals aiming to blackmail public authorities, business and individuals – otherwise known as ransomware. The DMA report warned that organised networks of cyber criminals exist that work towards long-term goals and are likely often committed by government-backed hackers.
The CMA report assessed the risks that ships face due to increasing IT usage on board, and a greater dependency on IT usage for “core activities” in the maritime sector. The risks it identified fell into three main areas: a lack of timely response to technical vulnerabilities in ships versus land-based IT and OT technology, a lack of process in place for upgrades to OT equipment compared with IT systems and a failure to secure critical systems, such as databases and registers based on older technology.
Among its recommendations, the DMA said the maritime industry should use technologies resilient to cyber threats, for example, encryption of navigation and communication infrastructure, and raise awareness of IT security among employees, as well as communicating guidance on IT security from the top down so that no ship or department acts in isolation to IT security.