For years, ports have been undergoing a digital transformation, due to the ever emerging challenges brought about by the optimisation of existing processes and the introduction of many new capabilities.
For years, ports have been undergoing a digital transformation, due to the ever emerging challenges brought about by the optimisation of existing processes and the introduction of many new capabilities. Digital transformation is pushing the maritime industry beyond its traditional limits to provide opportunities and to improve productivity, efficiency and sustainability. Such digital transformation has come about from the advancements in the interconnectivity of IT and the introduction of cloud computing, big data and Internet of Things (IoT). However, for ports, transitioning with the digital transformation brings along cyber security challenges that need to be met in order for future ports to fully unlock the potential of these new technologies. As a result, ports have discovered that there is a price to pay for modern technological marvels. Cyber criminals are attracted to the centralised systems which ports have that provide fraudsters with a wealth of target information.
The need for increased cyber security in ports is evident by the proliferation of cybersecurity incidents that have occured in ports over the past few years. For example: in 2011, the Belgian port of Antwerp experienced a cyber attack by where drug traffickers recruited hackers to breach IT systems to control the movement and location of containers in order to intercept and smuggle drugs. This particular cyber attack was regarded as a multi stage attack as it occured over a period of 2 years. Furthermore, Maersk experienced a NotPetya ransomware attack which infected 50,000 endpoints and thousands of applications and servers across 600 sites in 130 countries. During the 2019 Association of Bulk Terminal Operator’s annual conference, Ian Adam, chief executive said: “both physical and cyber security remain to be a particularly weak spot for the ship to shore interface,” further highlighting the need for stronger cyber security for ports.
Increasingly, ports are seen as key targets for those who are looking to disrupt national infrastructure and hostile governments. Many insiders have viewed ports as being underprepared for the likes of these cyber threats, even though major players in the industry have recognised and acted on the risks posed by cyber threats. However, the majority of the major players have been very slow to recognise the need for cyber security. There are a number of key reasons and challenges ports face as to why there are lacking effective cyber security.
It is important that cybersecurity becomes a top priority for ports, in order to ensure the safety, security, compliance and commercial competitiveness, while also ensuring they have the full capabilities for a digital transformation. Port operation is very complex because of the nature of the services provided, the number of processes taking place in the infrastructure and the large number of workers involved in the operation, which includes land, sea and economic activities, so there are many reasons for cyber security. With all the new and modern systems and equipment, ports are exposing themselves more to the risk of cyber attacks.
Ports can be found vulnerable to a number of types of cyber attacks due to the vast quantities of data that is stored and transmitted in port infrastructure, this is a key attraction for cyber criminals. Due to the automated navigation, logistics systems and ports fleet management software, all are presented as being a rich source for criminal activity. It is more and more evident that the incorporation of digital tools in the day to day activities of ports has not removed the threat of crime, but rather shifted criminals focus to digitally enabled activities. There are a number of cyber attacks ports can potentially face:
Therefore, there is an increased call for cyber security at ports due to the impact cyber crime can have on the port itself. Cyber attacks have the ability impact to how a port safely carries out operations, they also have the ability to reduce the speed and efficiency a port operates at. There is the risk of damage to ships and crews, if, for example, a ship collision occurred due to a hacking of e-navigation. The overall port business could be disrupted and damaged, resulting in a tarnished reputation. There is the risk of huge losses, be it in regards to, physical assets, the loss of cargo or the loss of personal data of employees or customers. These are only to name a few of the impacts that a lack of cybersecurity can do to ports.
With the recent growth of cyberattacks and increased awareness of cybersecurity, it appears that ports have been somewhat neglected. It is evident that with the world rapidly becoming digitalized and dependent on efficient communication systems, cyber security has been identified as a top-level priority among policymakers and scholars. The gap of knowledge on cybersecurity in ports is a key issue, as it makes them more and more vulnerable to cyberattacks which will prove a major problem in years to come. The limited amount of information and guidance available about cybersecurity related practices in ports and maritime as a while, indicates the essential need for increased cybersecurity protocols. Traditionally ports were only concerned with physical security and safety, it is now more important to integrate cybersecurity into a global strategy.
SaltDNA is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. SaltDNA offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. SaltDNA is headquartered in Belfast, N. Ireland, for more information visit www.saltdna.com.