The maritime industry is heavily reliant on electronic commerce (“e-business”) in many of its daily business transactions, including recordkeeping, human resources data, the loading and discharging of cargo and the location of containers on the docks, on land transportation and on ships. About 50,000 ships are at sea or in ports at any one time. The industry is therefore exposed to cyberattack threats that can have severe repercussions. Companies are increasingly using cutting-edge techniques to stop cyber criminals from breaching their networks, but many are still not effectively protected. While governments have enacted legislation to counter such attacks, the implementation of legislation and international conventions does not, at present, appear to be entirely effective.

Key points:

• The volume, impact and sophistication of cyberattacks have grown at an alarming rate. Worldwide, nearly 17 million attacks reportedly occur each week.
• With around 50,000 ships at sea or in port at any one time, the maritime transport industry is highly exposed to cyberattacks.
• Vessels do not need to be attacked directly. An attack can arrive via a company’s shore-based Information Technology systems and very easily penetrate a ship’s critical onboard Operational Technology systems.
• The International Maritime Organisation (IMO) reacted quickly in introducing guidelines in response to terrorist attacks on shipping, but has arguably been slower in formulating appropriate cybersecurity regulations.
• The maritime industry appears still to be ill-equipped to deal with such future challenges as the cybersecurity of fully autonomous vessels.