Welcome
About
News
Anonymous Reporting
Tools
MCA Chatter
Library
V-ID Terminal
Support
My Account

News

Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019
 
 
 

Cybersecurity risks weigh on shipping industry

 
November 20th 2017
Who is responsible when an unmanned vessel falls victim to a cyber-attack? What happens when an unmanned vessel causes a collision with other shipping? These are just two of the issues that global law firm Clyde & Co and the Institute of Marine Engineering, Science and Technology (IMarEST) asked 220 marine executives. The results show that there is confusion over liability and a fear that unmanned vessels pose a greater cyber security risk than traditional ships.

According to Joe Walsh, Partner, Clyde & Co: “Marine executives are right to be concerned about the potentially increased threat of cyber-attack as a result of the use of unmanned ships. However, it is probably worth mentioning that the maritime industry as a whole has been criticised for being a bit slow in reacting to existing cyber threats, including fully crewed vessels and that the biggest threat to any organisation’s cyber-security posture is still, in fact, human error.

 “It is therefore possible that a transition to unmanned ships might actually reduce an organisation’s profile and exposure to cyber risks. The cyber threat should certainly be taken seriously but it should not put the brakes on further exploration of the viability of unmanned ships.”

Cyber-attacks already a risk to manned shipping
There are already significant concerns over the risk of hacking to global shipping. After two accidents involving US Navy ships in Malaysia and Japan, the US Navy began investigating the risk of GPS spoofing. This works by convincing a GPS device that it is in a different location. There have been concerns over the risk of GPS spoofing for a number of years.

So far, the US Navy has yet to publish the results of its report. This has left concerns that GPS spoofing could be used for more serious purposes. Ship owners are concerned that this could lead to ships being rerouted by pirates. Harbour masters and national security teams worry that it could increase the risk from rogue ships especially in busy harbour areas.

According to the press release 68% of respondents see unmanned ships as a greater cybersecurity risk than existing shipping. Unfortunately, we were unable to validate that based on the data in the report. What the report does show is that 14% see cyber threats as a serious barrier to smart shipping.

Who is liable when an unmanned ship causes a collision?
It’s a good question and one that has to be solved by regulators, insurers and the industry as a whole. The report shows that over 60% say it is unclear how insurers will treat unmanned ships. A similar number said there is too much confusion surrounding liability.

The two main organisations responsible for setting regulations are moving forward. The International Maritime Organisation (IMO) is a UN agency that regulates shipping. It has already announced plans to update the International Convention for the Safety of Life at Sea (SOLAS) to allow cargo ships with no captain or crew to travel between countries.

Meanwhile the Comité Maritime International (CMI) has established its own Working Group on ‘Maritime law for unmanned craft’. It will consider how international conventions and regulations can be adapted to provide for the operation of unmanned vessels on the high seas.

These are just the first steps. National and regional organisations will also have to update their rules for shipping. This is unlikely to be a smooth process especially when it comes to access to harbours and other shore facilities.

Until these are determined, it is unlikely that insurers will make any significant move to define their policies. This means that it could be years before any practical regulatory and liability framework is in place.

The same problem is evident with land based autonomous vehicles. Countries are already reviewing their motoring laws to decide what needs to change. One of the issues that has been raised regularly is ‘what happens in the event of a cyber attack?’ Is the owner, manufacturer, software developer or some other body legally responsible? So far there is no agreement on this and shipping insurers and owners will probably be guided by what is agreed here.

What does this mean?
Autonomous shipping is coming and for good reason. 90% of global trade moves by sea and it can be a risky business. The weather is getting more extreme which has increased risk to both vessels and crew. Piracy also continues to plague parts of the world. In some parts of the world there is also a risk of increased intervention from governments keen to protect what they see as their territory.

It will be interesting to see what cyber solutions begin to appear. The current state of end-user device security is poor. The same can be said of the current range of vehicles on the road. Hack after hack shows just easily vehicles can be taken over. For fully autonomous vehicles to be trusted there has to be a better security approach. How this is solved will be of keen interest to shipping companies. They will want a cost effective and trusted solution.

The report shows that cybersecurity is not the only risk. Liability is a major worry especially given the value of goods carried on some vessels. There is also a lack of clarity over global regulations which is, in itself, inhibiting planning and preparation for autonomous shipping.

The future of global shipping looks interesting.

Source