Petya/GoldenEye Puts Spotlight on Marine Cyber Risks

The Petya/GoldenEye cyber-attack caused major disruption to global shipping, providing a stark warning about the impact these pandemic events can have on the industry.

The “ransomware” attack caused outages to computer systems, affecting both vessel operating and port logistic operations. Shipping companies rely on a large network of interconnected systems and complex supply chains, meaning such an attack can have a long-lasting impact on operations and the bottom line.

What Is at Risk?

If a shipping company is hit by a cyber-attack, it could result in:

• Data breach or loss: Company and customer data could be exposed or corrupted, leading to liability and business interruption losses.
• Financial risk: The Petya/GoldenEye cyber-attack was initially deemed a ransomware attack, though given the nature of the malware, data could not be restored after payment. While opinions differ regarding ransomware payments, they are typically a small fraction of the costs associated with restoration and potential productivity and revenue losses.
• Operational risk: Cyber-attacks could allow for the re-routing of cargo, enabling targeted trafficking and theft, which could cause considerable operational delays for ports and third-party logistics companies.
• Reputation risk: A successful cyber-attack, without appropriate response plans in place, could lead to long-term reputational damage for the victim and, potentially, the shipping industry as a whole.

Risks are heightened in the shipping industry due to the increasing reliance on networked systems for operations. Any attack that disrupts these has the potential to bring trade to a temporary, but devastating, halt.

Managing Cyber Risk in Shipping

The ability of a cyber-attack to disrupt global trade is now a reality. Greater education and improved industry resilience are needed.  Now is the time to:

• Plan for the next event: Develop concrete plans to enhance cybersecurity and enterprise resilience, including assessing cybersecurity vulnerabilities, testing cyber incident response plans, and introducing complex ransomware and outage threat scenarios into your exercises and risk modelling.
• Know industry guidelines: These include the International Maritime Organization’s Interim Guidelines on Cyber Risk Management and the International Chamber of Shipping’s   Guidelines on Cyber Security Onboard Ships.
• Review your insurance coverage: Assess whether you are covered for business interruption and cyber extortion and re-examine programme limits in relation to potentially catastrophic scenarios.

Cyber response plans are an essential part of the overall marine risk review. Insurers’ marine risk engineers are increasingly looking at clients’ abilities to provide secure networks and detect cyber threats, their incident response capabilities, and any past breaches or near misses, so that specific cyber response recommendations can be incorporated into risk mitigation strategies.

Cyber criminals are learning about the weaknesses of today’s technology more quickly than their targets and those caught in the wake of their attacks. The shipping industry needs to become more vigilant of the way cyber-attacks are evolving.