SmartSea’s Simon Fotakis discusses his experience in aviation and how that sector is ahead of maritime when it comes to cyber security measures due to it already being classified critical infrastructure.
‘Loose lips sink ships’ was a key phrase used as part of World War II propaganda. Its inherent meaning, that a careless approach to communication has its consequences, should be heeded by all businesses that operate in today’s maritime industry.
With many people accessing IT services both onshore and offshore, on most occasions, due to lack of segregation, this provides users with access to the Internet which leaves them open to cyber-attacks.
The threat of cyber-attack and the disastrous consequences on business, should not be overlooked. Threat actors have the same mission. Either steal information, or cause disruption for several reasons.
Ransomware is the number one threat in maritime. It does not distinguish based on landscape. If the opportunity exists, the bad guys will seize it, whether you are a maritime, aviation or a trucking company.
At SmartSea we use the same advanced technology that has already transformed the aviation industry. Aviation is much more conscious of cyber security because a disruption due to a breach to plane systems cannot be tolerated mid-flight. Therefore, systems are designed with many more security principles in mind. Traditionally, maritime has a deeply embedded culture of adopting change slowly. It also works in a much more siloed way unlike aviation. Information and intelligence sharing is a key pillar of cyber security and thus by principle, maritime is not as focused on cyber security as aviation.
However, with the latest developments in technology adopted by the industry to improve productivity using automation, GPS, advanced analytics and data management, cybersecurity is even more important and should not be overlooked.
Looking forward, we predict that the benefits of technology, and more specifically, AI, will positively impact shipping for many years to come. It can help to monitor the health of ships by predicting maintenance needs and will be used to improve the operation and navigation of ships. Furthermore, AI will power systems that can help analyse weather data, ocean currents, and other variables to determine the most efficient routes, reduction in fuel consumption and travel times. AI can assist with crew management, safety and risk management by monitoring hazardous conditions and potential threats. There are many more areas in which AI can play a significant role and we should embrace the role AI will play in driving significant advancements
Whilst this will bring improved benefits, we also foresee attacks on the AI models that power autonomy, mainly model hijacking, poisoning or theft. A successful attack on an AI model that runs an autonomous ship could, for example cause attackers to take it over completely, divert it or disrupt its course. Attacks could also be mounted against communication systems on a ship to break the connection between it and the command centre, rendering it effectively blind.
As industry becomes more technologically advanced the risk of cyber-attacks will increase significantly and it is essential that regulators put more structure around the area of cyber security in a similar way to that of the aviation industry.
It is therefore more important than ever that ship owners and managers invest in cyber security, rather than waiting for it to become mandatory. They should view cyber security in terms of enterprise risk, which should be managed and vigorously reported on.
It is inevitable with such a dramatic change in the industry’s technological advances, that ever more stringent compliance measures will be mandated and cyber security measures and governance will slowly become solidly mandatory. I would urge shipowners and managers to embrace this opportunity to think ahead and keep their investment in technology protected with the same diligence as they do their ships, their equipment and their personnel.
Energy News Beat