Maritime Cyber Security Is Equally Important On Land

The last year has found maritime shipping in the firing line from the threat cyber attacks and port infrastructure has never before been under such strain. The combined challenges of COVID-19 and Brexit mean that freight volumes are at an all-time high which has caused significant backlog with importers struggling to obtain their goods and factories pausing manufacturing lines due to a shortage of component parts.

Although this is not the result of any kind of malicious activity, it has certainly highlighted the significant impact that port disruptions can have on the wider economy. 

With the global shipping industry already under pressure, and the UK facing new challenges in 2021 as the Brexit transition period has ended, addressing the risk to port infrastructure from cyber-attack has never been more critical. Different classes of attackers have different motivations, depending on their objectives, and these can vary both between groups and over time. 

Criminal groups have realised that there is money to be made from targeting a company or organisation, stealing data and/or disabling key systems and demanding a ransom payment to restore operation or prevent further disclosure of sensitive information. By causing huge disruption they hope to pressure their victims into paying out to quickly restore operations. Due to the critical nature of ports, and the publicity and knock-on effects of disruption, ports are an attractive target, and may be viewed as being more likely to pay up.

Ports play a significant role in the regulation of the flow of people and goods into and out of a country, something smuggling groups need to evade. By getting access to data and systems within the port, they can get information on goods movements, or attempt to amend records to evade taxes and excise duties.

Nation states are continuously looking to further their own aims. Information held by ports such as passenger movements, goods flows or operational techniques can be hugely revealing to help build a better picture of activity in a country or region. 
Additionally, nation-states may also carry out intrusive and purposefully destructive activity to disrupt the flow of goods into a country in the event of a diplomatic dispute or other conflict. 

The ways in which technology and automation have been rapidly adopted to improve port operations and efficiency can only be a good thing. However, it is important that as it is adopted, the risks that it might introduce are considered in a holistic, and realistic way, commensurate with the threats present in the maritime environment.

Maritime-Executive:         Hellenic Shipping News:        Lloyds Register:       Lloyds Register

You Might Also Read: 

Maritime Cyber Security Needs Shipping Companies to Focus:

 

« Creating A Data-Driven Business Culture
Britain Will Build Up Its Military Cyber Capabilities »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

iLand

iLand

iland is a global cloud service provider of secure and compliant hosting for infrastructure (IaaS), disaster recovery (DRaaS), and backup as a service (BaaS).

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

WetStone Technologies

WetStone Technologies

WetStone develops software solutions that support investigators and analysts engaged in eCrime Investigation, eForensics and incident response activities.

Garrison Technology

Garrison Technology

Garrison SAVI® is a unique technology for secure remote browsing that can dramatically change the risk profile for enterprise cyber security.

Department of Justice - Office of Cybercrime (DOJ-OOC)

Department of Justice - Office of Cybercrime (DOJ-OOC)

The Office of Cybercrime within the Philippines Department of Justice is the Central Authority in all matters relating to international mutual assistance and extradition for cybercrime.

Asia Data Destruction (ADD)

Asia Data Destruction (ADD)

ADD is the leading IT Assets Disposal and Data Destruction Company in Thailand.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

Elemental Cyber Security

Elemental Cyber Security

Elemental is a game changing cyber security compliance automation and enforcement technology provider.

Fortiphyd Logic

Fortiphyd Logic

Fortiphyd Logic equips operators of the power grid, oil & gas, and other critical infrastructure with the tools and training they need to defend their industrial networks from advanced cyberattacks.

Data Storage Corp (DSC)

Data Storage Corp (DSC)

Data Storage Corporation is a provider of data recovery and business continuity services that help organizations protect their data, minimize downtime and recover and restore data.

AlJammaz Technologies

AlJammaz Technologies

AlJammaz Technologies is the leading Technology Value-Added Distributor, which distributes advanced technology products, solutions and services in area including networking and cybersecurity.

Trapp Technology

Trapp Technology

Trapp Technology combines the very best cloud, Internet, IT managed services, and IT consulting to provide a true all-in-one IT solution for small to mid-sized businesses.

OpenAVN (DefenseArk)

OpenAVN (DefenseArk)

Defending your life online, keeping your data safe and private. We detect digital threats magnitudes faster than the leading antivirus software.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.

Cytex

Cytex

Cytex is the All-in-One solution for SMB data protection & compliance needs.

PowerDMARC

PowerDMARC

PowerDMARC is a domain security and email authentication SaaS platform that helps organizations protect their domain name, brand, and emails against unauthorized use.