Suomen Merenkulku 2 ● 20

CYBER DEFENCE The threat of cyber-attacks is still strong in the shipping industry. Just as memories of the 2017 ransomware attack on Maersk had started to fade, another hack took James Fisher’s systems offline in late 2019. With seafarers likely to be in the firing line if something goes wrong, it’s time we were clued-up on how to protect ourselves, says WITHERBY who have published a new cyber-security guide. 24 SUOMEN MERENKULKU J FINLANDS SJÖFART The maritime industry has undergone a digital revolution; ships have transformed from being tiny islands, isolated from the internet, to hubs of digitisation and connectivity. Advances in technology mean that ships’ systems – from the most basic of programmable logic controllers to complex bridge systems – are now connected to each other and, because of the affordability of internet-providing VSAT spell out in full first-time systems, to the wider world of ports and onshore offices. These VSAT systems also provide recreational access to the internet for a ship’s crew, and the use of personal devices onboard to stream entertainment, use social media and communicate with friends and family ashore is the new normal for life at sea. In fact, this is now contained within maritime legislation, with the Maritime Labour Convention (MLC) stating that ships must provide crews with ‘reasonable’ access to the internet and to email. This digital boom has brought many benefits to seafarers including faster, more intuitive ship’s systems, quicker access to updates and new information, as well as a happier, more connected crew. However, it has also brought a dangerous new reality: the threat of cyberattacks. Johan Machtelinckx, technical director of Witherby Publishing Group and former chief officer with EXMAR, notes that the shipping industry has become ‘low hanging fruit’ for hackers, who are becoming increasingly knowledgeable about how the industry operates. According to a 2018 report by Futurenautics, 47% of seafarers questioned said that they had sailed on a ship that had been the target of a cyber-attack, but only 15% had received any form of cyber-security training.