Cyber risks and the marine cargo market

In just seven months in 2017, the US Pacific fleet was involved in four separate casualties, reportedly causing damage of over US$1 billion.

  • 31 January: USS Antietam ran aground off Japan sustaining minor damage.
  • 9 May: USS Lake Champlain collided with a South Korean fishing boat off Japan.
  • 17 June: USS Fitzgerald collided with a Philippine container ship off Japan with the loss of seven US sailors and extensive hull
  • damage.
  • 21 August: USS John S. McCain collided with an oil tanker off Singapore, with the loss of ten US sailors and substantial damage.

The Pentagon’s response was interesting in that it ordered an investigation into the causes, including as to any possible role played by cyber attackers.

The ensuing report blamed the incidents on inadequate training and avoidable human error including “loss of situational awareness”, with no mention of cyber attack. Conspiracy theorists may baulk at these findings but if the US government is concerned that the world’s supposedly most sophisticated and secure fleet is vulnerable to cyber attack, then the merchant fleet must have considerably greater cause for concern.

The many and varied cyber risks facing cargo

Leaving aside any policy exclusions – such as that in the Cyber-Attack Exclusion Clause (CL. 380) - the cyber risks facing those concerned with cargo insurance are significant and set to rise.

On-board systems and ‘cyber piracy’

There are numerous cyber ‘gateways’ into a vessel’s IT systems such as through the cargo, bridge, access, communication or propulsion management systems, dependence on which is set to increase with the rise in automation and the inexorable move towards fully autonomous vessels. Administrative and crew welfare systems are also particularly vulnerable when they provide internet and email access.

Such vulnerabilities open up the spectre of ‘cyber piracy’ whereby on-board systems are over-ridden to divert and steal cargo; control of a vessel is taken over to cause collision or grounding; or disablement of the vessel in a busy shipping lane, exposing it to the risk of collision, leading to damage to or loss overboard of cargo.

Hand in hand with this, in the face of such a manufactured casualty, cargo owners and their insurers will face potential exposure to liabilities in GA and salvage. For example, in the event that a ransom is paid for the return of a vessel or control over it, there is no reason in principle why it would not be recoverable in GA.

These vulnerabilities are already being exploited:

  • In February 2017, hackers reportedly took full control of a German container vessel leaving the Master unable to manoeuver. The intention was to steer the vessel to an area where they could board and take over, presumably to demand a ransom. Fortunately, IT experts were able to restore control after ten hours.
  • Somali criminals are reported to have used a ‘homegrown’ system to breach a vessel’s on-board container manifest and then board the vessel to target and steal specific high-value cargo.

Port systems

Cargo management systems within ports have also shown themselves to present opportunities to a cyber attacker.

  • Between 2011 and 2013, drug smugglers used hackers to breach IT systems that controlled the movement and location of containers within Antwerp Port to locate containers holding narcotics, before sending in drivers to retrieve the containers ahead of the scheduled collection time. It is not hard to imagine a slight change in modus operandi that entailed the theft of cargo rather than facilitation of smuggling.
  • In 2012, thieves stole a cargo from Antwerp Port by hacking into its Electronic Release System whereby, in return for the bills of lading, the receivers are supplied PINs upon presentation of which to the terminal physical delivery is given. By obtaining these PINs the hackers were able take delivery of the cargo before the rightful owner (MSC v Glencore [2017]).
  • In July 2017 Maersk was hit by a wiper virus which prevented vessels from accessing or departing ports for several weeks and destroyed the company’s entire computer system, costing it over US$300 million.

‘Cyber (un-)seaworthiness’

Although there have been no reported decisions yet, as a matter of principle a vessel may be unseaworthy unless fitted with adequate cyber defence systems. The adequacy of such cyber security systems is likely to be judged according to prevailing standards which, while undoubtedly low, are nevertheless set to rise.

Such is the international maritime community’s concern at the risks posed by cyber criminals and the current inadequacy of defences that in June 2017 the IMO passed a Resolution pursuant to which flag states are required by January 2021 to ensure that all vessels have safety management systems that appropriately address cyber risks. Non-compliance after that date, will only add fuel to arguments that the vessel is unseaworthy.

Related items:

Read other items in the Marine Brief - March 2018