Reducing Cybersecurity Risks On the High Seas

Cybercrime poses a growing threat to businesses connected to the internet, with ransomware attacks doubling in growth in 2023. A staggering 67% of companies have fallen victim to ransomware attacks, while 93% have experienced intrusions targeting their operational technology infrastructure. These attacks have cost an estimated $600 million in the first half of 2022. The maritime industry has also seen a rise in cyber-attacks, with attempted attacks on maritime information systems increasing by 400% during the early months of the pandemic. Attacks targeting ships increased by 33% in 2021, following a 900% increase in cyber breaches on vessel and port systems in 2020.

The commercial maritime industry has been slower to adopt cybersecurity measures compared to other industries, making it a prime target for cyber-attacks. Attacks on the port of Houston, Japan’s “K” line, DNV, and Carnival Cruise Lines have highlighted the vulnerability of commercial fleets and operations. Cybercriminals employ various tactics, including ransomware breaches, man-in-the-middle intercepts, and malware attacks, to steal data, disrupt networks, and hold companies for ransom.

To mitigate the risk of cyber breaches, maritime businesses should implement multi-level cybersecurity programs. The International Maritime Organization (IMO) has issued a resolution requiring vessels to include cyber risk management in their safety management systems. Additionally, organizations should conduct risk assessments, separate networks, limit network access, use firewalls and encryption, secure USB ports, and provide cybersecurity awareness training to all employees. KVH recommends a multi-program approach that addresses security at both the satellite and terrestrial network levels, with additional built-in security features in their terminals and the option for enterprise-grade cybersecurity through their Managed Firewall Service.

Overall, it is crucial for maritime businesses to prioritize cybersecurity and take proactive measures to protect their networks and data from cyber threats.

Source .