The issue cyber security becomes increasingly important for maritime shipping as significant part of the global logistics chain. Just one of the latest attacks was with the malware “NotPetya” in 2017 where the shipping company Maersk alone suffered damages of several hundred million Euros, which made clear how immense the magnitude of cyber-attacks can be in maritime shipping.
Sea-going ships fall victim to cyber-attacks more and more often because they are floating data processing centres. And these data processing centres can get attacked. Which means that for example navigational systems used on board ships do not just make them susceptible to disturbances but also connect them to the internet and thus create doorways for computer hackers.
Cyber hazards also lurk in ports. Admission systems, cargo handling, steering systems for cranes and the SCADA software often used in industrial steering systems turn ports into highly connected IT systems. The more steering and navigational systems at land and sea become interconnected with other networks und entertainment systems, the easier it becomes for third parties to gain access via IT interfaces along this chain of systems.
Since this year, IMO has made it mandatory for shipping companies to protect against cyber risks. Ship operators have to integrate the relevant measures into their existing ISM systems. The BG Verkehr, the BSH and the BSI aid German shipping companies in this task. In the joint ISM Circular on “ISM Cyber Security”, these three authorities offer practical tips on the topic cyber security. Sabine Kudzielka, CEO of the BG Verkehr, emphasizes: “The experts of our Ship Safety Division are happy to support shipping companies to establish an individual cyber risk management in their enterprise. Our experts used to serve at sea themselves and know what is relevant on board.”
The Federal Maritime and Hydrographic Agency (BSH) points out its competences regarding cyber security: “The BSH is responsible for the verification of security systems on board ships flying the German flag. Furthermore, we work together with partners in scientific research on our technology development platform in the BSH system laboratory to find solutions that can prevent unauthorized access to ship systems”, explains the president of the BSH, Dr. Karin Kammann-Klippstein.
The BG Verkehr, the BSH and the BSI have agreed upon an intensification of their cooperation regarding maritime cyber security. Based on an administrative agreement, they want to sensitize shipping companies for the topic “information security”, provide support and carry out joint projects. “We want to share knowledge of and experiences with information security with shipping companies and German maritime enterprises and be a part in shaping the digital change in the shipping industry successfully,” Dr. Gerhard Schabhüser, vice president of the BSI, gladly announces. “This administrative agreement in an important step towards this goal.”
In addition, the BG Verkehr and the BSH will become a member of the alliance for cyber security and keep the BSI informed about IT security incidents in maritime shipping to create a more accurate overview of the situation. Moreover, joint publications such as guidance and checklists will get developed.