Addressing Inland Marine’s Unique Cybersecurity Needs
Ransomware and other cyberattacks targeting the global maritime shipping industry have increased by 900 percent over the past three years, according to the World Economic Forum. The numbers reflect both the increasing value of maritime targets as well as the unique challenges of securing ship-borne IT systems.
The shipping industry is an attractive target because it is so critical to global supply chains, with more than 80 percent of global trade volume transported by sea. In the U.S., the nation’s inland marine industry also serves vital economic interests. Some 500 million tons of cargo valued at more than $130 billion move through the roughly 12,000 miles of inland waterways every year.
Any interruption in these operations creates significant supply chain disruptions that ripple throughout the economy. Cybercriminals are counting on the fact that operators and owners will be willing to make ransom payments to limit their downtime.
It is indicative of an overall shift in cybercrime economics. Until about a decade ago, most cyber attacks were designed to steal personal or financial data. Now, cybercriminals are seeking easier and more lucrative paydays with ransomware that encrypts files until a ransom is paid. In more recent variations, attackers threaten to leak stolen information to up the pressure on victims.
Ransomware is an escalating problem in virtually all industries, but inland marine operations may be particularly vulnerable due to rapidly evolving technologies that have led to a convergence of IT systems and once-standalone operational technology (OT) systems. With increased exposure to the public Internet, OT systems become new attack surfaces.
Navigation systems, global positioning systems, satellite communications, radar systems and electronic charting applications are OT systems that have traditionally been physically disconnected from the public network. In recent years, however, the integration of IT and OT systems has created new efficiencies through the use of analytics for route optimization, fuel efficiency, predictive maintenance, cargo tracking and more. It also creates a stronger digital connection between ports, vessels and companies that own them.
With these efficiencies come a range of unique risks. A successful penetration of the IT network at a shipping company could allow attackers to burrow their way deep into critical port or ship OT systems. Because most OT systems were intended to be offline, they frequently lack many basic security precautions such as antivirus software. In many cases, it may not even be possible to update OT gear.
Complex Regulation Landscape
The industry faces other challenges stemming from the fact that ports, vessels and shipping companies all have different cybersecurity guidelines and fall under different jurisdictions. For example, U.S. shipbuilders must follow technological standards set by the International Maritime Organization and the Coast Guard, but vessels built abroad generally have fewer security requirements. U.S. ports, meanwhile, are regulated by multiple agencies, including the Coast Guard, the Federal Maritime Commission, the U.S. Army Corps of Engineers, the Department of Transportation and several others. Private shipping companies may have to comply with regulations from dozens of local, national and international agencies.
Cybercriminals are seeking easier and more lucrative paydays with ransomware that encrypts files until a ransom is paid.
Faced with rising numbers of attacks and overlapping requirements from a variety of government and private agencies, it’s no wonder that operators are having trouble keeping pace with the latest cybersecurity practices. That’s why many inland marine operators choose to partner with GDS to manage their technology environments.
Our turnkey managed IT services for inland marine operations are designed with security in mind. Plug-and-play network connectivity solutions include layered security features that help ensure Internet protection, secure remote access, virus protection, email security and more. We also offer around-the-clock monitoring and support to ensure continuity of operations.
We invite you to visit us online or call us at 888-435-7986 to learn more about how we can help you reduce the risk of cyberattacks that could threaten your operations.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.