Earlier this month, the International Maritime Organization (IMO) notified the public that they have experienced a sophisticated cyber-attack against their IT systems. This attack paralyzed the IMO website functionality and caused significant disruption of service. The attack affected IMO’s public website and other web-based services for unknown reasons and are currently under investigation. Analysis of basic open-source intelligence tools reveals that the IMO website was using an older version of Microsoft Sharepoint that may have been exploited or compromised. While IMO is currently taking concrete steps to address the issue, it is no secret that the incident created a shift in the public’s expectations as to how effective the IMO will be in preventing cyber-attacks in the future. In this blog, we will explain what has reportedly happened, how it may affect the Maritime industry, and provide tips for what to do next.
It was stated on IMO’s twitter account that they are taking extreme measures to dilute the problem, mitigate any damage that has been done, and ensure the risk of recurrence is minimized. Even though the IMO has not revealed specific impacts from the attack, it does not mean they made it out unscathed. There is little doubt that cyber-attacks like these will become more common and sophisticated within the digital world we live in and it will only become harder to minimize the damage that has been created— let alone detecting it in the first place. On top of all of this, it is not yet clear if this attack was coincidental or a targeted message to the international maritime industry was the objective. More importantly, this particular event has served to highlight just how prone the Maritime industry is to cyber-attacks today.
Before this recent attack, the IMO had been in the process of creating a new cybersecurity policy implementation known as “IMO2021”. This policy will be implemented in January 2021 and require ship owners to develop comprehensive cyber risk management programs based around five major areas of concern: identifying risk, detecting risk, protecting assets, responding to risk and recovering from attacks. Preparedness will be key in developing guidelines and meeting future requirements. Consequently, IMO must tie up all the loose ends within their organization as an assurance that IMO2021 is the means to put up a bigger fight when the next cyber threat comes their way.
As IMO2021 rolls out in the very near future, its acceptance and implementation across the industry will ultimately determine its overall success. The stakes are high as cyber-attacks on things like navigational computers can cause devastating shipboard impacts, collisions, oil spills, injuries, and so forth. It is clear that every security aspect whether physical or technical, onshore or offshore, needs to be hardened. Under this new policy, each ship will be required to undergo a cyber risk analysis to assess threat and vulnerability, in anticipation of potential hacks to shipboard digital systems. Hopefully IMO’s recent cyber experience on the brink of IMO2021 implementation will serve as a catalyst for progress for the future of maritime cybersecurity.
As evidenced by the increased reliance on digital services seen during the COVID-19 pandemic, those who work behind the scenes must be properly trained and capable of preventing, detecting and responding to future attacks. The Maritime industry must be vigilant about things like assessments, diagnostics, software updates, and patches to protect their systems. Whether an individual personally experiences a cyber-attack or hears of one occurring elsewhere, it should instantly drive them to want to be better for themselves and their organization. Now more than ever, professionals that are capable of wearing many hats are needed. Experience in protecting operations physically and technically alongside of IT/OT systems is paramount, which in some cases requires hiring a third party service to help your organization close the gap.
To achieve 100% security is a daunting and difficult task for most organizations, especially as the world grows more dependent on technology. This only means that while the playing field for cyber attackers continues to expand, entities like Maritime must continue to adjust and reduce the threat surface as well. What can be done today is research on different types of attacks you or your organization may be exposed to, and from there take the proper measures to prevent and detect them. Attacks like these are what continuously compels industries like Maritime to make sure new security measures and procedures are successfully implemented to avoid harmful attacks in the future.
Industries all over must continuously monitor systems, update them when necessary, and implement new security measures to keep them secure. Take action today and schedule a free consultation with Strategic Planning Partners to help your improve overall security posture.