Cybersecurity Experts say that the ship’s navigational system is easy to intercept giving hackers an incredible opportunity to change the course of a cruise or a superyacht. And the news comes just a few months after researchers have proved that the GPS system of a cruise or a boat can be altered to get them into collision with other vessels.
Earlier, experts believed that connected cars and other transport vehicles were at a risk to be ‘cyberjacked’. But now, the maritime industry is also realizing slowly that ships can also be intercepted via the internet by those prowling the web.
However, the International Maritime Organization (IMO) has been slow in realizing the fact and is still not showing consideration towards taking appropriate regulation when it comes to cybersecurity.
In the year 2014, the IMO did consult its members in what maritime cybersecurity guidelines should be implemented. The organization also came up with certain stipulations. But they were broad and not particularly maritime specific.
This is where cybercrooks are taking advantage and is doing what they the best- hack the network of a ship and act according to their objective. In some waters such as in the region of Korea, some companies are seen bribing hackers to cause damage to the shipments of their competitors by either changing the course of a ship causing delay or making the vessel collide with others- causing extreme damage to the company which owns the ship.
IMO has identified that it has to address many challenges to make cybersecurity for the maritime industry foolproof. First, of all, it has found that there are many different classes of vehicles operating in different environments. And these vessels have obsolete computer systems built into them. In order words, ships are being pushed towards cyber vulnerabilities due to outdated and unsupportive operating systems, which are often the ones prone to attacks.
Note- If the systems onboard and the ones communicating with them on land are obsolete, then the trouble is unimaginable.
In 2017, IMO tried to counter all vulnerabilities by offering general security management codes to explicitly include cyber security. The first one was the International Ship and Port Facility Security Code (ISPS) and International Security Management Code(ISM). Both the codes were offered to educate the port and ship operators to conduct risk management processes.
Hopefully, this looks to the start of a new era of a holistic approach to maritime cybersecurity regulation. And let’s hope that it is going to help to strengthen the cybersecurity defenses of Maritime businesses in near future.