Cyber-crime threatens maritime industry

South Africa is the most
targeted country in the
world for cyber-crime and
the maritime sector needs to
upskill staff to combat it at the
same level of other security
threats.
Carl Uys, cyber security
engineer and director of
Bowline Security, said the
threat was highlighted in
research
released
by Cisco in
January,
which
blamed the
country’s
aging
infrastructure and outdated
organisational structure and
practices for the vulnerability.
Speaking at the eThekwini
Maritime Cluster’s Durban
Maritime Summit in the city
recently, Uys told maritime
sector leaders and academics
that it was vital for companies
to train up internal cyber
cadets who would be able
to proactively discern
vulnerabilities before the
organised criminals. He said
cyber crime cost the global
economy an estimated US$400
billion annually.
“The maritime domain
is turning to technology to
improve safety, effectively
manage cargo and reduce costs.
This change has also meant
that companies have inherited
vulnerabilities related to
technology,” he said.
“With
the goals
to turn
Durban
Port into a
smart port,
not enough
emphasis can be placed on
how important it is to ensure a
proper cyber security platform
is implemented as part of the
foundation of the smart port,”
he said.
Uys pointed out that more
than 50% of cyber crimes were
related to IT admin errors in
organisations, 70% were related
to social media, more than 23%
were related to people clicking
on phishing emails and more
than 50% were related to staff
using the same passwords at
home and at work.
He said Bowline Security
had found more than 500 data
breaches out of 140 million
records analysed at the end of
2015.
Five major areas of cyber
crime threats in the maritime
sector related to vessels
and safe navigation, cargo
tracking systems, automatic
identification systems, satellite
communications and marine
radar systems, while supply
chain management systems
were also vulnerable to attack,
he said.
Technologies that hackers
have exploited on vessels at sea
included GPS systems, where a
ship could be taken off course
using spoof coordinates and put
in a fictitious location.
“We also see cyber criminals
are tampering with our
Automatic Identification
System (AIS) as well as our
Electronic Chart Display and
Information System (ECDIS),”
he said.
Uys added that it was
vital to safeguard systems
that transferred logistics
information and data about
cargo in containers, as the
drug trafficking incident at
Antwerp Port had highlighted.
This after hackers cracked the
pier's management system and
were able to track containers to
remove drugs hidden in banana
shipments before the real
owners claimed the cargo.
Cyber criminals’ motives
were illicit financial gain, a
desire to do malicious damage
to property and acts of
espionage and war, he said.
“Organisations establish
themselves to perform cyber
crimes so they can fuel things
like piracy, armed robbery and
the illicit trade of fake goods
that we see in our country, in
Africa, and across the world,”
he said.
“This is a great concern for
us as a maritime community
because if this takes place we
are exposed to cyber criminals
having our information and
running our seas and our
ports,” he said.
The cyber security sector was
immature in Africa and there
were opportunities for skills
development, he added.
INSERT 1
$400bn The annual cost of cybercrime
to the global economy.
INSERT 2
More than 50% of
cyber crimes were
related to staff using
the same passwords
at home and at work.
– Carl Uys