Nearly half of all seafarers have worked on vessels that have been compromised by a cyber incident. However, around 90 per cent of crew have not been trained in any form of cyber security. These were two of the striking facts that delegates were told at Riviera Maritime Media’s Maritime Cyber Risk Management Summit being held in London in association with multinational law firm Norton Rose Fulbright.
Inmarsat’s Gert-Jan Panken highlighted that 43 per cent of crew said they had served on a vessel that had been a victim of some form of cyber incident. He added that this could include malware insertion, digital virus attack, or software updating issues. An alarming statistic is that 95 per cent of cyber breaches are human-related. Yet only 10 per cent of crew surveyed had received some form of cyber security training.
One of the key conclusions from the morning sessions was that seafarers could be a key conduit for malware and viruses, through the use of USB memory drives. But there are other sources of cyber risk. Robert Hone, lecturer at Plymouth University said cyber attacks could come through the Automatic Identification System (AIS), GPS, and inputs to ecdis. DNV GL said cyber attacks could come through the ship’s connection to online services over satellite communications, in-port WiFi, or through contractors providing remote monitoring services. Malware could also come from engineers updating shipboard system software.
A summary of the programme for Maritime Cyber Risk Management Summit is in the latest issue of Marine Electronics & Communications and on www.marinemec.com.