Ship security guidelines unveiled as Maersk recovers from cyber assault

A BIMCO-led group has released a second edition of The Guidelines on Cyber Security Onboard Ships, a week after major shipping group Maersk suffered the industry’s worst attack.

The latest edition from the joint industry group* includes new information on how to segregate networks, manage ship-to-shore interfaces and handle cyber security during port calls. There is also a new chapter on insurance cover and cyber risk management.

The guide has been aligned with IMO’s recommendations on incorporating cyber risk management into safety management practices, which were adopted in June 2017.

BIMCO secretary general and chief executive Angus Frew urged shipowners, managers and operators to download the guide for free and adopt its recommendations following last week’s cyber attack on Maersk Group.

“Ignorance is no longer an option, as we are all rapidly realising”

He said: “In the light of recent events we urge everyone across the industry to consider the risk cyber crime may pose to their ships and operations. Ignorance is no longer an option, as we are all rapidly realising”.

The chapters in the guide on contingency planning, responding to cyber threats and recovering following an incident have been rewritten to reflect that the guidelines are aimed specifically at ships and the remote conditions prevailing if a ship’s defences have been breached.

Maersk Group is still recovering from the attack last week that impacted its IT systems across multiple business units and forced it to close container terminals.

It said on 4 July that all impacted APM Terminals have reopened and productivity was increasing. However, the Maasvlakte II terminal in Rotterdam is expected to be closed to ship and rail operations until 6 July.

The major IT systems and Maersk Line’s online booking portal My.Maerskline.com is back online. However, the portal only supports functionalities such as booking and printing bills of lading. Maersk said more functionalities are expected in the coming days, such as container tracking and tracing and other customer applications.

But Maersk has to progress through a lengthy backlog of container requirements. It said Damco is working through significant backlogs of its EDI bookings. Maersk confirmed that the source of the virus that caused so much IT disruption was NotPetya, which also affected other non-maritime company IT systems on 27 June.

* The joint industry working group members are:  BIMCO, Cruise Lines International Association, International Chamber of Shipping, Intercargo, Intertanko, International Union of Maritime Insurance and Oil Companies International Marine Forum.