Maritime and port cybersecurity.

According to the English-language website Vanguard, operational technology (OT) systems in the maritime sector have experienced an increase in cyberattacks of around 900% over the past three years. As a reminder, “OT” refers to Operational Technology, meaning, according to the NIST definition, the set of constrained information systems used in industrial and operational environments (industrial control systems, operational applications), as opposed to IT, which refers to more traditional information systems such as corporate networks or intranet services.

We have already discussed autonomous maritime vehicles in several previous articles, notably in the context of the first trials of autonomous ferries in Finland, in an article about the future of maritime information systems, and when reviewing some of the emerging regulatory references on the subject.

In the maritime domain, different categories of autonomous systems exist or are expected to emerge, including UAVs (Unmanned Aerial Vehicles), USVs (Unmanned Surface Vehicles), and UUVs (Unmanned Underwater Vehicles).

In February 2020, the United States created the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC), whose website has since been launched. The MTS-ISAC was established by a group of U.S. maritime stakeholders as a non-profit association (501(c)(6), broadly comparable to a French non-profit association) with the goal of promoting cybersecurity information sharing across the maritime community.

A growing awareness within the maritime sector

The creation of the MTS-ISAC reflects the maritime sector’s increasing awareness of cyber risks and the need for efficient and secure information sharing between stakeholders, including smart ports, shipping companies, and port operators. Within many maritime organizations, personnel combining both maritime and cybersecurity expertise remain scarce. As a result, sharing information among public and private actors has emerged as one of the most effective ways to strengthen collective resilience.

By now, after reading the various articles on this site, you have probably understood that maritime information systems contain vulnerabilities. The real challenge is that the future of maritime information systems is being built while many of these vulnerabilities remain unresolved. It is a bit like adding extra floors to a house while the concrete of the ground floor has not yet fully set. In short, it is risky. Ships being built today are still insufficiently secured, yet they are designed to remain in service until around 2060.

Naval Dome, an Israeli company, announced that it has equipped a luxury yacht (MY Lucky Me) with its maritime cybersecurity solution.

According to the company, the solution includes host-level protection (endpoint protection) combined with cloud-based cybersecurity capabilities (cloud-based solution). Nothing particularly revolutionary at first glance, but what stands out most is the integration approach: rather than operating in isolated silos, the solution appears to cover both IT and OT systems on board. That is clearly the direction the sector should be moving toward.

The website offshore-energy.biz reports that the number of attempted cyberattacks in the maritime sector has increased by 400% since February 2020. This surge is reportedly linked in part to the widespread adoption of remote working tools during the COVID-19 pandemic.

The figure was cited by Naval Dome, an Israeli cybersecurity company previously mentioned on this site, notably here. Within this reported 400% increase, Naval Dome notes a rise in various forms of malware, including ransomware, as well as phishing attempts. These developments occur in a context where social distancing measures, travel restrictions, and economic difficulties have limited the ability of maritime companies to maintain their usual cybersecurity posture.