Cyber crime can impact all areas of the maritime industry, from ship to shore, and is a fast-growing problem. International Registries, Inc. (IRI) brought together leading cyber experts and shipping professionals for an evening of discussion in London on 9 November. The evening was designed to help attendees understand both the scale of the threat faced, as well as practical steps to help manage the problem.
The panelists included Cynthia A. Hudson, Chief Executive Officer, HudsonAnalytix, Inc.; Paul Vlissidis, Technical Director – Senior Advisor, NCC Group; Phil Tinsley, Head of Maritime Security, BIMCO; and Colin Gillespie, Deputy Director (Loss Prevention), The North of England P&I Association Limited. Moderating the panel was Rear Admiral Kevin Cook, United States Coast Guard (USCG) (Retired) and a Maritime Consultant to IRI.
The first speaker, Cynthia Hudson, immediately highlighted the size of the danger faced by the shipping industry:
“Everything connected to the Internet can be hacked, and everything we use is connected to the Internet. That is why we take a holistic view of security across organizations.”
She went on to speak about the importance of increasing cyber awareness across all levels in business, including a better understanding of how to mitigate any damage caused by an attack, as well as preventing an attack in the first place. This was a point that was supported by the second speaker, Paul Vlissidis, an industry veteran whose time at NCC Group has given him expertise and experience in cyber security. NCC Group is a leading United Kingdom cyber security company with over 2,000 employees and 15,000 clients. Paul Vlissidis warned that dated views on hackers could be responsible for undermining the danger of the cyber threat:
“These hackers are not amateurish individuals surrounded by pizza boxes that are popularized in fiction; these are highly sophisticated businesses. At this level, hackers can buy infiltration kits, training and web space, as well as support from a chain of command.”
The next speaker was Phil Tinsley, who used the recent example of the huge cyber attack on Maersk earlier this year as a pertinent showcase of the cyber crime threat:
“During the attack, Maersk saw the malfunction of 49,000 laptops and all printers, the inaccessibility of 1,200 applications and all file shares, and the destruction of 1,000 applications. These dangers are why BIMCO has published its own security guidelines, and continues to campaign for sustained awareness.”
The last speaker of the night was Colin Gillespie, who said that although the jargon and concepts might be new and frightening, the industry should not be afraid to step up:
“The challenges that we are facing are not as daunting as they first appear. When I first came across cyber crime, I was terrified, but now I realise it is just a risk to be managed. It is all about awareness ashore and awareness afloat – it is about having systems in place to mitigate and overcome any potential damage.”
The panel session was then followed by an insightful Q&A, followed by a drinks reception and buffet dinner for continued discussion on the topic of the day. Overall, the evening successfully highlighted the importance of prevention in the form of awareness and training, as well as damage limitation and preparedness.