Mapping Cyber threats in Shipping Industry

Author: Mr. Armandos Alexandros Lestos, Associate.


Nowadays shipping sector is becoming more dependent upon computerized and automation systems. In particular, the vessels with internet on-board have been radically increased; in 2008 the vessels were using internet on board were approximately 5,000 whereas in 2018, the figure was near 40,000.  Being in the middle of the 4th Industrial Revolution with an ongoing evolution and exponential growth of the internet (5G and 6G technology) as well as the artificial Intelligence (thousands of new patents come into play), malicious attacks by cyber criminals are becoming progressively prevalent. For instance, Transport Malta together with International Maritime Organisation (IMO) have very recently become victims of maliciously sophisticated cyber-attacks (27th September 2020 and 1st October 2020, respectively), as a result their ITs and computer experts had to shut down their central systems to prevent further damage. 

Undesirable results of cyber-risk may be summarised as follows: i) property damage, ii) environmental damage, iii) business disruption and damage of reputation and image of the ship owning companies or mangers, iv) physical/ bodily serious harm and/ or even death of people v) loss of data including private and confidential information, vi) cargo theft and vii) risk of piracy. Hence, it is of pivotal importance for individuals and professionals who are involved in the maritime industry to be extremely cautious, well informed by enhancing their cyber security awareness and well trained in order to be able to tackle the aforementioned situations adequately.

Cyber threats comprise risks related to hackers’ attacks, virus transmission, cyber blackmail, network interruption and data security breaches. According to reported incidents, key areas which constitute potential targets for the hackers (activists, opportunists, terrorists sponsored by particular States or criminal gangs) are software and electronic systems which are used to control, navigate and operate the vessels, loading and discharging facilities into the ports, intervention in electronic systems such as Global Position System (GPS), Automatic Identification System (AIS), Electronic Chart Display, Dynamic Positioning Systems (DP) and Information System (ECDIS) as well as ships’ networks. Hence, sophisticated hackers can take advantage maliciously of the vulnerability of a. IT systems and infrastructures of the vessels, b. the untrained and uninformed staff, c. the outdated firewall and anti various software , d. the past of end of life operating systems and gain access to the servers as well as the electronic systems connected with it. Two major  international cyber incidents in maritime sector have been reported the last 2 years. In June 2017 MAERSK suffered from Not Petya malware out break as this ransomware attack infected over 4,000 servers, 45,000 PCs, and 2500 applications over the course of ten days and the estimated loss was around USD 250 million – USD 300 million. In 2018 COSCO was hit by a cyber-attack affecting its ability to communicate with the vessels, customers and marine terminals. 

It is of great importance to mention that the above vulnerabilities could render a vessel unseaworthy with the  result that the ship-owner, charterer and/ or manager have failed to provide a seaworthy vessel. Therefore under certain circumstances the said persons may be in breach of their absolute legal obligations and therefore held strictly liable. However, despite the fact that Hull and Machinery standard policies exclude the cover from all cyber risks by incorporating the paramount clause of Institute Cyber Attack Exclusion Clause (CL 380) 10/11/2003 - as these are not regarded as perils of the sea - indeed, the standard P&I covers will continue to respond to P&I liabilities arising out of cyber attacks as well as other traditional marine risks so long as the attack(s) in question arise as a result of “any hostile act by or against a belligerent power or any act of terrorism”. Therefore, the general rule is that shipowners and charterers remain protected. Indeed some marine cyber risks and in particular those which do not arise from the operation of a vessel come out of the scope of the standard P&I covers. An example of this is when a shipping company is blackmailed to pay ransom for the restoration of IT data.  Besides that, if a cyber attack constitutes an act of terrorism or war, then this casualty is excluded from the standard P&I Cover; for these situations a P&I War Risk cover should be obtained. It should also be referred that there are standalone cyber insurance covers in the insurance market such as Cyber Liability Insurance (i.e. e-commerce transactions, Theft of electronic data, Internet disruption risks etc) which can be obtained by the Lloyd’s and/or International Underwriters.

It has been predicted that cyber risks cost businesses $400billion per year (as per former Lloyd’s CEO – Ms. Inga Beale) hence particular focus on Cyber Security Awareness should be drawn by all companies – including shipowning and shipmanaging companies -  and the modernisation of the IT systems and the implementation of Cyber risk policies as well as Emergency Plans with various scenarios should be forefront for shipowners, charterers and managers to prevent unauthorised access and malicious attacks. This is the only way to achieve a twofold main objective:  first of all to mitigate the risk and financial loss for such attacks and secondly to comply with the National, European and International legislation.

Should you require any further information on the subject, please contact us contact us on