The enduring feature of cyber threats is their ability to adapt and evolve, with new lines of attack developed as barriers are put in place, and strategies to expose vulnerabilities constantly emerging. A June 2020 White Paper** from the British Ports Association and cyber risk management specialists Astaara suggests that reliance on remote working during the COVID-19 crisis coincided with a fourfold increase in maritime cyber attacks from February onwards, for example.
In fact, cyber security was ranked as the second highest risk for shipping in 2019, behind natural disasters, according to a survey of over 2,500 risk managers conducted by Allianz. Given that, according to IBM, companies take on average about 197 days to identify and 69 days to contain a cyber breach, it is clear that an attack on a vessel’s critical systems could threaten the safety of a ship as well as the business of shipping. The fact that a 2019 Data Breach Investigations Report from Verizon indicates that nearly one-third of all data breaches involve phishing provides one indicator that, where cyber vulnerabilities exist, the ‘human element’ can badly expose them.