The maritime industry has awoken to the potential impact of cyber security incidents on ship operators, ports and the industry as a whole. The well-publicised July, 2017 NotPetya ransomware attack on a number of reputable companies, including Maersk and its ports subsidiary APM Terminals, has highlighted not only the industry’s cyber-vulnerabilities, but also the increasing sophistication of the methods used in the attacks.
To understand this event, it is important to recognise that the flaw in any operating system's secruity may be found not just the technology behind the operational system, but also in the individuals who operate the systems.
The NotPetya attack targeted computers running Microsoft Windows operating systems and was designed to spread across closed organisational networks by exploiting administrator privileges. This allowed it to spread quickly with relative freedom across multi-national companies.
Hackers try to exploit the fact that individuals are often unaware of cyber attacks and forget to use common sense on the computer. BIMCO believes that there is an urgent need for a holistic approach to be applied in every organisation, to ensure that every individual is fully aware of the dangers and knows how to mitigate them. Putting a robust system in place, the organisation can prevent, detect and better recover from cyber attacks.