With cyberattacks on retailers becoming commonplace these days, this CNBC.com story talks about the next industry that could become the next hot target for security attacks—the maritime and shipping industries.
In this Internet age, as more devices are hooked up online, they become more vulnerable to attack. As industries like maritime and energy connect ships, containers and rigs to computer networks, they expose weaknesses that hackers can exploit.
Hackers recently shut down a floating oil rig by tilting it, while another rig was so riddled with computer malware that it took 19 days to make it seaworthy again; Somali pirates help choose their targets by viewing navigational data online, prompting ships to either turn off their navigational devices, or fake the data so it looks like they're somewhere else; and hackers infiltrated computers connected to the Belgian port of Antwerp, located specific containers, made off with their smuggled drugs and deleted the records.
While data on the extent of the maritime industry's exposure to cybercrime is hard to come by, a study of the related energy sector by insurance brokers Willis this month found that the industry "may be sitting on an uninsured time bomb."
There are few reports that hackers compromised maritime cyber security. But researchers say they discovered significant holes in the three key technologies sailors use to navigate: the global positioning system (GPS), the marine Automatic Identification System, and a system for viewing digital nautical charts called the Electronic Chart Display and Information System.
"Increasingly, the maritime domain and energy sector has turned to technology to improve production, cost and reduce delivery schedules," a NATO-accredited think-tank wrote in a recent report. "These technological changes have opened the door to emerging threats and vulnerabilities as equipment has become accessible to outside entities."
As crews get smaller and ships get bigger, they increasingly rely on automation and remote monitoring, meaning key components, including navigational systems, can be hacked.
A recent study by security company Rapid7 found more than 100,000 devices—from traffic signal equipment to oil and gas monitors—were connected to the Internet using serial ports with poor security. "The lines get blurry, and all industries and all technologies need to focus more on security," said Mark Schloesser, one of the authors of the study.
To read more, click here.