Is the marine industry prepared for potential cyber attacks?
In the next issue of WorkBoat, Dale DuPont writes that maritime cybersecurity is a growing concern worldwide. In her story, she cited two reports that say U.S. ports are vulnerable to cyber attacks, and we are not doing enough to prevent them. A GAO report said that the U.S. should pay “greater attention to potential cyber-based threats.” And Coast Guard Cmdr. Joseph Kramek, in a policy paper published last summer, said in most U.S. ports “basic cybersecurity hygiene measures are not being practiced.” Of the ports studied, none had a cyber attack response plan in place.
The Coast Guard has a cyber command unit, but more needs to be done. In particular, the GAO said the Coast Guard should assess cyber-related risks and issue appropriate guidance, and Congress should give the service the authority to enforce cybersecurity standards the same way it enforces physical security.
The reports concentrated mainly on the Coast Guard and ports, but as Bill Pike wrote in the June issue, offshore operations appear to be the next big hacking target and the consequences could be significant. GPS and other navigation systems are vulnerable.
According to a Reuters report, hackers recently shut down a floating rig by inducing a list. Another offshore rig’s computer system was so compromised by malware that it took 19 days to make it seaworthy again.
“All the newest rigs are running on high-speed data networks,” said Michael Van Gemert, senior vice president of Northwest Technical Solutions, a consulting company that focuses and the offshore energy industry. “Most advanced companies have done a good job closing these holes. But there are a lot of workboats with old systems.”
While some are seeking solutions to offshore hacking threats, “you will not see anybody blazing trails in leadership until they get hit,” Van Gemert said.