“It’s not a matter of if, it’s a matter of when.” That was the stark warning on the likelihood of ships being hacked given by Luis Benito today at the SMM fair in Hamburg. Benito, global strategic marketing manager for Lloyd’s Register (LR) was speaking as the UK classification society announced a collaboration with QinetiQ and GasLog to increase the level of security of cyber-enabled ships.
A pilot project with GasLog, the international owner, operator and manager of LNG carriers, seeks to tailor methodologies for LNG vessels.
“Cyber-attacks have become more frequent and more sophisticated, with the threat becoming a board level preoccupation for the marine sector. Cyber security is becoming an increasingly important element of the risk profile of critical assets that are connected between ship and shore,” LR noted in a release today.
The Baltic and International Maritime Council (BIMCO), the International Maritime Organization (IMO) and the United States Coast Guard (USCG) are all developing guidance and regulation to address these challenges.
The collaboration announced today aims at developing robust methodologies for readiness against existing and emerging standards, vulnerability and impact assessment and mitigation measures.
LR’s marine and offshore Director Nick Brown said: “Due to the rapid pace of technology development prescriptive approaches to risk management are not always suitable. Instead, a total systems approach is required taking into account all systems on board and – critically – on shore, how they are designed and installed, how they connect, and how they will be managed.”
QinetiQ’s international maritime consultancy and software director, Vittorio Vagliani, said: “A number of factors are putting pressure on the maritime industry to increase its focus on cyber security. It is likely that cyber certification will soon become a legal requirement for entering some territorial waters. Increased internet connectivity at sea enlarges the window of opportunity for criminal organisations to intercept confidential data such as the ship’s position, its cargo, or its passenger list. In a future where autonomous and remotely controlled craft are commonplace, greater cyber protection will be crucial in ensuring chartered vessels cannot be taken off course by those with malicious intent.”
The first phase pilot project will last eight weeks.
LR’s Benito said inquiries from shipowners regarding cyber security this year had been “very intense”.