Malware spreading fast through the merchant fleet

A survey of 2,500 seafarers has revealed that 40% of officers have sailed on a vessel, which has become infected with a computer virus or malware. The ongoing crew connectivity survey, carried out by British firm Futurenautics, also found that 87% of those surveyed have had no cyber security training. The organisers of the poll expect the final number of participating seafarers to double to 5,000.

Cyber security has come in to sharp focus for the shipping industry in the wake of June’s NotPetya attack, which hit a number of lines, most notably Maersk, which saw up to $300m in revenues wiped from its books.

Commenting on the Futurenautics survey, Phil Tinsley, head of maritime security at global shipowning body, Bimco, told Splash: “This statistic is no surprise.”

Prior to developing its industry guidance on cyber security Bimco arranged for penetration testing on a variety of ships. The findings confirmed many ships are operating with outdated, unpatched and insecure software.

“It is imperative that shipowners and managers deal with infected systems in the same manner and priority that they would deal with all other safety issues onboard,” Tinsley stressed.

James Wilkes, managing director of British maritime consultancy Gray Page, concurred with Tinsley, telling Splash: “The IT systems on ships are no more or less resilient to viruses and malware than the IT systems of most companies and organisations ashore. And seafarers are no more or less susceptible to doing something daft – such as opening an attachment in an email from a person you’ve never heard of before – than the rest of us.”

Lars Jensen, who heads up CyberKeel, a Danish organization focused on maritime cyber security, suggested the 40% statistic should be interrupted differently.

“That appears to indicate that a large amount of seafarers are unaware that they have had virus or malware on the ship,” Jensen warned. “What is noteworthy, however, is that 60% of seafarers are unaware that at some point their ship has in all likelihood had virus or malware. Of course the severity of a virus or malware can vary dramatically, but it is highly likely that most vessels have seen some elements of virus or malware.”

Jensen’s assumptions were backed up by Roger Adamson, who has led the survey for Futurenautics.

“The figure from serving officers is confirmed by additional research we have conducted with ship operators,” Adamson told Splash, adding: “However, given that typical breach detection time is 146 days and that up to 70% of breaches go undetected the figure could be far higher.”


Sam Chambers

Starting out with the Informa Group in 2000 in Hong Kong, Sam Chambers became editor of Maritime Asia magazine as well as East Asia Editor for the world’s oldest newspaper, Lloyd’s List. In 2005 he pursued a freelance career and wrote for a variety of titles including taking on the role of Asia Editor at Seatrade magazine and China correspondent for Supply Chain Asia. His work has also appeared in The Economist, The New York Times, The Sunday Times and The International Herald Tribune.


  1. Here’s a thought…

    ECDIS systems are stand alone, for all the obvious reasons.

    And most companies prescibe the use of dedicated memory sticks for the updates…

    … there’s only one problem … the updates arrive on the ship’s “system”…

Back to top button