Shipping names pay multimillion-dollar ransoms after cyber attacks

The rapid introduction of technology on ships makes shipping more vulnerable to infiltration

Maritime companies have admitted paying ransomware demands in increasing numbers, with the average cost of unlocking computer systems reaching $3.2m this year, according to a new study.

A survey of more than 150 industry professionals in the maritime sector found that 14% admitted to paying a ransom following a cyber attack in 2023 compared with 3% the previous year, according to the study by law firm HFW and maritime cyber security company CyberOwl.

Ransomware attacks date back to the early 2000s but have increased in sophistication and scale. It is malicious software that blocks organisations’ access to vital files until they pay a ransom — usually in Bitcoin — in return for a key to unblock their systems.

Criminal cyber operations are based mainly in Russia, and the maritime report said the increased ransomware activity could be tied to the invasion of Ukraine.

However, the rate of payment by maritime players appears to be lower than in other industries. Figures from US-based anti-ransomware specialist Coveware suggested that 34% of victims paid off cyber criminals in the second quarter of 2023.

The authors of the maritime study said the findings highlighted the industry’s vulnerability as it rapidly introduces new technology on ships and within the broader supply chain. Previous studies have suggested that a ship’s average daily data consumption nearly trebled from 14 months to March 2021.

The report said new communications satellite systems are on trial with major shipping companies to improve connectivity at sea, but they “widen the opportunities for cyber criminals to infiltrate backdoor vulnerabilities”.

The report added: “Shipping is an exciting yet relatively easy target for cyber hackers who are looking for a quick thrill with the potential for big ransom payments.”

Respondents to the survey said cyber attacks had cost their organisation an average of $550,000 over the past three years — a sharp increase from last year’s report.

The report is just the latest warning to the industry as developments in autonomous shipping, improved communications for seafarers, and increased AI systems all add potential risks to infiltration.

A study by classification society DNV earlier this year suggested that more than three-quarters of maritime professionals believe a strategic waterway or major port will be shut down within two years because of a cyber attack.

Nine in 10 of those asked believed that ship or fleet operations would likely be disrupted in the coming years — more than half expected cyber-attacks to cause physical injuries or deaths.

The industry has already been hit by major cyber attacks, including AP Moller-Maersk in 2017, which suffered losses of $300m after an attack that stopped it from processing shipping.

‘Easy target’

Cosco, MSC Mediterranean Shipping Company, CMA CGM, the International Maritime Organization and DNV have all been hit by cyber-attacks.

Tom Walters, a partner at HFW, said: “Our findings show that while maritime cyber security has improved, the industry remains an easy target.

“Shipping organisations are being subject to more cyber-attacks than ever before, and the cost of attacks and demand for ransom payments have skyrocketed.



All Posts