Shipmanagement software vendors have been warned to be on their guard with experts suggesting this maritime niche is becoming the focus of hackers.
With Voyager Worldwide and DNV’s ShipManager software both hit by cyber attacks in the past couple of months, and other cyber incidents happening but going unreported, there is strong speculation that hackers are targeting this type of software provider, with links to hundreds of ships among client bases.
“We’re watching this trend closely as it’s worrying there’s a number of attacks on shipping software in reasonably close succession,” commented Daniel Ng, the CEO of CyberOwl, a UK-based cyber security firm. “This is part of a wider pattern of attackers targeting supply chains and supplier systems. It makes economic sense for them – they can impact multiple vessels, rather than singular vessels,” Ng added.
A shipping cyber security survey published last year by CyberOwl, maritime innovation agency Thetius and law firm HFW, found that 44% of respondents reported that their organisation has been the subject of a cyber attack in the last three years. Of those, 3% resulted in a ransom being paid by the victim to the attacker, at an average cost of $3.1m.
Dr Kimberly Tam, a lecturer in cyber security at the University of Plymouth in the UK, told Splash that of the reported recent maritime-related attacks, many had focused on software solutions.
“Management software can be a valuable target, so it would make sense that it is targeted or accidentally infected by malware designed for similar systems. Because it is IT software it is probably more familiar to attackers out there and existing malware,” Tam explained.