Maersk’s recent attack left a black mark on the reliability of global documentation. Working through the backlog of issues, the mega carrier admitted this attack took its toll not only on container operations but on customer confidence. If a transport giant like A.P. Moller could be hit with the Petya virus, what are the chances that your data can remain secure?
Ransomware and Cyber Attacks
Ransom viruses such as Peyta or WannaCry are the latest trend in cyber hacking. They are sophisticated malware programs designed to disable a computer’s operating system if a monetary payment in Bitcoins is not made. Last February Hollywood Presbyterian Hospital paid $17,000 after a cyber-attack left its network inoperative.
Not a new occurrence
Computer hacking is not new and ransomware has been around since 2012. In a 2015 FBI probe, Cryptowall hackers acquired over $18 million before they were caught. So why should Maersk’s cyber-attack come as a surprise to the transport industry. In point of fact it shouldn’t.
In July of 2013 the Brookings Institute in conjunction with the U.S. Coast Guard issued a 44-page paper entitled “The Critical Infrastructure Gap: U.S. Port Facilities and Cyber Vulnerabilities”. The paper stressed the importance of cyber security in a growing age of computer networking. The seven highest risk port complexes were Los Angeles, Long Beach, San Francisco Bay, New Orleans, Delaware Bay, New York-New Jersey, Houston-Galveston, and Puget Sound. The Coast Guard even outlined a grant program federally available for ports and terminals to implement cyber security programs.
In 2015 Marsh LTD issued a paper entitled “Cyber Risk in the Transportation Industry”. It outlined current global risks at 116 cyber-attacks per day. It further noted that 40% of all data loss was caused by hackers. The paper went on to state that the transport industry was particularly vulnerable because their networks have become increasingly digital. The vast amount of cargo data flowing across the internet opens the door to increased hacking. Cargo documentation crossing internet platforms brought down Maersk’s defenses causing the breach in cyber security.
Hacking the Cloud
With ocean carriers, 3PLs and truck brokers transmitting volumes of data across the Internet, it’s surprising that more firms have not been hit by ransomware. Another question to consider is whether your pipeline to cloud based transportation opens up your firm to hacking. Cyber security experts say that today’s brand of ransomware is much more sophisticated, moving from computer to computer across open networks. So, will cyber hacking continue to plague transportation? The answer depends on the level of prevention we take to secure our networks and computers. Integrated document portals offer an excellent conduit for virus transmission, so keeping antivirus software up to date and backing up critical files is a must. One expert at Gigabit noted, “turning your computer off whilst the rebooting screen is shown …would effectively cancel the encryption process”.
Maersk’s initial solution to the outbreak of Peyta was to shut down many of their IT systems. This along with the virus may have contributed to problems at their terminals. In the long run, it may have saved much of their infrastructure from further damage however. We’re sure Maersk has been proactive in the area of cyber security. The fact that more of their operation such as vessel scheduling and cargo bookings remained unaffected confirms that fact. Still if a new strain of ransomware was able to infiltrate their system then hackers remain one step ahead of corporate IT. Amber Road, a leader in cloud based global trade software, issued a paper this year on the subject of cyber security in the supply chain. It notes that in addition to safeguarding your operational infrastructure, companies must maintain awareness and training on document security to be fully protected. They stress the necessity of vetting your vendors and service providers.
In 2016 the N.S.A. hosted a Cyber Defense Exercise (CDE) inviting major maritime universities to compete. During the week, teams from the USMMA Kings Point, the U.S. Coast Guard and Naval Academies and the Royal Military College of Canada face real time cyber challenges from NSA’s top information assurance professionals. The goal is to keep their networks running against various cyber threats. It’s hoped this awareness will help prevent future attacks as graduates enter the maritime industry. Cyber defense is now the number one priority for the transportation industry from buyers to suppliers. Information transfer across the internet provides the perfect medium for attack. Remember, data within your supply chain is only as secure as its weakest link. So, continue to secure your data as best you can. But, in the arena of cyber hacking what will be the next threat to your network?