I was interested to read recently about expectations for marine vessel automation, and how remote controlled and autonomous ships may change the shipping industry. The flip side of the coin, is that as ships become more technologically sophisticated and better connected, cyber security becomes a crucial challenge for the maritime sector.
Speaking at a recent conference, Mikael Makinen, Rolls-Royce, President – Marine, said that autonomous shipping is “the future of the maritime industry” and that the smart ship will “revolutionize” ship design and operations. Jouni Saarni, development manager, Centre for Collaborative Research at the Turku School of Economics, also said that remote controlled and autonomous ships have “the potential to redefine the maritime industry and the roles of the players in it, with implications for shipping companies, shipbuilders and maritime systems providers, as well as technology companies from other sectors, especially automotive.”
Constant real-time remote monitoring of vessels worldwide will see ships become more closely integrated into logistics or supply chains, enabling global companies to focus on using a whole fleet to best effect, generating cost savings and improving revenue generation, according to the Rolls-Royce led Advanced Autonomous Waterborne Applications Initiative. This has the potential to create new shipping services, such as on-line cargo service marketplaces, more efficient pooling and leasing of assets, and new alliances, it explains.
While there is enormous potential, such widespread use of technology also introduces security risks. For example, much of what transpired off Somalia and the Gulf of Aden in years past occurred when pirates used hackers to gain access to shipping company’s databases and vessel tracking systems to identify vessels with valuable cargoes, writes Captain Emil Muccin, Assistant Department Head, Maritime Business Division of the Marine Transportation Department and an Associate Professor of Nautical Science at the United States Merchant Marine Academy, in a Maritime Executive article. The result was that crews of ships traveling the Gulf region would turn their Automatic Identification System (AIS) navigation tracking system off so pirates couldn't identify, locate and track them. This, in turn, also creates a danger to navigation since prudent mariners look for AIS data to handle vessel traffic, he explains.
There are scores of cyber incidents in the maritime world—some verified, some unverified—including reports of hackers shutting down a floating oil rig by tilting it, and stories of another rig so riddled with computer malware that it took 19 days to make it seaworthy again, Captain Muccin writes. At a recent conference, the Captain of the Port of Antwerp, Belgium discussed hackers infiltrating the port’s wireless network to locate specific containers loaded with smuggled drugs--then made off with the containers and deleted the records in an attempt to cover up the theft, he continues.
Unfortunately, marine cyber vulnerabilities will only grow. Recent studies by the European Union Agency for Network and Information (ENISA) and the Brookings Institute indicate there is limited awareness of cyber security issues in the maritime sector—and no large scale initiatives underway for improvements, Muccin reports. One notable exception is the United States Coast Guard, which published a Cyber Strategy to guide its efforts in the cyber domain last summer. The strategy specifically identifies three distinct strategy priorities: defend cyberspace, enable operations and protect infrastructure.
“All of these priorities should be embraced by maritime operators as they attempt to come up to speed to secure their vessels and interests,” Captain Muccin writes. “Out at sea does not mean out of reach of the cyber world–it’s only because so few know much about the industry that more attacks haven’t already occurred.”
It will be interesting to see not only how autonomous ships may have an impact on logistics or supply chains, but how the maritime industry can learn from initiatives in other industries, such as automotive and aerospace, to address cyber vulnerabilities and mitigate risk.