THE maritime sector in Southeast Asia (SEA) is facing increasing cyber-security threats, which can have serious consequences for operations, safety and national security.
Addressing these threats will require a comprehensive approach that includes standardisation and regulation, training and education, information sharing and collaboration, and building a culture of cybersecurity awareness and responsibility. With these measures in place, the maritime sector can become more secure and resilient against cyber-attacks, helping to ensure the safety and security of ships, ports and logistics systems in the region.
The maritime sector in SEA is also at risk from cyber espionage as some countries in the region have territorial disputes and are involved in sensitive military operations. Hackers can use cyberspace to gather intelligence on ship movements, cargo details and military activities, which can be used to gain an advantage in conflicts.
Cyber threats generally originate from ships and port facilities, causing negative implications for operations. For example, when cargo-related IT systems, either on the ship or shoreside, malfunction or cease to function.
According to a report by the International Maritime Organisation, the number of reported cyber incidents in the maritime industry has been steadily increasing, with a significant rise in incidents reported in recent years.
For example, in 2020, there were several high-profile cyber-attacks on shipping companies and ports, including the attack on a Maersk container ship in June, which resulted in significant disruption to the company’s operations and caused losses of over US$300 million (RM1.34 billion).
The maritime sector continued to be at risk of cyber-attacks, with shipping companies, ports and logistics companies being targeted by hackers.
According to a report by cybersecurity firm Check Point, the maritime sector is at a higher risk of cyber-attacks than other industries due to its reliance on technology and the large number of connected systems that are used in shipping, ports and logistics.
The Covid-19 pandemic has further increased the risk of cyber-attacks in the maritime sector as many companies have had to shift to remote work and rely on digital tools to manage operations.
One of the main concerns in the maritime sector is the vulnerability of ships to cyber-attacks. Ships rely on complex systems, such as navigation, propulsion and communication, that are connected to the internet and can be accessed remotely. Hackers can exploit these connections to gain access to sensitive information, such as ship movements and cargo details or to disrupt navigation and control systems.
For example, in 2017, it was reported that a ship’s navigation system was hacked, causing it to deviate from its planned route and sail into the wrong port.
Another concern is the vulnerability of port infrastructure and logistics systems to cyber-attacks. Ports rely on technology to manage operations, such as cargo tracking, vessel traffic management and security systems. Logistics companies use technology to manage supply chains and transportation. A cyber-attack on these systems can cause significant disruption to operations and result in lost revenue and reputation.
In addition, ports and logistics companies often handle sensitive information, such as customs data and trade secrets, that can be valuable to hackers. It can potentially pose a risk to national security as well as the economy.
The maritime industry is global, and ships and cargo often cross multiple countries and jurisdictions. This makes it difficult to develop and enforce consistent cybersecurity standards and regulations.
Additionally, the maritime sector is facing a shortage of cybersecurity experts as the industry is not traditionally associated with technology, and many professionals do not have the necessary skills and training. For example, South China Morning Post indicated that the world faces a shortage of three million cybersecurity professionals, mostly in Asia-Pacific.
To address these challenges, the maritime sector in SEA needs to adopt a comprehensive approach to cybersecurity, which includes:
-> Developing and enforcing cybersecurity standards and regulations that are consistent across the region.
-> Investing in cybersecurity training and education for professionals in the maritime sector, including ship crews, port staff and logistics workers.
-> Improving information sharing and collaboration among stakeholders in the maritime sector, including ship owners, port operators, logistics companies and government agencies.
-> Building a culture of cybersecurity awareness and responsibility in the maritime sector of the risks, and encouraging everyone to take action to protect themselves and their organisations.
0Developing incident-response plans and procedures to respond to cyber-attacks and minimise the impact on operations and reputation.
After a lapse of almost four years, the 16th Langkawi International Maritime and Aerospace Exhibition (Lima), which will be held from May 23 to 27 in Langkawi, can be a cornerstone and platform for expanding the importance and awareness of cybersecurity among maritime players.
The technological advances which will be showcased should also include cybersecurity elements. Thus, Malaysia, being a maritime nation, and other regional players need to take affirmative steps to protect themselves from cyber threats and strategise concrete cybersecurity measures, and create resilient response plans.
Dr G. Periasamy, Senior Research Fellow, National Institute of Public Administration (Intan). Comments: letters@thesundaily.com
