What does a realistic cyber disaster scenario look like for the maritime industry?

The stress test proposed concerns threat actor gaining access to the bridge systems of commercial seagoing vessels and compromising the control systems. 

The intrusion goes undetected for weeks until the threat actor locks the rudder and propulsion system of a container ship causing it to hit a quay in the port of Singapore. A day later, the threat actor causes another container ship to hit a quay and cranes in the port of Los Angeles.

Physical damage is caused to the quay and cranes, there is some loss of cargo and some hull damage. The threat actor threatens further accidents unless a US$50 million ransom is paid by each of the top five cargo shipping companies (as measured by twenty-foot equivalent units (TEU) capacity). 

As a precautionary measure, many ships stop their journeys and all container port authorities close their ports until the bridge systems of impacted ships are checked, disrupting the maritime supply chain accounting for 90% of world trade in goods.

It takes three days to determine which elements of the bridge system have been compromised and two more days to develop a solution. 

The motivation of the threat attacker is more political than financial with the ransom demand adding to confusion.

Our speaker today is Professor Kevin Jones, who, as a Director of the, Maritime Cyber Threats Research Group, played an integral part in the submission of this RDS. 

The scenario was conceived in line with the University’s work as part of the €7 million Cyber-MAR project, which aims to develop greater awareness of the cyber threats facing the global shipping fleet and the most effective ways of countering them.

It was then demoed in the Cyber-SHIP Lab, a unique, hardware-based maritime cyber security research and development platform supported by funding from Research England and several industry partners.