Virtual bridge to reduce the risk of maritime cyber attacks

In June 2017, the Danish shipping giant Maersk was one of many companies hit by a worldwide attack on its IT systems. No fewer than 76 freight terminals in four countries were knocked out, a large number of ships were delayed for weeks, and the cost of restoring everything totalled more than $200 million.

This incident was a wake-up call for many people in the maritime world. Despite its dominant role in the global transport system – ninety percent of all goods are transported by ship at some point – traditionally, shipping has not been at the forefront of digitalisation or cyber security.

Mikael Lind, a senior researcher at RISE, uses three different aspects to describe the situation, and all of them are lagging behind and need to be developed together. First, digital technology development; second, different stakeholders willingly and regularly sharing information; and third, security matters.

“An aircraft can’t drop anchor in mid-air, so we’re used to coordination involving air traffic control and slot times. Maritime transport is much more self-reliant. Say you have a ship sailing from Shanghai to Los Angeles, the journey takes just over two weeks. No one has an overview of the entire journey, so you can’t say exactly when the ship will leave one port or arrive at the next. Nor can you book an exact time to unload the cargo when the ship arrives; it’s a first-come, first-served basis,” he explains.

Steps towards greater digitalisation

However, in recent years, things have started to change. For example, it has become standard for larger ships to have an AIS transponder, which transmits information about where the ship is and where it is headed. So, a number of steps towards greater digitalisation have been taken but, as to be expected, this has also meant more frequent cyber attacks.

“Since maritime transport comprises the backbone of global trade, this attack surface is of interest to financially motivated actors as well as to those wanting to disrupt society. If you can get a ship to stop working, large sums are at stake, and the same is true if you can’t manage the logistics for its cargo,” says Kim Elman, head of the Centre for Cyber Security at RISE.

Mikael Lind and his colleagues have long been involved in several initiatives to gather the industry around common standards for sharing and analysing data. They have set out to create solutions wherein each port is a separate node, enabling information to flow smoothly between, for example, pilots, stevedoring companies, mooring staff and towing companies, while also enabling the different ports to be connected to shared networks. This also simplifies efforts to make the system more secure.

“To gain an overall picture of the situation, you can compare information from different sources, such as the location of a ship provided by its AIS transponder to that provided by a connected container on board that same ship. If this information differs, we can reasonably assume that something’s wrong. A cyber attack against all sources at the same time ought to be unlikely, so then you can build solutions enabling you to quickly isolate any infected parts as necessary,” Lind explains.

Virtual bridge to launch in 2023

“At the moment, we’re developing a virtual bridge, a virtual watchtower that will be connected to Cyber Range, our cyber security testbed, which will enable us to model some of the environments found on ships. This will allow us to perform tests using more realistic scenarios, better understand vulnerabilities, and offer more realistic training courses and exercises in dealing with disruptions,” says Elman.

The virtual bridge will be launched sometime in 2023, and both Elman and Lind emphasise the importance of remaining close to the practical applications of interest to customers and partners.

“Exactly how what we do will help them in their day-to-day operations must be apparent. How can we identify disruptions? How can we avoid them? And if they do occur, what actions should we take? These are the kinds of questions shipping companies and port management want answered,” Lind ends.