When I first saw footage of the containership Dali’s allision with Baltimore’s Francis Scott Key Bridge, I immediately thought it was a cyberattack.
Cameras from Vessel Traffic Service show the ship’s lights go out twice before the collision, and despite my dissection of the events leading to the incident from a computer screen 450-miles away, special agent William J. Delbagno, who heads the FBI’s Baltimore field office noted in a press conference, “There is no specific or credible information to suggest there are ties to terrorism in this incident.”
So much for my theory. Still, I feel this is a topic worth discussing. Though this incident has not been linked to cybersecurity failure, the aftermath could have easily been the result of one.
Shipping is becoming more reliant on digital solutions for the completion of everyday tasks. A vessel has technology outfits for bridge control systems, operations security, propulsion and power, network security, communications, safety systems, navigation, physical security, crew network, loading and stability, shipping network, and supply chain. As the industry becomes more digitized, critical systems onboard vessels are becoming increasingly vulnerable to cyberattacks. Break each of those categories down further into segmented inputs and you have dozens of ways that hackers can infiltrate and infect your onboard systems.
Understanding the contradistinction between industrial control systems (ICS), operation technology (OT), cyber-physical systems (CPS), and the Internet of Things (IoT) will help distinguish a company’s specific cybersecurity system requirements.
My focus here, linking cybersecurity precautions to the Baltimore incident, pertains to the similar outcomes of operation technology being hacked. That is, hardware or software that invokes a change through direct monitoring of physical devices, particularly in production and operations. An IT attack can lead to data theft: OT attacks could lead to asset damage, environmental impacts, personnel injury, and death.
Hackers targeting OT environments that support manufacturing, transportation, defense, and utility infrastructure is a whole different realm of cyberattacks. In this area, hackers target satellite communications, open Wi-Fi networks, IT networks, and maritime-specific systems. Spear phishing email campaigns are the most common, while compromised control systems and stolen credentials are alternative forms of OT attacks. If a hacker is on board the vessel, they can gain access directly using something as simple as a corrupted USB drive. Once infected, hackers will gain control over critical control systems that run navigation, communication, valve operations, propulsion, and rudder control.
In February, the USCG published a notice of Proposed Rulemaking that states U.S. flagged vessels and facility operators would be required to assign a qualified individual to develop and implement a Coast Guard-approved cybersecurity plan. Offshore drilling units, cargo vessels, most passenger vessels, barges, towing vessels and tankships would fall under the proposed rule.