Communication systems and cybercrime vulnerability
Communication systems are another area where recent changes bring risks that perhaps were not though of at the initial stages of rollout. For the last decade, two things have been promoted as the future – crew communications and equipment monitoring.
Crew communications obviously have a welfare element but the traffic in and out is not intended to be monitored by officers and if the virus protection or firewalls that may be in place are not regularly updated then a system can easily be compromised.
It is hard if not impossible to prevent crew from innocently opening attachments to e-mails which they believe to be genuine, but which may be malicious attempts to attack the system from which it is activated. However, if the problem of cybercrime continues to grow, ship operators may have no option but to limit crew communications in some way.
Equipment monitoring should not present a threat in itself but since it uses the communications system to send data, there is always a possibility that a compromised communication system could under some circumstances transmit corrupt data that could be interpreted as there being a problem that requires attention when no such situation actually exists. Where equipment monitoring also extends into the possibility to make remote adjustments to settings then the possibility for more threatening situations arises.
Autonomous ships have become a topic of discussion over recent years with some trial already taken place of controlling ships remotely. The term does not necessarily imply that ships will be unmanned but some projects under way do envisage that. Obviously an unmanned vessel – or even one where many systems are operating autonomously will be reliant more on communications than would a ship with a crew who can take on the manual operation of the vessel.
Some have questioned whether the cargo community would be willing to load valuable cargo on ships which could, in theory be hi-jacked over the airwaves and diverted. Proponents of autonomous ships think that is a very unlikely situation although they have not committed to saying it could not happen. Arguably the main cause of concern is that if communication between the vessel and shore is lost, information could not be relayed in either direction.
Lost communications might result from a number of causes of which a cyberattack is just one. The attack need not be aimed at the shipping company or the ship but could equally be directed at power supplies or general communication systems.
As with autonomous ships, much has been written about the benefits of blockchain in shipping. Blockchain is a system in which a record of transactions made between parties are maintained across several computers that are linked in a peer-to-peer network. While this is obviously done by electronic communications, it does not actually improve the security of communications but could help prevent things such as bill of lading fraud or assist in transparency of supply chains.