FILTER POSTS SHOW ALL AVIATION MARITIME
FILTER POSTS SHOW ALL AVIATION MARITIME

Maersk Cyber-Attack: A Lesson Learned?

As the shipping industry keeps moving slowly to new forms of technology and digital innovations, criminality has started to make a huge impact on the ocean supply chain. On June 27th, A.P. Moller-Maersk fell victim to a coordinated international cyber-attack, which affected several of its businesses across the world, causing the shutdown of IT systems across its business units against virtual intrusion. The impact of the attack was critically significant not only for the amount of goods being transported on a daily basis, but also for the major disruption it caused on its port-to-port communications and digital applications.

Without a doubt, the recent cyber-attack unraveled key vulnerabilities and plausible negligence given Maersk’s position as the world biggest shipping line and also, operator of 76 ports via its APM Terminals division. The Danish firm reported, “We can confirm that Maersk has been hit as part of a global cyber-attack named Petya on the 27 June, 2017. IT systems are down across multiple sites and select business units…We have contained the issue and are working on a technical recovery plan with key IT-partners and global cyber security agencies”.

It is difficult to ascertain the exact reasons why Maersk fell victim to such a criminal manoeuvre without having a look at its computer systems and IT capabilities. Nonetheless, it does beg the question: how does one of the largest container shipping companies in the world, which beyond doubt, invests huge amounts of money on IT developments, get brutally infected? During a live interview, Vincent Clerc, Maersk Line’s Chief Commercial Officer, explained that while continuous security assessments and further investigations were still in progress, the firm had been focusing on devoting more resources to business continuity and adequate protection for its customers.

As part of its response to the attach, Maersk enabled the use of manual processes and INNTRA to guarantee continuity and deter customers to keep facing disruptions. After a week of backlog and assessments for full transparency, major digital applications and APM Terminals resumed operations and productivity levels reached normality. Yet, as opposed to other insiders who failed to enumerate the causes that made Maersk a clear victim, surveys and industry experts exposed their views on this topic. These views commonly comprise a mixture of technological, human, and digital failings.

In its Crew Connectivity 2015 survey, Futurenautics found that, “Only 12% of crew had received any form of cyber security training. In addition, only 43% of crew were aware of any cyber-safe policy or cyber hygiene guidelines provided by their company for personal web-browsing or the use of removable media (USB memory sticks etc.). Perhaps unsurprisingly, given the above statistics, fully 43% of crew reported that they had sailed on a vessel that had become infected with a virus or malware”.

Phil Tinsley, Manager, Maritime Security at Bimco said, “It is the human element which we believe is the gravest concern. Why? There is unfortunately still a lack of awareness of the potential severity of a malicious cyber security attack on board a ship. Information technology systems and operational technological system protocols are often not fully understood by all ships’ crews. There is potential for an incident to occur through negligence, misuse or even deliberate acts when dealing with on board systems, which are connected”.

Digital innovations are also the newest game changers that are exposing shipping companies to new vulnerabilities. With more than 600 vessels operating in around 130 countries, Maersk created the “Maersk Advanced Analytics Team” in order to improve operational efficiencies, fuel savings, and customer service. Yet, digitalisation absorbs new issues; vessels are increasingly using systems that rely on data usage and analytics that bring a greater risk of unauthorised access or malicious attacks to ships’ systems and networks.

“One of the biggest challenges I see in the shipping and maritime sector is the pace of digitalisation in the industry versus the ever-changing threat landscape. Today a lot of critical functions, commercial and business operations must meet the digitalisation demand and this has forced industries, including the shipping and maritime sector into meeting demands, which potentially changes the way security was built and designed to secure infrastructure, protect data, customers and employees,” said Jens Monrad, Senior Intel Analyst, at FireEye iSight.

The shipping industry is waking up to a new era of technological innovations. Even so, there is an evident lack of maturity, even for the largest shipping firms, to develop a technical checklist of preventive actions that should be followed to avoid potential cyber threats. Transforming obsolete processes and fragmented supply chains into fully protected, integrated systems requires pragmatism and caution to say the least. Lars Jensen, CEO and partner, at SeaIntelligence Consulting, added:

“Many shipping companies wrongfully believe that cyber security has to be expensive. The reality is that often simple, inexpensive, actions will raise security significantly both on the landside and on the vessels. Often it is a matter of ensuring that systems get updated in a timely fashion, business processes are changed slightly, networks are properly configured, security features are tested and users properly trained.”

Valour Consultancy ratifies the importance that cyber awareness has in todays’ shipping world. By implication, cyber security should be considered vertically and horizontally, from top management ashore to onboard crews, assigning resources and responsibilities that could create a new culture based on continuous risk assessments and operational efficiencies. Perhaps, the Danish conglomerate failed to capture the educational/training benefits that cyber aware programs bring to the industry, which is the reason why many business units across the organisation were vulnerable to the crime.

Ongoing risk assessments should sequentially be employed once awareness reaches optimal results. Every employee should be aware of any potential risk and internal vulnerabilities, carry out continuous assessments and identify solutions in the event of an attack, increase protection methods and mitigate the impact of exposure, implement contingency plans (ideally non-electronic ones against data deletion and shutdown of IT systems), and follow a recovery plan that covers the inspection, detection, and deletion of threats. Following those actions is essential to minimise the risk of loss of data, revenue, and reputation.

-
[fusion_builder_container hundred_percent="no" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" overlay_color="" video_preview_image="" border_size="" border_color="" border_style="solid" padding_top="" padding_bottom="" padding_left="" padding_right=""][fusion_builder_row][fusion_builder_column type="1_1" layout="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" border_position="all" spacing="yes" background_image="" background_repeat="no-repeat" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="small-visibility,medium-visibility,large-visibility" center_content="no" last="no" min_height="" hover_type="none" link=""][fusion_text] As the shipping industry keeps moving slowly to new forms of technology and digital innovations, criminality has started to make a huge impact on the ocean supply chain. On June 27th, A.P. Moller-Maersk fell victim to a coordinated international cyber-attack, which affected several of its businesses across the world, causing the shutdown of IT systems across its business units against virtual intrusion. The impact of the attack was critically significant not only for the amount of goods being transported on a daily basis, but also for the major disruption it caused on its port-to-port communications and digital applications. Without a doubt, the recent cyber-attack unraveled key vulnerabilities and plausible negligence given Maersk’s position as the world biggest shipping line and also, operator of 76 ports via its APM Terminals division. The Danish firm reported, “We can confirm that Maersk has been hit as part of a global cyber-attack named Petya on the 27 June, 2017. IT systems are down across multiple sites and select business units…We have contained the issue and are working on a technical recovery plan with key IT-partners and global cyber security agencies”. It is difficult to ascertain the exact reasons why Maersk fell victim to such a criminal manoeuvre without having a look at its computer systems and IT capabilities. Nonetheless, it does beg the question: how does one of the largest container shipping companies in the world, which beyond doubt, invests huge amounts of money on IT developments, get brutally infected? During a live interview, Vincent Clerc, Maersk Line’s Chief Commercial Officer, explained that while continuous security assessments and further investigations were still in progress, the firm had been focusing on devoting more resources to business continuity and adequate protection for its customers. As part of its response to the attach, Maersk enabled the use of manual processes and INNTRA to guarantee continuity and deter customers to keep facing disruptions. After a week of backlog and assessments for full transparency, major digital applications and APM Terminals resumed operations and productivity levels reached normality. Yet, as opposed to other insiders who failed to enumerate the causes that made Maersk a clear victim, surveys and industry experts exposed their views on this topic. These views commonly comprise a mixture of technological, human, and digital failings. In its Crew Connectivity 2015 survey, Futurenautics found that, “Only 12% of crew had received any form of cyber security training. In addition, only 43% of crew were aware of any cyber-safe policy or cyber hygiene guidelines provided by their company for personal web-browsing or the use of removable media (USB memory sticks etc.). Perhaps unsurprisingly, given the above statistics, fully 43% of crew reported that they had sailed on a vessel that had become infected with a virus or malware”. Phil Tinsley, Manager, Maritime Security at Bimco said, “It is the human element which we believe is the gravest concern. Why? There is unfortunately still a lack of awareness of the potential severity of a malicious cyber security attack on board a ship. Information technology systems and operational technological system protocols are often not fully understood by all ships’ crews. There is potential for an incident to occur through negligence, misuse or even deliberate acts when dealing with on board systems, which are connected”. Digital innovations are also the newest game changers that are exposing shipping companies to new vulnerabilities. With more than 600 vessels operating in around 130 countries, Maersk created the “Maersk Advanced Analytics Team” in order to improve operational efficiencies, fuel savings, and customer service. Yet, digitalisation absorbs new issues; vessels are increasingly using systems that rely on data usage and analytics that bring a greater risk of unauthorised access or malicious attacks to ships’ systems and networks. “One of the biggest challenges I see in the shipping and maritime sector is the pace of digitalisation in the industry versus the ever-changing threat landscape. Today a lot of critical functions, commercial and business operations must meet the digitalisation demand and this has forced industries, including the shipping and maritime sector into meeting demands, which potentially changes the way security was built and designed to secure infrastructure, protect data, customers and employees,” said Jens Monrad, Senior Intel Analyst, at FireEye iSight. The shipping industry is waking up to a new era of technological innovations. Even so, there is an evident lack of maturity, even for the largest shipping firms, to develop a technical checklist of preventive actions that should be followed to avoid potential cyber threats. Transforming obsolete processes and fragmented supply chains into fully protected, integrated systems requires pragmatism and caution to say the least. Lars Jensen, CEO and partner, at SeaIntelligence Consulting, added: “Many shipping companies wrongfully believe that cyber security has to be expensive. The reality is that often simple, inexpensive, actions will raise security significantly both on the landside and on the vessels. Often it is a matter of ensuring that systems get updated in a timely fashion, business processes are changed slightly, networks are properly configured, security features are tested and users properly trained.” Valour Consultancy ratifies the importance that cyber awareness has in todays’ shipping world. By implication, cyber security should be considered vertically and horizontally, from top management ashore to onboard crews, assigning resources and responsibilities that could create a new culture based on continuous risk assessments and operational efficiencies. Perhaps, the Danish conglomerate failed to capture the educational/training benefits that cyber aware programs bring to the industry, which is the reason why many business units across the organisation were vulnerable to the crime. Ongoing risk assessments should sequentially be employed once awareness reaches optimal results. Every employee should be aware of any potential risk and internal vulnerabilities, carry out continuous assessments and identify solutions in the event of an attack, increase protection methods and mitigate the impact of exposure, implement contingency plans (ideally non-electronic ones against data deletion and shutdown of IT systems), and follow a recovery plan that covers the inspection, detection, and deletion of threats. Following those actions is essential to minimise the risk of loss of data, revenue, and reputation. [/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

The Scandinavian dream of maritime communications: A transformational agreement between Ericsson and Maersk

Despite the moderate adoption of new advancements on communication technologies and industrial IoT, the shipping industry is still lagging behind in their implementation of end-to-end solutions, data management, and operational processes for integral connectivity. With more than 90% of consumable goods being shipped around the globe, there are still some unimpeachable factors that need to be accounted for if connectivity is set to be the milestone for a new system of sustainable performance. Yet, there are key players that are beginning to act upon major changes, taking a step forward through strategic collaborations.

The transformational agreement between Maersk Line – the world’s largest shipping company – and Ericsson – the world’s leading provider of technology and services to telecom operators – serves as a chronological example of process innovations and virtual solutions to the importance of ship-to-shore connectivity. This combination of forces strongly adheres to the values and visions outlined by the Swedish corporation; “To lead transformation through mobility, where we as a leading innovator drive transformation of industries and communities towards a sustainable Network Society…”

Back in 2012, the initial agreement contemplated the ongoing installation of mobile and satellite communications technology that enabled the Danish giant to access real-time monitoring across its fleet. Whilst the common connectivity has made its progress throughout time, the core objectives have always been based upon the improvement of vessel operations, fuel consumption, and electric conditions. Again, with nearly 300,000 refrigerated containers annually scheduled to move around 343 ports at 121 countries, Maersk Line faces a logistical challenge and a plausible margin of error that was eclipsed by the use of a Remote Container Management (RCM) system.

Launched in 2015, and under sophisticated technicalities, RCM supports the tracking of ships around the vast oceans, relying on three components: A GPS unit to monitor the movement of a ship, a SIM card that withstands high temperatures and exposure, and a GSM antenna to strengthen data signals. By implementation, Maersk Line has been able to deliver vital statistics of performance that comprises temperature, location, and power supply. At the same time, the shipping company uses the available data to maximise safety, operational/process efficiencies, and cargo care, requiring less manual inspection prior, during, and after-trip missions.

This volume of data is also loaded onto the cloud and sent back to shore-based offices for analysis. But major cloud upgrades have also been employed by the Swedish corporation to enable shipping to benefit from high connectivity, industry applications, and systems integration. The Ericsson’s Maritime ICT cloud, which has already been fortified by the strategic addition of Inmarsat’s Ka-/L- high-speed broadband Fleet Xpress product, offers an end-to-end managed cloud solution that connects vessels at sea to shore-based operations including maintenance service providers, customer support centers, fleet/transportation partners, port operations and authorities.

As part of industry applications, Ericsson’s eye on shipping powers Maersk’s commitment to digital innovations and IoT in the launch of Plug and Play Supply Chain & Logistics. Adhering Plug and Play as a strategic unifier, this digital platform aims to connect corporations to startup companies, enabling an open supply chain and logistics ecosystem. Importantly, this holistic program is set forward to enable a powerful transformation of the freight and logistic industry via a better access of large amounts of data, new technology, and more channels for engaging customers.

Through careful implementation of RCM, ICT Cloud, and industry applications, Ericsson is committed to higher connectivity and bandwidth, and logistics architectures. Nevertheless, Ericsson and Maersk Line are gradually achieving superior integration through voyage optimisation (operations and environmental efficiencies), cargo monitoring (keeping track of cargo through wirelessly connected vessels and real-time communications), and crew morale. This latter factor enhances crew satisfaction and retention rates, efficient coaching and development, and increased ability to cope with health crises that may occur while at sea.

To justify the inclusion of communication technologies and IoT at sea, Orvar Hurtig, Head of industry and Society at Ericsson argues: “Vessels at sea do have systems in place that allow them to monitor critical functions and fuel usage, set and maintain an optimal course and ensure the welfare of their crew, but they are not particularly well integrated with fleet management systems onshore and they do not maximise the potential of real-time data. As the driving force behind the networked society and the world leader in telecommunications, Ericsson is the right partner to help connect these disparate systems and enable them to share information with low latency”

Inevitably, the importance of superior communications and IoT will keep redefining the nature of sea-to-shore connectivity. The transformational agreement between Ericsson and Maersk Line keeps progressing in their pursuit of successful shipping of consumable items, data management, safety/navigation planning, environmental impacts, and real-time communications. Though, it is recommended that ship operators take sea-to-shore connectivity at heart to excel at the abovementioned factors, since Scandinavian firms are sending signals that they are conquering the vast ocean through major investment in digital communications and networks.

-
[fusion_builder_container hundred_percent="no" equal_height_columns="no" menu_anchor="" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" background_color="" background_image="" background_position="center center" background_repeat="no-repeat" fade="no" background_parallax="none" parallax_speed="0.3" video_mp4="" video_webm="" video_ogv="" video_url="" video_aspect_ratio="16:9" video_loop="yes" video_mute="yes" overlay_color="" video_preview_image="" border_size="" border_color="" border_style="solid" padding_top="" padding_bottom="" padding_left="" padding_right=""][fusion_builder_row][fusion_builder_column type="1_1" layout="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" border_position="all" spacing="yes" background_image="" background_repeat="no-repeat" padding_top="" padding_right="" padding_bottom="" padding_left="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="small-visibility,medium-visibility,large-visibility" center_content="no" last="no" min_height="" hover_type="none" link=""][fusion_imageframe image_id="4990|full" max_width="" style_type="" blur="" stylecolor="" hover_type="none" bordersize="" bordercolor="" borderradius="" align="center" lightbox="no" gallery_id="" lightbox_image="" lightbox_image_id="" alt="" link="" linktarget="_self" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" animation_type="" animation_direction="left" animation_speed="0.3" animation_offset=""]http://217.199.187.200/valourconsultancy.com/wp-content/uploads/2017/05/container-158362_1280-1-1024x512-1.png[/fusion_imageframe][fusion_separator style_type="default" hide_on_mobile="small-visibility,medium-visibility,large-visibility" class="" id="" sep_color="#ffffff" top_margin="20" bottom_margin="20" border_size="" icon="" icon_circle="" icon_circle_color="" width="" alignment="center" /][fusion_text] Despite the moderate adoption of new advancements on communication technologies and industrial IoT, the shipping industry is still lagging behind in their implementation of end-to-end solutions, data management, and operational processes for integral connectivity. With more than 90% of consumable goods being shipped around the globe, there are still some unimpeachable factors that need to be accounted for if connectivity is set to be the milestone for a new system of sustainable performance. Yet, there are key players that are beginning to act upon major changes, taking a step forward through strategic collaborations. The transformational agreement between Maersk Line - the world’s largest shipping company - and Ericsson - the world's leading provider of technology and services to telecom operators - serves as a chronological example of process innovations and virtual solutions to the importance of ship-to-shore connectivity. This combination of forces strongly adheres to the values and visions outlined by the Swedish corporation; “To lead transformation through mobility, where we as a leading innovator drive transformation of industries and communities towards a sustainable Network Society…” Back in 2012, the initial agreement contemplated the ongoing installation of mobile and satellite communications technology that enabled the Danish giant to access real-time monitoring across its fleet. Whilst the common connectivity has made its progress throughout time, the core objectives have always been based upon the improvement of vessel operations, fuel consumption, and electric conditions. Again, with nearly 300,000 refrigerated containers annually scheduled to move around 343 ports at 121 countries, Maersk Line faces a logistical challenge and a plausible margin of error that was eclipsed by the use of a Remote Container Management (RCM) system. Launched in 2015, and under sophisticated technicalities, RCM supports the tracking of ships around the vast oceans, relying on three components: A GPS unit to monitor the movement of a ship, a SIM card that withstands high temperatures and exposure, and a GSM antenna to strengthen data signals. By implementation, Maersk Line has been able to deliver vital statistics of performance that comprises temperature, location, and power supply. At the same time, the shipping company uses the available data to maximise safety, operational/process efficiencies, and cargo care, requiring less manual inspection prior, during, and after-trip missions. This volume of data is also loaded onto the cloud and sent back to shore-based offices for analysis. But major cloud upgrades have also been employed by the Swedish corporation to enable shipping to benefit from high connectivity, industry applications, and systems integration. The Ericsson’s Maritime ICT cloud, which has already been fortified by the strategic addition of Inmarsat’s Ka-/L- high-speed broadband Fleet Xpress product, offers an end-to-end managed cloud solution that connects vessels at sea to shore-based operations including maintenance service providers, customer support centers, fleet/transportation partners, port operations and authorities. As part of industry applications, Ericsson’s eye on shipping powers Maersk’s commitment to digital innovations and IoT in the launch of Plug and Play Supply Chain & Logistics. Adhering Plug and Play as a strategic unifier, this digital platform aims to connect corporations to startup companies, enabling an open supply chain and logistics ecosystem. Importantly, this holistic program is set forward to enable a powerful transformation of the freight and logistic industry via a better access of large amounts of data, new technology, and more channels for engaging customers. Through careful implementation of RCM, ICT Cloud, and industry applications, Ericsson is committed to higher connectivity and bandwidth, and logistics architectures. Nevertheless, Ericsson and Maersk Line are gradually achieving superior integration through voyage optimisation (operations and environmental efficiencies), cargo monitoring (keeping track of cargo through wirelessly connected vessels and real-time communications), and crew morale. This latter factor enhances crew satisfaction and retention rates, efficient coaching and development, and increased ability to cope with health crises that may occur while at sea. To justify the inclusion of communication technologies and IoT at sea, Orvar Hurtig, Head of industry and Society at Ericsson argues: “Vessels at sea do have systems in place that allow them to monitor critical functions and fuel usage, set and maintain an optimal course and ensure the welfare of their crew, but they are not particularly well integrated with fleet management systems onshore and they do not maximise the potential of real-time data. As the driving force behind the networked society and the world leader in telecommunications, Ericsson is the right partner to help connect these disparate systems and enable them to share information with low latency” Inevitably, the importance of superior communications and IoT will keep redefining the nature of sea-to-shore connectivity. The transformational agreement between Ericsson and Maersk Line keeps progressing in their pursuit of successful shipping of consumable items, data management, safety/navigation planning, environmental impacts, and real-time communications. Though, it is recommended that ship operators take sea-to-shore connectivity at heart to excel at the abovementioned factors, since Scandinavian firms are sending signals that they are conquering the vast ocean through major investment in digital communications and networks. [/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]