KUALA LUMPUR (Dec 20): While the grounding of the container vessel Ever Given was not the result of a cyberattack, the incident showed potential hackers how one grounding on a globally significant shipping route could have wider implications to global trade and stock markets.
In a report on Monday (Dec 19), shipping industry magazine The Maritime Executive (TME) said this unveiled a new incentive for targeting vessels.
The magazine said an opportunity arose for attackers, evidenced by discussion on the dark web.
It said the incident's global impact was vast, especially on stock markets, adding that vessels containing a wide variety of trade commodities were delayed.
Many top European industries were impacted, including construction, wholesale trade and health services.
For example, machinery company Caterpillar considered airlifting parts to overcome the blockage, said TME.
The magazine said the commercial maritime industry operates over 90,000 vessels across various segments, from merchant ships to offshore support vessels.
It said developments in digitisation, automation and smart tech have increased the efficiency of marine operations, transforming processes that were previously conducted manually.
However, TME said these developments have also created new cyber challenges, like outdated and unsupported software, intrusion into vessel systems and crew-related factors.
It said many onboard operational technology systems were installed during vessels’ original construction, as long as 25-30 years ago.
With such long lifespans, many commercial vessels are now running outdated and unsupported software, including within operating systems.
This makes it easy for attackers to identify ways to target them.
TME said delays resulted in losses.
Supply chain disruptions can cause major price dislocations, which can impact prices on financial markets.
It said the blockage of Ever Given held up an estimated US$400 million an hour in trade, based on shipments that were on the affected vessels in and around the Suez Canal.
Having seen the vast impact on the stock market, attackers realised they could purchase certain stock before committing an attack and profit from it, with knowledge of the upcoming attack.
TME said they could invest in certain commodities and avoid being tracked as they might with ransomware requests.
It said attackers could use viruses tested onshore to target vessels’ systems.