Lack of cybersecurity in maritime, especially in ports, makes MTS SPoFs.

In IT or OT, very often in cybersecurity, we use term SPoF (a Single Point of Failure) - defined as Wikipedia states as "a part of system that, if it fails, will stop the entire system from working."

Murphy in his general Laws was more exact and specified:

• Anything that can go wrong will go wrong.
• If there is a possibility of several things going wrong, the one that will cause the most damage will be the one to go wrong.
• If anything simply cannot go wrong, it will anyway.
• If you perceive that there are four possible ways in which a procedure can go wrong, and circumvent these, then a fifth way, unprepared for, will promptly develop.
• Left to themselves, things tend to go from bad to worse.
• If everything seems to be going well, you have obviously overlooked something.

First thing - this post was inspired by Zygmunt Gorszczyński , my friend, and his last comments about MTS Cybersecurity.

The classic SPoFs in Maritime:

• Major Ports: Some ports serve as critical nodes in the global shipping network. If a major port like Rotterdam, Shanghai, or Los Angeles experiences a shutdown due to labor strikes, infrastructure failure, or cyberattacks, it can lead to significant delays and congestion in the maritime shipping network.
• Canals and Straits: The Suez Canal and the Strait of Malacca are examples of maritime chokepoints. A blockage or closure, such as the Ever Given container ship incident in the Suez Canal in 2021, can disrupt global shipping routes, leading to delays and increased costs as ships are forced to take longer alternative routes.
• Intermodal Connections: Maritime transport is often just one leg of a longer journey. If the intermodal connections (such as port-to-rail or port-to-truck facilities) are not robust, a failure in one mode can impact the entire transportation chain.

Still you don't see anything cyber? Maritime relying now heavily on digital tools and systems in many aspects doesn't see it either.

So let's check some public known cases.

• November 2023, Australia - DP World needed to stop almost all their operations in its port terminals at Sydney, Melbourne, Brisbane, and Fremantle due to a cybersecurity incident.
• July 2014, Galapagos - 260 Chinese vessels switched off their AIS radios to illegally fish sharks an international no-fishing zone
• December 2022, Singapore - Voyager Worldwide supporting 25% of shipping companies on the globe was hit by cyberattack and all its systems were taken down
• December 2022, Lisbon - Ransomware attack caused Port of Lisbon to be suspended for four days, apart from stolen financial reports, audits, budgets, contracts, cargo information, ship logs, port documentation, among other vital port-related information.
• July, 2019, Strait of Hormuz - GPS spoofing made British-flagged tanker Stena Impero to allegedly violate maritime regulations and the vessel got seized by Iran's Revolutionary Guards.

*All the data and info are based on MCAD (Maritime Cyber Attack Database, https://www.nhlstenden.com/en/maritime-cyber-attack-database).

As we can see the reliance on technology in the maritime industry has introduced new types of SPoFs, where a cyberattack on a single system can have far-reaching consequences for global trade and security. Also the integration of digital navigation tools, cargo tracking systems, and automated port operations has created new vulnerabilities that cybercriminals can exploit. All of these means that maritime organizations must be vigilant in identifying and protecting against potential SPoF threats in their IT / OT / Maritime infrastructure & software and finally being seen as a SPoF in MTS by other maritime stakeholders. It does mean that IT / OT / Maritime should be well budgeted, not only cyber, but the whole infrastructure & software supporting operations.

It should be said that Cyber governance function should advocate for and allocate appropriate resources for cybersecurity measures, ensuring that the necessary tools and technologies are in place to build proper architecture and processes to prevent and mitigate SPoFs. Additionally Cyber governance facilitates collaboration across different departments and with external stakeholders to ensure a unified approach to cybersecurity, addressing business and cybersecurity needs more effectively.

If you have no cyber function, if you're underbudgeted, if you don't govern cyber and you don't talk with business on cyber and you're happy with that please let me cite one truth reminded me by Gary C. Kessler lately - If you are happy with your cyber countermeasures the bad guy is happy too!

I will finish with more optimistic F@b's comment to Murphy's Law:

While you are reading this, something is going wrong but you don't know it... yet ;-)