June 2017 was the time when the most serious cyberattack in the maritime sector history took place. The world's largest container transport company, Maersk, was the victim of a computer attack that caused losses of around 250 million euros and deeply affected the logistics chains of hundreds of thousands of customers.
The Petya virus attack not only damaged the company's reservation system and slowed container tracking, it also caused traffic jam in almost 80 ports around the world. In addition to Maersk, other transport and logistics giants were affected by the cyberattack, such as the German postal and logistics company Deutsche Post or the German railway operator Deutsche Bahn.
Transport and logistics companies are cybercrime targets and very appealing to computer criminals because of the large amount of data and information they handle. Also, many agents are involved in its activity and they are necessarily interconnected, and, finally, there are many cases where critical infrastructures are involved in its activity. Although being the target of a cyberattack is a serious setback for many sectors, in the maritime transport specific case it must be taken into account that this industry is responsible for 90% of the commercial exchanges taking place worldwide that the supply chains of the main productive sectors depend upon.
El hecho de que, al mismo tiempo, el sector esté inmerso en una fase de intensa digitalización con la implantación de nuevas tecnologías como el Big Data, internet de las cosas, etcétera, hace que el de la logística sea uno de los ámbitos de la economía más expuesto a ciberataques.
That’s the reason why there is an increasing sensitivity among logistics companies toward these types of threats. The SMM Maritime Industry Report (MIR) report shows that 80% of the maritime transport industry leaders consider cybersecurity an important or very important issue. Despite this, investment in this area is relatively recent in European ports, unlike the Americans and Asians ones.
Shippers and regulators will Increasingly require transportation and logistics companies to guarantee the integrity of product and transport data, as well as security in compliance with the strictest cybersecurity laws.
On the other hand, one of the keys to face this threat, according to experts, is to turn digital transformation into a great opportunity, making cybersecurity one more element of this transformation.
We will see more and more frequently how new systems security related jobs are covered within the companies. It will also be necessary to draw up action protocols and good practice manuals, for the general use of employees, in terms of the use of new technologies in the work environment and possible cyberattacks.
In this context, the employees’ awareness and training is crucial. This requires a comprehensive approach that involves all the resources of the organization and all the organizations in the chain. Staff and employees must be trained in safety events of this nature and be prepared to face them. This also implies a resilience strategy based on the fact that one hundred percent security does not exist and that, therefore, there must be capacity and the necessary planning of the system to recover from disasters and disturbances caused by cybercrime.