Cyber risk could mean several different matters such as financial loss of the company, damage to organizational reputation related to failure of information technology or other disruption in business processes. The development of technology entails major benefits to information saving and usage and create new communication methods to our modern life affecting our social life and way to execute business. Together with beneficial technology, rapid development has
created new risks when technology is more and more present of our everyday life and this insist organizations to become more aware of their vulnerability as a result of development and manage their risk exposure. [14]
Cyber security, earlier know as computer security, IT security or information security, is the protection for the computer systems and the information stored to them, the software, the hardware and the different processes controlled by them [18]. With cyber security, the target is to shelter from various cyber risks caused by humans like deliberate attacks, industrial espionage and terrorists but also avoid unintentional compromises of the information infrastructure due to equipment failures, natural disasters or user errors. Network should have intelligent applications that have capability to monitor and detect cyber-attacks and also ability for countermeasure strategies to outmaneuver the attackers when secret keys or cipher text are transported via network. Incident levels are recognized from low-severity breach all over to catastrophic severity based on the approximated security risk of the attack. Based on the attack level the cases are handled by different level security persons. Company’s own helpdesk professionals should handle low-level security threats such as spam email incidents or virus-infected system that is on the local area network. In the high-severity incident cases like disruption of business due to malicious acts or risk of leaking confidential information during the breach to the system, may require more capable professional to prevent the attack. [50]
Maritime cyber security as a theme is quite unknown still and that is why there are very few procedures how to handle the rising cyber risk threat. IEC 62443 standards are an international series of standards that takes stand on industrial cyber security for both technical and process-related aspects and these standards are working as a base for cybersecurity in marine industry [31]. Due to rapid digital transformation, also ship operation is digitalized and largely dependent on the effectiveness of software-based systems for operations. Based on that fact, the cyber security is rising to the critical risk area in marine industry. Ship’s cyber systems are categorized for two groups; standard information systems (IT) and operation and control systems (OT). Cyber security for standard information systems is typically better known and established procedures and technologies are used with information security management system. Typically a breach of standard information systems are not influencing for the safe operations of the ship and units, it rather have more financial and reputational impact. Cyber security for operation and control system is more unknown factor and unlike with standard
information system, attacking against these systems can jeopardize the safety of the vessel and its crew and passengers. This is continually rising threat and entire marine industry aim is to prepare to build and operate cyber-secure vessels and offshore units. [19]
Based on the interview with cyber security expert from company named F-secure, the challenges in an environment that is digitalizing every day more is that different systems are wanted to integrate together extensively causing emerging risk for cyber attacks when possible attacking channels are growing with the new alternative routes to the systems. Another vulnerable path is remote accesses that are also majorly growing due to increasing amount of data in individual systems. Development of systems have increased the amount of data flowing on and off ships and this improves operational efficiency. Proactively following the statuses of the systems have provide a better overview and that enables planning beforehand the maintenance plan of systems and other tasks on vessel. Continuous developing of the systems have require to growth a knowledge for the awareness of cyber risk and security. One reason why cyber attacks are quite unknown still today's world are that the companies that have become a victims of these kind of attacks are not willing to expose it since they are afraid of the reputational damages of the company. As a result of this private behavior and holding out of data, the experiences are not shared into general knowledge and awareness of cyber attacks remains unfamiliar. [22] [31]
Malware is the key choice of weapon to carry out malicious intends to breach cybersecurity efforts in the cyberspace. Malware have variety ways to infect system e.g. alluring users to visit malware propagating websites or tricking user to open tainted files. Malware is also capable to load itself onto a Universal Serial Bus (USB) drive connected into the infected device and then spread into every other system where the device is subsequently inserted. Challenging enemy of Malware is making that it can be inserted in the system from any point of the system lifecycle and victim can be anything from servers, network devices, process control system such as Supervisory Control and Data Acquisition (SCADA) all the way to end user systems. PC based systems are most of the time targets because attacking methods are familiar and already created malwares can be used when target is well-known. Another reason is that usually most of the company sensitive materials are found from the personal computers (PC). [20]
In early days, purpose of the cyber attacks was mainly related to the showing off with technical abilities. Now primarily the aim is to steal sensitive material of personal, financial or business information and desire to advantages that information or alternatively cause a harm to the target of the attack [21]. The cyber security has slowly become an interesting topic also in marine industry, which is good that aware of this topic is increased before it really steps up to be a major topic. At least in new build business it has been started to recognized by the institutions like Classification Society, insurance companies and shipping companies. The operating crew is mandatory to have clear guidelines and expertise how to proceed during cyber attack. Digital transformation for the operation of the ship have allowed smaller control crew and old school manually operated ship normally requires a larger crew. In case that cyber attack is targeted to the operation and control systems (OT) and one of the critical systems from operating point of view collapses, the operating of the ship has to be continued in manual mode. For that reason, the expertise of the ship crew, has to be in high level and the knowledge how to handle the state of emergency. [31]