Last week the shipping container company A.P. Moller-Maersk made public the losses they suffered to a cyber attack earlier this year. The Danish company, which is responsible for the handling of one in seven containers shipped worldwide, reported lost revenue of nearly $300 million in the aftermath of the attack /1/. The announcement has drawn attention to the system security of the shipping industry, which carries 90 percent of world trade /2/.
Multiple shipping companies losing revenue to attacks
In the case of Maersk, ransomware also used to harm tax accounting software in Ukraine was used to shut down all of the application and data affecting the Maersk Line, Damco, and APM terminals /3/. The result was a tremendous loss of revenue due to the chaos of trying to operate without their normal systems (the affected terminals were incapacitated for weeks), and the necessity of completely rebuilding IT structures afterwards.
A recent article by BBC reported another instance of a shipping firm discovering a virus being used to re-route funds through finance department e-mails; this attack resulted in several million dollars of damage before being discovered /2/. Hacking in the shipping industry can become especially dangerous when the penetrators are pirates seeking to seize valuable cargo.
Attacks putting ships in danger
Once an attacker has access to a ship’s data, they can identify its location, route, contents, etc., putting the ship itself in jeopardy. BBC reported that ships themselves have been targeted in the past resulting in switchboard shutdowns on board /2/.
The shipping industry faces clear challenges in protecting itself against devastating attacks and will have to contemplate solutions for keeping hackers out of their systems. To further complicate things, shipping companies can not compromise transparency in their shipping processes for security – they need both to stay afloat.
Why the industry should be seriously considering Blockchain
Blockchain technology could offer a solution for shipping companies looking to amp up their risk management. When linked to GPS systems and other machines using human interface technology, product and ship data can be directly written into a Blockchain, which offers security not available through traditional databases.
When a hacker breaks through defences in traditional IT infrastructures, they are quite easily able to alter data without the changes being noticed or stopped. This is impossible when data is saved in a Blockchain, which used an elaborate encryption procedure for all data.
Blockchain offers deterrence and armor
Blockchain distributes many copies of data throughout the overall data bank, and an unauthorised party would need to change 51% of the data in order to successfully forge one entry. Blockchain is decentralised, so when one node fails, user can keep working with the database.
Had Maersk been storing its data in a Blockchain, the attack probably would not have been possible in the first place, and even if attacked, no data could have been lost or changed. If shipping companies are interested in protecting their business they should be reading up on Blockchain.