Maritime Cyber Threats and Strategic Weaknesses: The Manipulation of Seafaring Cyber Weaknesses by Opponents in Unconventional Warfare
=========================================================
In the dynamic world of maritime traffic, the importance of cybersecurity has grown significantly over the past decade. The UK's Maritime and Coastguard Agency (MCA) and the National Cyber Security Centre (NCSC) have been at the forefront of ensuring the protection of maritime infrastructure within the United Kingdom.
The maritime domain, particularly the littoral zone, has become a hotspot for discord in the 21st century. Irregular adversaries, such as smaller forces acting as proxies for larger nation-states and near-peer competitors, are common in this zone. The litttoral zone is the frontier where territorial claims are tested, nations confront one another, and major political affairs unfold.
The complexity of today's navigation systems, coupled with their reliance on a global supply chain, makes the maritime industry increasingly vulnerable to cyberattacks. Malicious software, or malware, poses a significant threat to computer systems in the maritime domain.
One of the most high-profile incidents occurred in 2021 when the container ship Ever Given grounded in the Suez Canal, causing a complete blockage for more than six days. The grounding delayed an estimated $9.6 billion in goods each day and resulted in an estimated $300 million in lost revenue for the shipping giant.
Another significant incident was the NotPetya ransomware worm attack on the largest shipping company in the world, APM-Maersk, in the 21st century. The attack caused a shutdown of its IT systems across its network, forcing a rebuild of the company's entire network infrastructure of over forty-five thousand computers and four thousand servers.
Ransomware campaigns have seen a sharp increase in the maritime industry, with a 400 percent rise between February and June 2020. The International Maritime Organization was also affected by a denial-of-service attack in September 2020.
The US government has taken steps to address these cybersecurity challenges in the maritime domain. An executive order has been issued to strengthen the Positioning, Navigation, and Timing (PNT) system, and a National Maritime Cybersecurity Plan has been developed. The reorientation towards great power competition notwithstanding, the Irregular Warfare Annex to the National Defense Strategy recognises that irregular warfare is a core competency for the entire joint force.
The potential for a malign actor to orchestrate a similar incident in other narrow transit points like the Suez Canal, Panama Canal, Kill Van Kull, and others cannot be overlooked. As the maritime industry continues to evolve, so too must its cybersecurity measures to ensure the safety and efficiency of global trade.
