The number of cyber attacks around the world continues to grow and this includes those targeted at the maritime sector. Commercial maritime companies, navies and governments must decide how prepared they are to protect their waters and ports from cyber threats, with African littoral states also forced to confront these new maritime challenges.
One recent attack that brought the issue to the fore took place in July this year when Transnet, a major South African rail, port and pipeline company, which handles 60% of the country’s container traffic in its Durban port, was hit with a ransomware attack. It caused massive disruptions and container terminals had to switch to manual processing of cargo until IT systems were restored.
Another notable incident was when shipping giant Mediterranean Shipping Company (MSC) was affected by a malware-based attack on 10 April 2020. More notably, the world’s largest container ship and supply vessel company, Maersk, was hit by the infamous NotPetya malware attack that destroyed 49 000 laptops, 1 000 applications and 3 500 servers in 2017.
Navies can also become victims of cyber attacks, and in late June this year, Automatic Identification System (AIS) data was spoofed to fake the UK Royal Navy destroyer HMS Defender in Russian waters.
On 16 September, The Institute for Security Studies (ISS) held a webinar centred around maritime cyber security in Africa, aimed at providing guidance on best practices against cyber threats. One of the speakers was Denys Reva, a maritime security expert at ISS Africa, who released a report last year highlighting the need for Africa to protect its maritime trade. 90% of all African trade is seaborne and, according to Reva, evidence suggests that an attack on a logistics hub, such as a port, could quickly disrupt a supply-chain network and incur tremendous financial damages.
“While cyber security is slowly becoming recognised as an important dimension of maritime security, its integration into African maritime security instruments and frameworks must be accelerated,” said Reva.
The keynote speaker, Chair of the African Union Cybersecurity Experts Group, Abdul-Hakeem Ajijola, noted ten best practices for ensuring security for ships cyber networks. This includes making sure satellite communication (satcom) systems are on private IP addresses, regularly updating software, changing passwords from their defaults, creating separate bridge, engine room, crew, Wi-Fi and business networks on board vessels, ensuring USB ports are secure on ship and harbour systems and using strong passwords and encryptions on all on board Wi-Fi networks.
Ajijola also recommended less reliance on technology, crew cyber security training, ensuring suppliers are secure, and conducting vessel and harbour security audits.
With regard to African nations and their navies, Ajijola said navies often do intelligence, surveillance, and reconnaissance (ISR) missions which rely on sensor and camera technologies amongst a host of different software and communications systems. Naval vessels and their weapon systems carry a lot of third party software, maintained by foreign companies. Ajijola believes indigenising these capabilities is safer for the cyber security of fleets.
Ajijola mentioned that as conflicts become increasingly cyber dependent, littoral African countries need a good understanding of the internet of things to gather actionable intelligence and data, possibly with the creation of specialised units or commands. Structured career paths with cyber security programmes, along with consulting with countries that have cyber capabilities and cooperating with maritime stakeholders could greatly improve a navy’s cyber security.
The biggest maritime threat to Africa in recent years has been piracy and illicit trade, particularly in the Gulf of Guinea, Niger Delta and off the coast of Somalia. However, experts on maritime cyber security all agree on two things: one, that cyber threats are increasing and two, that cyber threats are evolving with technology.
African countries have historically struggled to adequately control their territorial waters, particularly against illicit trade, illegal fishing and piracy. African navies normally have small, relatively ineffective budgets, leaving little to no scope for cyber security, and this is of concern and needs addressing, ISS webinar participants heard.
To benefit from the African Continental Free Trade Area (AfCFTA), the safety of sea routes, ports and vessels should be a priority for African states. This includes protection against cyber attacks, the ISS said.
The Institute earlier noted that cyber attacks against African maritime infrastructure threaten the continent’s recovery from COVID-19 and its long-term development and security aspirations. According to maritime cyber defence company Naval Dome, 310 incidents affecting maritime industries were recorded worldwide in 2019, a huge jump from 120 in 2018 and 50 in 2017.
The ISS predicted that the number of incidents like the Transnet attack will probably increase across Africa as maritime ports seek to increase efficiency and effectiveness through digitalisation. In this instance, transport infrastructure, especially a harbour, present lucrative targets for cyber criminals or other hostile actors due to the scope of operations and the many stakeholders involved.
For instance, Kennewick’s port in the United States was hit with a ransomware attack in 2020, disrupting its operations. Hackers accessed the port’s server and demanded a ransom of $200 000 to restore access to data, which the port refused to pay. Criminals may also exploit vulnerabilities to steal or conceal cargo.
Ports are attractive targets that are vulnerable to cyber attacks. Unless Africa urgently improves its port cyber infrastructure security, economic disruptions of this sort may become the new normal.