According to research findings, the average cost of a cyberattack targeting the shipping industry in 2023 reached $550,000—more than tripling from $182,000 in 2022. Ransom demands also surged by over 350%, with the average ransomware ransom rising from $3.1 million in 2022 to $3.2 million in 2023. This suggests that the shipping industry has become a prime target for attackers, who continue to escalate their ransom demands.Despite these severe threats, the industry’s security investment remains insufficient. Thirty-three percent of survey respondents reported spending less than $100,000 annually on cybersecurity, while 25% said they did not even carry insurance covering cyber risks. Thetius Managing Director Nick Chubb warned, “Our research shows that the shipping industry has made significant strides in improving its security posture in a short period. However, cybercriminals are evolving even faster, and the cost of cyberattacks continues to rise. Exploiting just one weak link in the supply chain can have a massive impact on global shipping. The entire industry must raise its security standards even further.”
Efforts to strengthen cybersecurity are also gaining momentum. In December 2023, maritime IT publication Digital Ship reported that CYTUR, a Korean maritime mobility cybersecurity company, successfully completed a ‘Smart Ship Cybersecurity Demonstration Project’ with support from the Korean Ministry of Science and ICT (MSIT) and the Korea Internet & Security Agency (KISA). The project involved vessel suppliers, shipbuilders, and academic and industry experts, resulting in a 400% increase in the scope of maritime cyber threat analysis and an 83% reduction in the cost of secure vessel design. Digital Ship noted, “The project achieved significant results by applying cybersecurity technologies based on the smart ship lifecycle, reducing shipbuilding costs and timelines while enhancing security.” Based on the best practices derived from this research, CYTUR plans to launch new cybersecurity technologies and services for the shipping industry, including:
- SHIPPOT™: Customized cybersecurity technology for specialized vessels
- Vessel-dedicated network intrusion detection system
- Cybersecurity education and training system for ship crew and management
- Threat monitoring service for shipping companies
- Zero-trust security model for vessels
A CYTUR representative stated, “As security vulnerabilities in smart ships continue to grow, the industry needs to take a proactive approach,” adding, “We will continue to work with the shipping industry to provide more effective security solutions.”
According to the research, the cyber attack surface of vessels in operation increased by 1,034% from January 2022 to December 2023. This indicates that as vessel operating systems become increasingly digitalized, security vulnerabilities are growing in parallel. Industry experts emphasized, “Simply applying existing land-based security systems to ships is not sufficient,” stressing that “customized cybersecurity technologies tailored to the unique characteristics of the shipping industry are essential.”
Without the introduction of new security solutions, the shipping industry is likely to face even greater cyber threats in the future. Accordingly, more effective and comprehensive maritime cybersecurity solutions are urgently needed to protect the complex operational networks of the shipping industry. In conclusion, as digitalization in the shipping industry accelerates, cybersecurity threats are on the rise, and urgent efforts are needed to strengthen security investment and policies across the industry. The development of security technologies by companies such as CYTUR is expected to be a key factor in determining the future competitiveness of the shipping industry.
Source : https://insights.blackhatmea.com/
