A Review of Maritime Security Accidents and Related Initiatives from the Industry and Regulators

Maritime security concentrates on preventing intentional damages on the marine resources which can be in the operation sabotage, subversion and any acts of terrorism. Maritime security mainly involves different activities that include the provision of safety to marine resources such as port, vessels and associated facilities. However, the advancement in the information technology and operation technology has come with a great challenge as far as maritime security is concerned to the onboard ships which are networked together. It is apparent that various ships are often connected to a particular network ultimately increasing the risks of data breaching through unauthorized access as well as malicious attacks to the present systems and networks of the ships. There is, therefore, the need of implementing appropriate practices and [policies which can enhance maritime security when it comes to identifying and combatting cyber-attacks.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

The global maritime security incidents decreased by 24% in the first half of the year 2016 as compared to the similar period in 2016. The decline in the marine events in the recent times has been orchestrated by a 61% decrease in the issues in South-East Asia. These incidents were characterized by maritime security concerns such as piracy and robbery, which was at its all-time high in 2009 (World Maritime News, 2016, p3). Decreasing rates of criminal activities have also been reported in various parts of Africa and some parts of Central America. This has led to a worldwide decline of maritime security incidents. In the first six months of 2016, it was reported that 91% of the maritime security incidents in the globe revolved around piracy and armed robbery. Unlike other global parts, European ports and water bodies are mainly affected by instances of marine activism thus becoming a significant operational risk.

Analysis of the maritime security and crime incidences by a region indicate that Southeast Asia records the highest levels of the security issues. In the first nine months of 2016, reports stated that there was a 38% increase of maritime crime incidents in the Southeast Asia (MI News Network, 2017, p4). There are the calls for the three countries bordering the Singapore Strait to provide effective security measures that can help in combatting criminal activities thus protecting the maritime trade. The number of marine security incidents rose from 140 in 2014 to 194 in 2015. The criminal gangs in this region have often focused on petty thefts on the ships stores which involved stealing some engine parts as well as high-value machinery, with the aim of reselling them to the black market. From 2015 up to date, about 14 vessels have since been hijacked in Southeast Asia.

Apart from Southeast Asia, other global parts such as the Gulf of Guinea saw a reduction in the maritime crime figures. In 2014, there was 18% decline in the number of marine security incidents as compared to 2013. Irrespective of this reduction, it is revealed that the number of attacks significantly increased and it constituted of the kidnapping of the senior crew members as well as the seizure of the commercial vessels operating in the region by pirates (Dryad Maritime, 2015, p5). In the Gulf of Guinea, Nigeria is portrayed as the most affected nation as far maritime security incidences are concerned. The pirates typically kidnap the crew members with the intention of being paid a ransom from appropriate parties. However, the practice has been combatted through the intensification of the maritime security in the region.

Somali piracy had soared in the period between 2009 and 2013 but has since declined recently. The dramatic fall in the rates of the Somali piracy in particular water bodies such the Indian Ocean can be attributed to the beefing up of security measures through coalition forces. This was also facilitated by the implementation of effective management practices through the provision of the armed security teams that privately sourced. This has contributed immensely to the containment of the maritime security threats (Dryad Maritime, 2015, p5). Piracy was once regarded as the lucrative venture for the criminal gangs, but combative measures put in place has made it less rewarding as compared to the previous incidences thus forcing pirates to seek for new alternatives such as cyber-crime.

The advancement of the information technology has led to improvement in the abilities of attackers causing havoc in various water vessels such as ships. Criminals have opted to exploit existing security vulnerabilities thus resulting in the escalation of maritime security incidents inclined towards cyber-crime. The growing population of people culminated with their large volumes of data has led to the creation of the virtual environment which is commonly targeted by criminals. The attackers view such data as a leeway to exploit different financial systems as well as the internet of Things (IoT) utilized in the maritime operation (Daultrey, 2017, p9). This is an indication that high seas, global ports, and the coastlines have become targeted by cyber-attackers.

The marine operations are characterized by fixed and mobile equipment/assets, situated in different regions of jurisdiction. Communication and network systems which are made up of poor security technologies such as the use of obsolete or no encryption methods increases their levels of security vulnerabilities. Such systems become susceptible to cyber-attackers who exploit the existing weak-links thus facilitating the escalation of the data breaching in this sector (Daultrey, 2017, p9). It is apparent that about 90% of the worlds cargo is transported via the sea. This attests that sea transportation is a critical infrastructure to various countries.

In the maritime sector, incidents linked to cyber security can be in the form of the intentional attacks not only on the infrastructures but also on the vessels that can extend towards accidental security breaches and other exploits. Some of the assets that are targeted by cyber-attackers encompass vessels, containers, offshore gas platforms, drones, navigation aids, and undersea cables (Hayes, 2016, p23). Ship-to-shore communications together with port industrial control systems (ICS) are usually under consistent threats of cyber-attacks. The levels of the vulnerabilities are increased in those systems which are not integrated with inbuilt signal authentication.

Apparently, the nature of the data stored by shipping firms or their service providers is made up of operational and financial details, passenger data, and information on the locations and particular assets. The use of the automated technology in the marine sector such as utilization of the unmanned vessels as well as the implementation of the remotely controlled applications has only increased the number of naval assets which are connected to a given network. This has given the cyber attackers an opportunity to perpetuate their criminal activities through the exploitation of the system vulnerabilities in these systems (Hayes, 2016, p23). The recent marine cyber security incidents have prompted the relevant bodies to include in the national security approaches as it is the case in the United States and the United Kingdom.

It is apparent that cyber-attacks in the marine industry are taking place. The cyber-attacks on the Islamic Republic of Iran in 2011 is an example of the incident of maritime cyber security. Shipping plays an integral role in the Irans economy especially when it comes to transiting of Iranian exports (Hayes, 2016, p30). In 2011, Islamic Republic of Iran Shipping Lines (IRISL), which is a shipping company owned by the Iranian State became a victim of cyber-crime. The attackers damaged the entire data associated with rates, loading, location and cargo number, consequently plunging the company into a significant financial loss (Hayes, 2016, p30). The ultimate implication of this cyber-attack is that it rendered IRISL unable to account for containers and cargo placed on its ships. Other instances such as Mobile Offshore Drilling Units, the ghost shipping and Icefog highlights the cyber security issues that have affected marine transporting industry.

International policies and regulations on maritime cyber security have not been fully implemented due to particular challenges. The port industrial control systems (ICS) consider the application of the international laws on maritime cyber security as futile effort due to controversies surrounding their implementation. The vessel, crew and passengers safety on the high seas is typically dependent on the global conventions and protocol, which is applicable in 180 flag states (Daultrey, 2017, p12). The member countries are given the responsibility of providing the physical security for both the crews and the passengers sailing through different sea vessels. The International Maritime Organization (IMO) made some changes on the SOLAS in 2004 thus allowing the inclusion of the port and ship security in their regulations. However, this approach was not effective in curbing the issues related with cyber-attacks since IMO was relying on the voluntary reports on cyber security incidents from the limited sources (member states).

Recently, the marine industry and related regulators have made a breakthrough as far initiatives to curb the incidents of maritime cyber security. In 2016, NATO declared cyberspace as section whose operations apply to the international laws thus asserting that cyber-attack is an offensive defense tact which is utilized by criminals (DNV GL, 2016, p25). This is an indication that every crew member and passengers aboard a ship should acknowledge the possibilities of threats emanating from cyber-attacks.

Analyze the way the risk assessment/management frameworks could be used to assess maritime-related cyber security risks.

The advancement in information technology and operational technology, which is widely utilized in onboard ships has led to increasing number of equipment or components that have been networked together. This has only brought a significant threat to unauthorized users or malicious attacks to the systems and networks facilitating the operation of onboard ships. The security vulnerabilities in the ships are also increased by the access of the particular system users (employees): For instance, they can introduce malicious programs such as malware through removable media that can lead to data breaching (International Association of Dry Cargo Shipowners, 2016, p5). It is imperative to adopt a risk-based approach when it comes to identifying, assessing and responding to the cyber security threats. The ship-owners and the operators are therefore required to adhere to a given set of guidelines that are vital in maintaining security and safety of cyber systems. This will ensure there are efficient ship operations. Mand

The management frameworks used in the assessment of the maritime-related cyber security risks should put an emphasis on the specific issues which are affecting the shipping industry onboard ships. This will include creating awareness of the security, safety or commercial threats that shipping companies will face in case measures to curb cyber security menace is not implemented (International Association of Dry Cargo Shipowners, 2016, p6). The management approaches should also focus on employing efficient strategies that ensure there is the protection of the shipboard operational technology and information technology infrastructures as well as other equipment which have been integrated into a network.

The risk assessment guidelines adopted by the shipping companies when it...