Multinational cyber security firm Kaspersky Lab says the marine industry is ‘easy meat’ for cyber criminals, and a recent data breach at shipping company Svitzer Australia – which affected almost half of its Australian employees – would suggest that’s not far from true.
Svizter revealed that the data breach, which is the first to be publicised under the mandatory data breach notification scheme, saw up to 60,000 emails from three accounts in finance, payroll and operations forwarded to external email addresses between May 2017 and March 2018.
The emails reportedly contained sensitive information (such as tax file numbers, next of kin details and superannuation account information) relating to around 500 Svitzer employees. Svitzer employs approximately 1,000 people in Australia and is part of the Maersk Group, which in 2017 fell victim to a global ransomware attack.
Australian marine industry is not immune to cyber attacks
The Svitzer data breach is a reminder that the Australian marine industry is not immune to cyberattacks – and hasn’t been for some time. It’s been nearly ten years since police discovered that a drug importing syndicate had hacked into the Integrated Cargo System of the Australian Customs and Border Protection Service.
Since then, cybercriminals have repeatedly targeted companies and organisations in the marine industry. The Australian Customs and Border Protection Service case is just one example, and according to the Australian Cyber Security Centre, government agencies aren’t even the most common targets for cybercrime. Private industry is the most common target, and smaller firms - which make up 89% of Australia’s maritime industry – are at the most risk.
Gallagher marine specialist Mark Rudman discusses how businesses in the sector
should approach mitigating their cyber exposures
Marine, cargo and logistics companies can’t afford to ignore cyber risk
Stephen Rudman heads up Gallagher’s national marine insurance practice. He says that while the extent of the cyber threat has long been appreciated by those in the international maritime industry, it’s received comparatively little attention in Australia.
“It’s only now after several high-profile cyber security breaches that we are starting to see clients actively seek advice on cyber risk insurance,” Rudman explained.
“For marine, cargo and logistics companies, cyberattacks can occur on a number of fronts. Criminals can re-route vehicles, hack into on-board navigation systems and compromise port and logistics databases. Unfortunately, there is no single foolproof insurance that responds to every circumstance.
“Generally speaking, we always recommend stand-alone cyber cover. Many insurers offer cyber-crime extensions to existing policies, but most of these provide insufficient protection. New cyber threats are continually emerging, so you need a comprehensive cyber policy to make sure you’re covered.”
Cyber crime is included in our new report about the 5 most challenging emerging risks facing the Australian maritime industry. The report can be downloaded for free below.