• Follow Us On Our Preferred Social Media Platform:

Wärtsilä points out ‘weakest link’ in online bunker transactions

24 Oct 2018

The bunkering industry experiences exactly the same cyber security vulnerabilities as other parts of the maritime industry and its exposure includes employees’ cyber hygiene, operational technology and financial transactions, says the VP of Cyber Security at Wärtsilä.

“It’s a business risk and people within the bunker industry have to know the threats they are facing and mitigate measures; the only way to do that is to have better understanding of the threat,” Mark Milford tells Manifold Times.

“Unless the equipment is up to date with the latest software or there are processes in place to prevent unauthorised access, anything that is connected either remotely or through physical means can have data accessed, altered or is vulnerable to cyber-attacks.”

Phishing, a fraudulent attempt at obtaining sensitive information by disguising as a trustworthy entity in an electronic communication, is especially common in the bunkering industry, states Milford.

He uses the example of a 2014 bunkering scam which cost World Fuel Services (WFS) approximately USD $18 million in damages where, in short, a scammer sent messages to WFS with payment information belonging to the criminal.

“The people aspect is particularly important in avoiding being a victim of cybercrime,” says Milford adding “educating people has the biggest affect across the board in terms of cyber resilience.” 

“The cybercriminal will always go after easiest options for generating revenue for themselves and in most cases that is actually the person who is operating the system; for example, in a phishing campaign with a fake invoice.

“The solution will be to educate the staff about cyber hygiene so they are aware of the threat likely to face them. This includes people involved in bunkering and people working in finance.” 

Meanwhile, Milford questions the reliability of cyberattack figures within the maritime industry.

“Nobody knows whether or not there were 2,000+ attacks last year in the bunkering industry because nobody wants to disclose them. The bunkering sector is especially reticent because you are not just dealing with reputation risk but also environmental impact as well if the operational technology is compromised,” he says.

“So only by understating what the threat is can you put in place mitigation measures.”

Milford was speaking to Manifold Times on the side lines of the launch of the International Maritime Cyber Centre of Excellence (IMCCE) at Singapore. The IMCCE consists of a Maritime Cyber Emergency Response Team (MCERT) and a cyber-academy.

The IMCCE is the world’s first industry solution for the marine industry, founded by Wärtsilä together with its strategic partner in cyber security, Templar Executives. 

“So in terms of understanding the threat we are partnering with Templar Executives to produce the first ever maritime threat integration facility,” notes Milford.

“Templar Executives are specialists working with government and has vast knowledge in maritime sector because they are responsible for drafting the BIMCO cyber security guidelines as well as working with International Maritime Organisation (IMO) departments.

“So, with vast maritime experience Wärtsilä has and their experience in the cyber sector we hope to be able to offer a holistic threat picture for all of our customers – this includes bunkering.”

Photo credit: Wärtsilä
Published: 24 October, 2018

 

Related News

Featured News

Our Industry Partners

  • argus

PR Newswire