The bunkering industry experiences exactly the same cyber security vulnerabilities as other parts of the maritime industry and its exposure includes employees’ cyber hygiene, operational technology and financial transactions, says the VP of Cyber Security at Wärtsilä.
“It’s a business risk and people within the bunker industry have to know the threats they are facing and mitigate measures; the only way to do that is to have better understanding of the threat,” Mark Milford tells Manifold Times.
“Unless the equipment is up to date with the latest software or there are processes in place to prevent unauthorised access, anything that is connected either remotely or through physical means can have data accessed, altered or is vulnerable to cyber-attacks.”
Phishing, a fraudulent attempt at obtaining sensitive information by disguising as a trustworthy entity in an electronic communication, is especially common in the bunkering industry, states Milford.
He uses the example of a 2014 bunkering scam which cost World Fuel Services (WFS) approximately USD $18 million in damages where, in short, a scammer sent messages to WFS with payment information belonging to the criminal.
“The people aspect is particularly important in avoiding being a victim of cybercrime,” says Milford adding “educating people has the biggest affect across the board in terms of cyber resilience.”
“The cybercriminal will always go after easiest options for generating revenue for themselves and in most cases that is actually the person who is operating the system; for example, in a phishing campaign with a fake invoice.
“The solution will be to educate the staff about cyber hygiene so they are aware of the threat likely to face them. This includes people involved in bunkering and people working in finance.”
Meanwhile, Milford questions the reliability of cyberattack figures within the maritime industry.
“Nobody knows whether or not there were 2,000+ attacks last year in the bunkering industry because nobody wants to disclose them. The bunkering sector is especially reticent because you are not just dealing with reputation risk but also environmental impact as well if the operational technology is compromised,” he says.
“So only by understating what the threat is can you put in place mitigation measures.”
Milford was speaking to Manifold Times on the side lines of the launch of the International Maritime Cyber Centre of Excellence (IMCCE) at Singapore. The IMCCE consists of a Maritime Cyber Emergency Response Team (MCERT) and a cyber-academy.
The IMCCE is the world’s first industry solution for the marine industry, founded by Wärtsilä together with its strategic partner in cyber security, Templar Executives.
“So in terms of understanding the threat we are partnering with Templar Executives to produce the first ever maritime threat integration facility,” notes Milford.
“Templar Executives are specialists working with government and has vast knowledge in maritime sector because they are responsible for drafting the BIMCO cyber security guidelines as well as working with International Maritime Organisation (IMO) departments.
“So, with vast maritime experience Wärtsilä has and their experience in the cyber sector we hope to be able to offer a holistic threat picture for all of our customers – this includes bunkering.”
Photo credit: Wärtsilä
Published: 24 October, 2018
Garren Hay will be responsible for sales of the PANOLIN range of Environmentally Acceptable Lubricants for the Singapore sole distributor agent Gealubes Consulting & Trading Pte Ltd.
Universal Alliance, BMS United, Digiland International, Goodwood Associates, Southernpec (Singapore), and Taigu Energy were involved in alleged circular fictitious trades of fuel oil during July 2015.
Bunker orders of ISO 8217:2010 spec LS 380 cSt 0.5% for Nord Gemini, Nord Titan, Ocean Rosemary, and Luzern were placed through global commodities trading and logistics house Trafigura Pte Ltd.
While Covid-19 concerns are important, Captain Rahul Choudhuri was quick to note this does not mean bunker fuel related issues have indeed disappeared from the shipping sector.
‘Therefore, representing the players of the Malaysian bunker industry, we sincerely hope that this matter can be refined and reconsidered immediately so that all parties benefit together,’ says communication.
Maureen Poh, a Director of Helmsman LLC, offers plain practical tips on the differences between US and EU Sanctions and shares some thoughts on what companies could do if they are potentially exposed to sanctioned entities.