How to mitigate growing Maritime Cyber Risks

The global maritime industry is embracing the fast-evolving digital age, from GPS, ECDIS, AIS, ENC, ERS and e-B/L to full smart shipping. Soon, we will see fully remote and autonomously controlled smart ships navigating the oceans. As the world becomes increasingly more digital, the associated risks involved are growing exponentially, which at the same time also means higher expectations of the insurance industry.

The main cyber risk trends we have seen in recent years include an increase in both frequency and severity of ransomware attacks, more sophisticated business emails making compromising attacks in the ‘deep fake’ era, targeted ‘zero day’ attacks on larger companies and on critical infrastructure, supply chains and M&A, and an uptick in the number of state-backed attacks reflecting persistent geopolitical tensions.

Specific to the shipping industry, cyber attackers can target any part of a marine operation – from vessel navigation systems, onboard computers and communications to shoreside infrastructure such as cargo management information systems and port terminals. Hackers can take advantage of vulnerabilities in the network or system to access the servers and control, manipulate or encrypt system and sensitive data, which may cause property damage to vessels and ports, financial loss due to business interruption, harm to the environment, and even personal injury or death. Moreover, cyber security is increasingly being seen as an ESG risk as well.

According to statistics, 31% of all maritime organisations suffered a cyber 'incident' between 2019-2020. Some of the most common cyber-attacks include malware, ransomware, phishing and social engineering attacks. The majority of cyber-attack incidents involve ransomware, with criminals threatening victims and forcing them to pay more through double or even triple extortion. Hackers may also destroy backup data to make system recovery more difficult.

Picture1_cost of data breach

Source: The Cost of a Data Breach Report, IBM Security® / Ponemon Institute 2022

Maritime organisations must take proactive measures to protect their global operations and supply chains from the threat of cyber-attacks. Cyber insurance is one such measure that can be used to help mitigate the risks associated with global marine operations. It provides emergency response service and financial protection against the costs of recovering from an attack, such as emergency response management, IT forensics, business interruption during system downtime, restoration costs, legal fees, third-party liability indemnification, reputational damage, and more. Cyber insurance also helps protect organisations from potential regulatory fines and can assist with customer notification in the event of a breach.

The new cyber risk trends are also impacting cyber insurance pricing, and a sharp increase in premium rates has been seen since Q1 2021. However, the pace of increase has been slowing since Q3 2022.

Picture2_Lockton Market Update 2022

Source: Lockton Market Update, September 2022

By taking proactive cyber security measures and investing in appropriate cyber insurance solutions, global marine operations will be better equipped to mitigate risks and protect against costly disruptions caused by malicious actors.

To learn more about cyber security and insurance solutions available to global maritime organisations, contact our Lockton Global Marine team.

Ida Gong, Senior Vice President, Marine, Specialty & Reinsurance, Greater China | +852 2250 2843 | (opens a new window)

Ida Gong represented Lockton, the only international insurance broker to speak at the 2nd World Maritime Merchants Forum themed “Together for a brighter future”, 15-16 November 2022 in Hong Kong.