Last week, hackers linked to China were reportedly responsible for a cyber attack that resulted in private information about every federal employee to be stolen.
Now a Danish research company is claiming that there is compelling evidence that a similar attack on nation’s port system could be next. And if it happens, it could have a devastating effect on the supply chain.
Web-Based Warfare
Cyber attacks are becoming the new warfare. They can be conducted covertly, remotely and nearly anonymously and in recent years have targeted everything from consumer’s credit card information to national security secrets.
Last week’s attack on the US government’s Office of Personnel Management exposed the detailed personal information of millions of people with government security clearances.
This week, the consulting firm CyberKeel — which is based in Denmark — issued a new report called “Maritime Cyber-Risk” in which it claimed that ocean carrier cyber-security is “full of holes” and that the international sea and air cargo companies could be the next target of cybercriminals.
‘Domino Effect’
Lars Jensen, CyberKeel’s CEO, said it call comes down to money, cargo, and exclusive market intelligence. Criminals using the Internet to hack into the mainframes of the world’s biggest freight and cargo carriers could easily devastate the supply chain, which could have a domino effect on prices, product availability, and even international economies.
And worst of all, nobody’s doing anything about it, according to the report.
Exchanging information across multiple platforms is a necessity for international shippers. But it’s also what puts the entire global system at risk, according to Jensen.
For example, a single container being shipped from a port in Hong Kong to another in Long Beach usually will require data to be transferred between five to ten different entities, including the shipping line, the originating port, the destination port, the shipper, the consignee, customs authorities, the trucking company that will pick it up, and all data portal intermediary and banks.
While many of these entities may have a secure, updated backend system for handling this data, a single weak link is all cyber criminals need to hack into the entire system.
Money, Power and Secrecy
Some of the data being exchanged by this system involves large sums of money being transferred between parties within the supply chain — in multiple countries and time zones. In many instances, these parties act “asynchronous”, meaning they don’t have real-time conversations with one another. So if a cyber attack should occur, it may not be discovered until it’s already over.
The report explains that many of the players within the global shipping and cargo industry don’t understand how vulnerable it is to threats from the cyber sphere. And given how critical the industry is to the transference of products through the supply chain, any disruption could have a cascading effect.