According to a recent study from maritime cyber security firm CyberOwl, shipowners pay an average of $3.1 million in ransom hacks.
Despite this, the majority of shipowners continue to underinvest in cyber security management, with more than half spending less than $100,000 per year.
Significant gaps in cyber risk management exist throughout shipping organizations and the larger supply chain, according to the analysis.
The following are some of the report’s other main findings:
- Two-thirds of industry professionals don’t know whether their insurance covers cyberattacks
- More than 25 percent of seafarers don’t know what actions would be required of them during a cyber incident
- Within organizations, the more senior someone’s role, the less likely they are to be aware of a cyberattack
The research was conducted by marine innovation agency Thetius, and the report was developed in collaboration with the legal firm HFW.
“The findings in this report help shipping leaders benchmark their own organizations. This goes beyond anecdotes and hearsay to statistics, backed by data-driven evidence from the fleets that CyberOwl monitors,” said Daniel Ng, CEO of CyberOwl.
“Maritime cyber risk management is a continuous journey, prioritisation is key. Identifying where the real gaps are will help the shipping sector make smarter decisions, so it is no longer the weak link in the cyber resilience of global supply chains.”
Nick Chubb, Managing Director of Thetius, added: “Our industry has made great progress in recent years, both in terms of increasing awareness of cyber security and taking the action needed to close security gaps. But we have found that significant disconnects still exist between the industry’s expectations of cyber security and the realities on the ground.”
Intel 471 warned in November of last year that the cybercrime underground was overflowing with shipping firm credentials.