A RECENT report from HFW, a London law firm focusing on the maritime sector, in collaboration with the maritime cybersecurity company CyberOwl, highlights the vulnerability of the maritime industry to cybercriminals, reports Manila's Port Calls.

The report shows that cyberattacks in this industry now cost organisations an average of US$550,000, a threefold increase from the 2022 figure of $182,000.

Notably, ransom demands have seen a dramatic surge of over 350 per cent, with the average ransom payment reaching $3.2 million, up from $3.1 million in 2022.

The study also uncovers that a significant portion of shipping organisations underinvest in cybersecurity, with one-third allocating less than $100,000 annually.

The report's findings indicate that 42 per cent of industry professionals surveyed express uncertainty regarding their cyberattack insurance coverage.

This underscores the need for practical cybersecurity solutions, knowledge sharing, and industry-wide improvements to effectively combat the evolving cyber threats faced by the maritime sector.

Based on insights gathered from over 150 industry professionals, including C-suite leaders, cybersecurity experts, seafarers, shoreside managers and suppliers, the research brings substantial gaps in cyber risk management that persist across shipping organisations and the broader supply chain.

A particularly concerning revelation from the study is that 24 per cent of cyberattack victims were deceived into transferring funds to criminal organizations.

"Our findings show that while maritime cyber security has improved, the industry remains an easy target. Shipping organisations are being subject to more cyberattacks than ever before, and the cost of attacks and demand for ransom payments have skyrocketed. And as the use of technology continues to increase across all aspects of shipping, from ship networks to offshore installations and shoreside control centres, so does the potential for cybersecurity breaches," said HFW partner Tom Walters.

"Maritime operational technology and fleet operations management are now almost entirely digital, meaning that a cyberattack could compromise anything from vessel communication systems and navigation suites to the systems managing ballast water, cargo management, and engine monitoring and control."

"Failure of any of those systems could result in a vessel being stranded and potentially grounded, and we saw from the Ever Given the impact that can have on global supply chains. This is a critical issue for all parties involved in the shipping sector, and it's clear that the industry has to do more to protect itself against cyberattacks," said Mr Walters.