Alexey Grechany, Project Manager, Sea Data Lab, on specific threats poised by cyber attacks for the shipping industry
At the moment, all major and medium-sized players in logistics depend on information systems for accepting, storing, generating and transferring various data. Nowadays there is no need to carry a large number of papers to your contracting party and hand them over physically, as all documents are transferred electronically saving companies time loss and delivery costs. IT systems have become an integral part of practically all business processes, so that an end user takes them for granted and seldom notices them.
Specialists in cybersecurity say that the system is as reliable as its weakest component. And companies developing and producing security software make it their task to timely discover such weak spots and amend them.
Speaking of liner shipping, the main processes related to processing dataflow and supporting business are aimed at generating, accepting, processing, coordinating, confirming and transferring documents both inside the company and to third parties. At present, most of these processes are performed electronically and require IT support, so it is the IT infrastructure is the basis of their functioning.
Besides, major liner operators have a wide geographic scope of presence with a lot of branch offices all over the world, and has a large number of users of its IT infrastructure. This means that in case the key elements of the system are down, the consequences for the business may be catastrophic.
In addition to the large number of documents circulating inside the company, there is also a vast amount of document traffic with third parties, container terminals, customs bodies, etc. Part of this document flow has a narrow entry gate. E.g., vessels entering ports carry thousands of containers, which are accompanied by the corresponding number of documents. And the terminal receives all this data in one iteration within a very short period of time before unloading, so, this joint is quite sensitive to interruption in data transfer.
As of the terminals, her the situation is the same, the difference is that a terminal as a large center of data acceptance, processing, generation and transfer, works with different shipping lines, customs bodies and other parties, which transfer large amounts of information and to whom the terminal also sends large data flows in EDI format.
There are other requirements of the market participants, one of them being delivery in time. Some cargo types, such as vegetables, fruit, meat, fish and seafood are more sensitive to delays, and have strict restrictions as to delivery time. Often, such cargo is also temperature-sensitive. And information on the temperature regime when the container is stored at a terminal is transferred electronically. Component parts used in manufacturing are also quite sensitive to delivery time.
In case the customs has not received electronic information on the cargo in advance, there will be delays with customs formalities and issuing the cargo to the consignee.
Summing it up, if for some reason data exchange in this complicated information chain with multiple parties involved is interrupted for more than a day (sometimes, just for several hours), this can have a very negative impact on the business. And it does not matter whether it was the terminal, or the shipping line, or the customs that discontinues data communication.
That is the reason why it is so important for all those active in the shipping market, and especially or large companies, to develop their own IT systems up to high availability standards, which have solutions aimed at avoiding service interruptions by managing breakdowns and cutting scheduled downtime.
SeaData’s experience in restoring transport and logistics companies’ IT systems, which became target of cyber attacks, shows that the following steps can help minimize the impact of such attacks, maintain the continuity of business processes and accelerate getting operations back to normal:
- Making back-up copies of all the key elements of all the infrastructure and storing these copies in a reliable way. We recommend using reserve copy solutions that are not visible directly from the local network, and which are operated via special gateway software, such as belt storage systems or cloud services;
- Developing and testing system recovery scenarios;
- Having specialists who can in a short time diagnose the current state of the IT infrastructure and restore its functions in a short period of time;
- Maintaining efficient communication between all the parties involved, including different departments of the company and its customers/partners;
- Being prepared to develop and use non-standardized individual solutions.
When Maersk was target of cyber attack in July 2017, SeaData was part of the international team working to restore the IT system of Maersk Russia. The coordinated efforts of the line employees and our specialists made it possible to restore the key IT applications of the company so that no vessel call to Russian ports was delayed.