A computer virus dubbed “GoldenEye” spread across the globe earlier this week, causing havoc to businesses in more than 60 countries and dozens of ports. It has been estimated that the attack has cost businesses more than £6million and has caused concerns about the lack of preparedness of the maritime industry.
Police have reported the virus began infecting computer users visiting a local news site and those downloading an update to a popular tax accounting package, and spread from there, wiping data that was then impossible to recover, with global agencies struggling to find a way to stop its advance.
Danish shipping giant A.P. Moller-Maersk (MAERSKb.CO) saw its cargo booking system completely shut down, causing congestion at many of its 76 ports around the world.
Nick Brown, marine and offshore director at UK classification society Lloyd’s Register, told online publication Splash, “Across the marine industry there are still huge variations in levels of awareness, and preparedness for, the increasing role of cyber technologies.” He went on to warn that all systems on board and on shore are at risk.
Experts have been debating over the motivation behind the attack. Many are claiming that the end objective was not money, but an experiment to see just how far they could go, perhaps scoping out for future attacks. Similar attacks that have taken place usually end with hackers demanding a ransom to end the attack, but the bitcoin account associated with the attackers had only $10,000 deposited, suggesting this was not the case for GoldenEye.
The malware leveraged a code known as “Eternal Blue” that is believed to have been developed by the U.S. National Security Agency and stolen by hackers known as “Shadow Brokers” – an organisation some experts claim to have links to the Russian government.
According to insurance company Norwegian Hull Club, marine insurance policy wordings ordinarily include the “Institute Cyber Attack Exclusion Clause” or “Cl.380”, meaning many policies do not cover losses or damages caused by cyber attacks.
But the landscape may adapt in the wake of recent severe attacks; Norwegian Hull Club is now offering two unique cyber insurance policies; the "Cyber – Clause 380 buy-back" policy covers for any physical damage caused by cyber attacks, while the "Marine Cyber Threat and Extortion" policy covers the costs of extortion payments, crisis consultants and other services to prevent and deal with attacks such as GoldenEye.
With little understanding and protection across the industry, Be Cyber Aware At Sea warns, "Cyber security awareness and training are the first steps to a safer and a more secure future at sea."