Maritime security reality check
This article written by Gray Page, first appeared on Splash 24/7 on March 9th 2017.
If the first concerns that spring to mind at the mention of ‘maritime security risks’ are cyber-attacks and terrorism you can probably count yourself well-briefed.
‘Well-briefed’ in the sense that you have been paying attention to internet chatter and conference discussions.
One recent article claimed that the risk posed to shipping by cyber threats could not be ‘overstated’.
Terrorism, meanwhile, has such resonance that it is hard to resist the impression that it should be at the top of every security agenda.
However, for the purposes of improving the security of ships and better protecting seafarers we should try and get things back into perspective.
The threats facing crews, ships and cargoes are more prosaic and significantly more pressing.
Cyber-threats cast a disproportionally long shadow over the maritime security debate. Partly because very few of us have a comprehensive understanding of the risks and partly because IT has such an influence on our daily lives the threat of any disruption and abuse of it fills us with dread.
However, the truth is that most computers and IT systems are getting attacked daily but the security counter-measures the tech industry has developed and continues to develop, are proving pretty good at preventing penetration.
IHS Fairplay in association with BIMCO published a survey last year about cyber-attacks on shipping. Of the ‘attacks’ reported by the more than 300 respondents only 4 % had some impact on the functionality of shipborne systems.
Only 21% of the respondents said their computer systems had been violated. Most of those attacks had involved malware or phishing, meaning that some at least were probably user error, as in the inadvertent downloading of a ‘virus’ from the internet.
We are not living in a world where computer hackers are hijacking ships or stealing bulk cargoes. Old school criminal methods still work effectively. The vast majority of bulk cargo thefts are from storage facilities on land. Those crimes are committed without the need to hack a single computer.
Maritime terrorism is difficult to define but if it is seen as violence against a ship for political or ideological ends then it is hard to find more than five verifiable terrorist attacks against merchant ships since 2001.
They were the 2002 attack on the tanker LIMBURG off Yemen, which left one person dead.
The 2004 attack off the Philippines on the SUPERFERRY 14, which killed 116 people, making it the deadliest terrorist attack at sea to date.
The other three were the 2005 attack on the passenger vessel DON RAMON, also in Filipino waters. The 2010 attack on the tanker M STAR in the Straits of Hormuz, and lastly, in 2013, the RPG attack against the COSCO ASIA as it transited the Suez Canal.
The terrorist threat to shipping, so far as is suggested by experience, is actually very small.
Piracy and violence
This is not to argue that terrorism and cyber-crime are not issues for shipping. On the contrary, in many respects the shipping industry is clearly vulnerable to attack.
However, the threats that many seafarers have to live with every day come in the forms of piracy, robbery and kidnapping. And there are two fundamental reasons why we should be focusing hard on better protecting seafarers against those threats instead.
Firstly, shipping is not an industry that needs be helpless in the face of criminal activity. We can do something about the vulnerability of ships and crews to criminal threats. Ships can be made more secure and seafarers can be made safer – which is a good thing.
If there is a challenge in that, it is to accept responsibility for doing so and act on it.
Secondly, there is a lesson to be taken from the cyber-security experts. As long as computers have been linked by networks, and criminals have been trying to disrupt and corrupt those networks, there have been security specialists working hard to counter them.
In shipping, we have tended to respond meaningfully to security threats only when they become acutely troublesome, on the scale of Somali piracy for example. But this puts shipping behind the security curve.
There is no bad time to re-set our approach to the security of ships and seafarers. And, in any event, the knowledge, technology and experience we accumulate in tackling the security risks we face today can only prepare us positively for what could be greater threats in the future.
This paper is intended as a general summary of issues in the stated field. It is not a substitute for authoritative advice on a specific matter. It is provided for information only and free of charge. Every reasonable effort has been made to make it accurate and up to date but no responsibility for its accuracy or correctness, or for any consequences of reliance on it, is assumed by Gray Page.