Securing Third Parties in the Shipping Industry

Foreign malware continues to show ports and maritime transportation firms are vulnerable to attack.
Joshua Boline
Threat Analyst
April 18, 2019

New York. Los Angeles. Mumbai. Long Beach. Barcelona. San Diego. Each of these cities has one fact in common – their ports have all seen operations shudder to a near-halt in the past two years thanks to one type of cyberattack. Responsible for 90% of cargo moved in the world, maritime transportation is a key link in the global economy. The data held in a shipping company’s network is valuable to potential smugglers, thieves, or rogue state actors, resulting in the industry now facing more attacks in the form of ransomware. The June 2017 NotPetya attack cost Maersk A/S alone at least $300 million* in a matter of hours when its systems were knocked offline. Because of their role in the global economy, it’s imperative that the shipping industry do more to secure their critical systems.

How ransomware works – and its effects on the shipping industry

The most common forms of ransomware find an insecure entryway into a network and then jump from computer to computer, encrypting sensitive files and demanding payment in Bitcoin to regain access. Fewer than half of vendors who elect to pay the ransom receive access back from the hackers, and more recent malware doesn’t even contain mechanisms to revert control back to the original owner. Cargo tracking, navigation, physical security, and any other operations connected to a network can see their digital capabilities paralyzed. With maritime conduct reduced to manual processes, movement can be slowed to 10% of normal – in the 2018 San Diego attack**, some systems were still offline over a week after the initial infection.

In the U.S. alone, seaports support over 20 million jobs and drive a quarter of the economy. When cyberwarfare forces their operations as close to a standstill as possible, trucks are left standing idle, trains run empty, and businesses across the nation must wait far longer for their deliveries. Delays and unfilled orders can skyrocket into the hundreds of millions in cost.

Strengthen cyber defenses by strengthening third-party controls

In the maritime industry, where reputation can matter as much as – if not more than – cash flow, identifying the true extent of cyber risk is critical to managing risk stemming from operational involvement with ports and shipping. As a result, ports are making efforts to strengthen their cyber defense capabilities, but they are lagging. Surprisingly, the first dedicated information security center at an American port opened less than five years ago. With systems that can be infiltrated and overtaken in a matter of minutes, any third-party with potential ties to a network breach needs up-to-date information on the realities behind relevant vulnerabilities.

Given the confidential nature of such data, knowledge is best obtained collaboratively with such vendors through partnerships. A strong case can be made to look at third-party risk two-dimensionally:

  • Through the collection of deep internal controls-based assessments that measure your third-party’s adherence to relevant regulatory requirements or industry control frameworks. This will then reveal areas where they – and therefore you – might be exposed to cyber risks such as ransomware.
  • Through continuous monitoring of cyber risks (such as ransomware attacks) of key third-party partners, augmented by a view into the business-level risks (i.e. financial, regulatory, operational, etc.) that might predict risk events in the future. In fact, combining these two dimensions of risk adds additional value for organizations of all types. Integration of deep internal controls assessments and continuous monitoring yields a better, more complete score with greater context that can inform risk-based decisions on remediation.

Prevalent helps companies to manage third-party risk. It is the industry’s only unified platform that integrates a powerful combination of automated risk-tiered assessments, continuous monitoring, and evidence sharing for collaboration between companies and their vendors. Prevalent’s actionable intelligence provides the most comprehensive view of vendor risk, creating maximum efficiency for all Third-Party Risk Management programs.

For more on how Prevalent can help provide visibility, efficiency, scale for your third-party risk management program, contact us today.




Joshua Boline
Threat Analyst
  • Ready for a demo?
  • Schedule a free personalized solution demonstration to see if Prevalent is a fit for you.
  • Request a Demo