Companies across the UK are benefiting from a funding boost aimed at supercharging the development of clean maritime solutions. This will provide a supportive but competitive environment at a time when innovations are emerging and new challenges arising. However, for solutions to have longevity they need to be not simply effective, but also resilient. With state-of-the-art technology playing a critical role in many of these solutions, the potential for them to fall victim to cyber-attacks increases. Cyber security, therefore, needs to be factored in from the get-go – but it is something that has historically been overlooked in the early stages of technological development.
Combining efficiency and security is the only way to make sure that clean technologies are viable in both the short- and long-term. This includes enhancing security around the data that the technology uses and produces, and mitigating against the possibility of cyber-physical effects, such as denial-of-service, which could essentially stop clean maritime solutions from working. For example, efficient ship routing relies on sensor arrays and software decision making. If aspects of those are subjected to a cyber-related incident a voyage could be less energy efficient. With more technology built into the solutions the 'threat surface' also increases. To try to counter this, our approach, as researchers working to address maritime cyber threats, would be to look at the most effective ways to secure individual devices, the larger network of devices, and the software and communications within – and between – them.
There are a number of ways through which individuals and industries in the digital age are impacted directly and indirectly by the global flow of goods brought into ports by shipping. We rely on the maritime sector as a means to transport our food, fuel and other materials right across the globe. However, because of demands on this industry, maritime carbon emissions are high despite societal pressure to lower this. There are new clean maritime solutions, both existing and emerging, but the issue is often addressed with increased technology, which can introduce cyber-vulnerabilities. For example, introducing sensors to monitor fuel use increases the amount of technology in the maritime environment. Maritime transportation also handles cargo that can pose its own threats to the marine environment, and so a cyber-physical incident can be harmful. There are technical solutions for these issues, however if they are unsafe, they may not be adopted due to the risk of physical damage. Cyber protection is essential, therefore, in providing safeguards for all aspects of the maritime sector and the space where it operates.
Shipping has played a fundamental role in the UK economy for centuries. However, in recent years the growth in autonomous vessels and offshore renewable energy (ORE) structures has brought new businesses of all shapes and sizes into the market. Many businesses concerned with the electrification of boats, ORE and autonomy are new small and medium-sized enterprises (SME) with limited resources to carry out cyber-security research. This is especially true for clean maritime solutions but academic research can fill this gap, enabling emerging UK businesses.
As 60% of today’s SMEs go out of business after a cyber-attack, better cyber security on marine assets will protect SMEs in their early stages. It could also create an economic landscape that encourages more companies to follow in their wake. Large companies might be less likely to go out of businesses, but the negative effects are still severe. Maersk shipping, as an example, lost $300 billion following a cyber incident in 2017.
Ransomware is also on the rise, and we are increasingly seeing cases of that affecting critical national infrastructure, including ports, rail, oil pipelines, hospitals and more. Better maritime cyber security could have prevented some of these incidents, but raising awareness should also be a priority. Perhaps more critically, safely dealing with such threats could have led to the cyber-safe culture shifts we will need in the future. That is, after all, the kind of seismic change we will need if we are to not just protect both clean maritime solutions, but also the companies creating and using them.