TheJakartaPost
Please Update your browser
Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.
The growing importance of maritime cybersecurity governance
Enhancing maritime domain awareness through targeted policies and capacity building against cyberattacks is critical amid the growing digital interconnectivity of maritime systems.
Change Size
Tankers and other vessels traverse the port of Singapore in the Strait of Malacca in this undated stock photo. The narrow 890-kilometer waterway between the Malay Peninsula and Sumatra, a major international shipping lane, remains vulnerable to transnational crimes, as evidenced by the high number of drug smuggling attempts that authorities have foiled in recent years. (Shutterstock/File)
W
ith the rapid developments in maritime industry digitalization in Indonesia and around the globe, it has become essential for all stakeholders to not only understand maritime cybersecurity risks but also make clear and effective policies on the issue.
Ships and other maritime infrastructure have become increasingly connected to online systems, thus the risk of cyberattacks is increasing. In fact, a cyberattack could have a significant impact on both offshore and onshore operations, causing cargo mishandling, ship collisions or grounding to endanger safety at sea.
Among the maritime cybersecurity incidents was the cyberattack in 2017 using NotPetya ransomware against Maersk, which downed the connection on “all end-user devices”, including 49,000 laptops and 4,000 servers for 10 days. Cyberattacks affecting shipboard systems also happened in 2019, when the United States Coast Guard reported an incident on an ultra large container ship off the port of New York.
Furthermore, a possible cyberattack on the Maritime Autonomous Surface Ship (MASS) program will heighten the overall risk of automatizing or digitalizing the maritime industry. If cyberattacks target vessels at highly congested choke points, such as the Strait of Malacca and Singapore, it could disrupt worldwide trade.
By definition, maritime cybersecurity can be generally perceived as cybersecurity in the maritime domain, which involves safeguarding the sector’s Critical Information Infrastructure (CII) and/or other unintended errors that may disable, disrupt and/or take control of information technology (IT) and operational technology (OT) infrastructure.
As the largest archipelagic country with a vast territorial waters and busy maritime routes, Indonesia obviously needs a future-proof, actionable policy to address cybersecurity threats, as well as to enhance its capacity in this area.
Thus, it should endeavor to address maritime cybersecurity in compliance with the 1982 United Nations Convention on the Law of the Sea (UNCLOS) that requires flag states and port states to ensure safety of navigation, which in the broad sense can include protection from maritime cyberattacks.
