A technology and intellectual property lawyer, Carolina, speaking at the 8th London Chemical & Tanker Conference, said the risks to shipping include potential for loss of ship, loss of cargo, loss of crew, third party property damage, third party loss of life and a hazard to third party navigation.
Carolina’s precedents for cyber-attacks were many. He quoted the recent case of hackers stealing information from bills of lading; and the Aurora generator test, where technicians at an Idaho laboratory were able to remotely hack a 2.25 mw diesel generator - “It’s fascinating to watch a many-tonne generator vibrate itself to death”.
“The test for being tagged for liability in a negligence claim case is doing what is ‘reasonable’ [to prevent an incident]. Throughout the history of reasonableness, the main thing people have done around is to ask ‘what do other experienced operators do? What is industry best practice? Must be reasonable.’”
But from a legal standpoint, companies would not be able to take refuge merely in matching preventative measures of their peers.
“Common practice is not the same as reasonable practice,” said Carolina, quoting Judge Learned Hand in the landmark T.J. Hooper maritime case of 1932. “If the cost [of prevention] is less than the benefit to be achieved, then the failure to adopt that is ‘unreasonable’, and therefore negligent. In other words, best practice is not necessarily reasonable practice.
“When you’re talking about cyber security, where the cost of [prevention] solutions drops at an exponential rate, then the shift into behaving negligently can happen very quickly – in a matter of a couple of years, or a couple of quarters,” Carolina stated.
Copyright © 2024. All rights reserved. Seatrade, a trading name of Informa Markets (UK) Limited. Add Seatrade Maritime News to your Google News feed.
