Seatrade Maritime is part of the Informa Markets Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cyberattack or coincidence?

Photo: Unsplash Cyber hacker in mask
With one vessel hijacked and up to six others reporting a loss of steering control in the Gulf of Oman this week, many questions are being raised about the cybersecurity onboard ships.

Although it is too early to say for sure that this was a coordinated cyber-attack. The chances of it happening on multiple vessels, in the same region, simultaneously and whilst the MV Asphalt Princess was being hijacked at the same time, coincidence seems extremely unlikely.

Ships do suffer from loss of steering due to mechanical or electrical issues from time to time, but for it to happen on multiple vessels at the same time would be statistically almost impossible.

In the event of a loss of steering or propulsion on a vessel, the normal practice in the best-case scenario would be to stop the engine and drift until the issue has been resolved. This is always going to come with inherent risks, depending on where the vessel is sailing.

In deep sea regions, the risks would be minimal. However, in the crowded waters of the Straits of Hormuz, it is an entirely different story. Almost 20% of the worlds maritime oil supplies passes through this confined region annually.

Most of the vessels transiting these waters are carrying oil and other liquid cargoes. Tankers are slow, challenging to manoeuvre and very hard to stop. Although ships crews are trained to deal with these scenarios, as the Master of a vessel suffering from a loss of control of any kind, this is a nerve-wracking experience, even at the best of times.

There is the very real possibility of colliding with another vessel, the risk of running aground or straying into restricted waters, and the potential for a major environmental disaster to unfold onboard your vessel.

The immediate steps onboard the vessel would be to stop the ship as soon as possible, broadcast that you are “not under control” to other vessels in the vicinity and do everything possible to secure the ship.

Broadcasting the fact that the vessel is stopped and not under control is a double edge sword. On the one hand, it is vital that other ships in the vicinity know that there is a problem but at the same time, you are also letting any potential hijackers know you are an easy target.

Whilst the Engineers will be working to resolve the problem, the Master will be alerting the Vessel Owners crisis response team for help and assistance. They, in turn will be alerting the P&I Club (insurers), cargo owners and liaising with the local and international authorities.

IMO legislation surrounding onboard cybersecurity is already in place, but shipping has been slow to respond. This latest incident should serve as a stark wake up call to the maritime industry that cybersecurity is not just something that they should be concerned about onshore. Vessels need to be secured from cyberattacks.