One in five shipping companies faced a cyber attack in the last 12 months, however, ransom costs are plummeting, according to results from a survey contained in a new 57-page cyber security report published by Thetius, CyberOwl and HFW.
Key results from the shipowner survey show that 7% of survey participants admitted to paying a ransom following a cyber attack. In 2023, nearly 14% admitted to paying a ransom. The average cost of a ransom payment is now less than $100,000. In 2023 it was $3.2m.
93% of crew surveyed said they feel underprepared to navigate current cyber security challenges with 70%of crew respondents saying they felt that training could be improved with exercises and drills.
According to analysis by CyberOwl, of the 1,200+ vessel cyber security cases that they addressed during 2024, 60% of incidents are caused by malware spreading onto vessel systems. 77% of these malware cases were spread through USB and removable media, such as engineers’ laptops.
“With one in five shipping companies facing a cyberattack in the last 12 months, our landmark report could not be more relevant,” said Tom Walters, a partner at HFW. “The shipping industry is increasingly relying on technology for its operations, and with this comes greater exposure from external threat actors. It is vital that companies operating at every stage of the vessel lifecycle take action to protect themselves from the continuing threat.
“The lack of harmonisation across maritime cybersecurity regulations, guidelines, and standards is biting us now. Every year, we add more requirements, but they’re not aligned in the details, and it’s becoming a nightmare for the industry and creating an unsustainable model for the future,” commented Scott Dickerson, director of the Global Maritime Cybersecurity Consortium.
