IMO Cyberattack Has Serious Implications
For the past day and a half, visitors to the official International Maritime Organization website, www.IMO.org, have been greeted with the message “This website is under maintenance.” But the maintenance is not routine, it’s the result of a cyber attack and comes at a time when the IMO is under intense scrutiny, is working to bring attention to the global crew crisis, and is asking member nations to enforce “IMO 2021“, a resolution requiring ship owners to invest in cybersecurity measures.
The attack also comes just days after Shipping Giant CMA CGM was hit by a ransomware cyberattack.
“What could have motivated these attacks?” asks Dr Will Perez, Director of Cybersecurity Solutions at Moran Cyber. “Was it a random occurrence or a targeted message to the international maritime industry?”
gCaptain first noticed the trouble early yesterday morning while following up on our recent article about the organization, which is a branch of the United Nations, questioning the reports of journalists. A few hours later the IMO tweeted this message:
Today the IMO tweeted a new statement admitting it was hacked. “The interruption of service was caused by a cyberattack against our IT systems,” says the tweet. “IMO is working with
United Nations IT and security experts to restore systems as soon as possible, identify the source of the attack, and further enhance security systems to prevent a recurrence.”
An IMO spokesperson then told Reuters that internal and external emails continued to work normally and that the organization was working to restore access to public documents.
We don’t know and there is currently no hard evidence connecting this attack to recent criticism of the IMO‘s response to the MV/ Wakaship bunker spill.
We don’t know that the source of the attack but we do know it happened just weeks after over 100,000 protesters took to the streets in Mauritius to protest the mishandling of MV Wakashio salvage and oil recovery efforts.
While the IMO has released a statement claiming their involvement in the spill was limited, the fact remains that they are the lead UN agency in Mauritius and, in numerous videos, the IMO expert they sent to represent the organization claimed responsibilities and provided damaging advice beyond the scope of the IMO’s charter and in the wake of these massive protests, rather than correcting his errors, the organization issued a new statement saying they “fully back” his work. (NB: we can’t link to the statement due to the website errors).
The situation in Mauritius has deteriorated to such an extent that the Pope himself has called for more help.
Journalists too have cried numerous times for help (literally cried in the case of this author). “When the Pope has to intervene in your industry, you know you’re in trouble.” wrote Forbes contributor and BBC veteran Nishan Degnarain. “How many more signals does the IMO need to see to believe that global shipping is an industry in meltdown?” he continued in a follow-up article this week.
RELATED ARTICLE: IMO FAIL – Forbes Drills Deep Into The Wakashio Salvage Efforts
“It is unacceptable for a poor third-world government only to receive tens of millions of dollars in compensation for a clean-up that will cost hundreds of millions of dollars to undertake,” argued David Osler of Lloyds List. “Even if that is legally right, it is morally wrong.”
“The IMO has fossilized; it needs something to wake it up.” said Andrew Craig-Bennett in Splash24/7 last week. “A change of scenery (To Singapore) might do that.”
Further embarrassing the subject the IMO was preparing to new cybersecurity guidelines that require shipping to beef up digital security measures by the end of this year.
In a series of resolutions, the industry has nicknamed “IMO2021” requires that by December 31st ship owns must develop comprehensive cyber risk management programs based around five major areas of concern: identifying risk, detecting risk, protecting assets, responding to risk and recovering from attacks.
gCaptain
