For six days in the spring of 2021, the Suez Canal—a narrow waterway connecting the Red Sea and the Mediterranean Sea and an important trade route between locations such as China and Europe—was blocked by the container ship “Ever Given.”A single stricken cargo vessel caused tremendous congestion, with several hundred other container ships stuck as they waited to get through. This in turn had implications for international trade. The resulting delays led to a shortage of containers at ports, threw schedules into several months of disarray and held up shipments. This incident showed just how dependent we are on maritime bottlenecks like the Suez Canal. As a trading nation, Germany relies on imports and exports running smoothly. If a key trade route is blocked for more than a few days, this has a direct and disruptive impact on production and supply. According to the authorities, the “Ever Given” did not run aground because of a cyberattack, but it is not hard to imagine what could happen in the event of a successful attack on the digital navigation and communication systems on board one or more cargo ships.
Ships as potential targets
Ships increasingly require networking technology in general—whether for finding the best way to navigate routes, monitoring goods or allowing the crew to contact home. This makes maritime systems all the more vulnerable to cyberattacks. Basically, three different kinds of attacks are conceivable, as Dr. Jan Bauer, head of the Maritime Cyber Security research group at Fraunhofer FKIE, outlines, “Generic attacks are not aimed specifically at ships and are therefore the most common threat,” explains Bauer, highlighting the example of a USB stick infected with ransomware being connected to the on-board computer.