BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Could Oil Ship Wakashio Been Hacked Before Mauritius Spill?

This article is more than 3 years old.

Cyber-attacks against global shipping have spiked 400% since Covid-19 lockdowns. And this was before the two high profile hacking victims in the last month alone – the world’s fourth largest shipping company, French giant CMA-CGM, and the UN’s own global shipping regulator, the IMO.

Now questions are being asked whether Mitsui OSK Lines (MOL)-chartered Wakashio, could have been a dry run for cyber hackers this summer that led to its grounding and subsequent oil spill in Mauritius.

It turns out that one of the ship’s system that investigators have already revealed an anomaly with, the ship’s navigation system (called ECDIS, or Electronic Chart Display and Information System), had already been flagged by cyber security experts as one of the most vulnerable systems on large, ocean-bound ships like the Wakashio

Layers of protection at MOL

The ECDIS system, which the ship relies on for its navigation, could have been exposed it to digital criminals, as five leading cyber security experts explain in interviews for this article.  This could also explain some of the discrepancies in the accounts from various authorities so far.

The reason cyber-criminal activities should be included as part of the investigation into the Wakashio incident is because when one looks at the layers of safety that MOL has in place for its fleets (including the vessels  it charters), several major, multi-million dollar layers of ship safety protection would have had to fail to explain how the Wakashio ended up on Mauritius’ reefs in July this year. 

In particular:

  • MOL’s Safety Operation Supporting Center or SOSC (essentially a ‘Mission Control’) for real time tracking of MOL-operated vessels with alerts of any ships in difficulty.
  • MOL’s Marine Technical Group that agrees on course changes (including avoiding bad weather).
  • MOL’s Inspection Team that highlights vulnerabilities with vessels (even for MOL-chartered vessels, in addition to vessels it owns).

It is important to first understand these safety layers, and then hear from experienced ship investigators and shipping cyber security experts where the cyber-risks and vulnerabilities on the Wakashio could be, based on their observations so far.

Unexplained events surrounding the Wakashio

As more facts are revealed about the Wakashio, the less the initial explanations add up.

To recap, the Wakashio was a megaship, in the top 1% of ships ever built, larger than the Titanic and too large to even pass through the Suez and Panama Canals. It was a massive 300 meter long, 200,000 ton Japanese iron ore bulk carrier that crashed into Mauritius’ coral reefs and spilled oil onto the beaches and coastline of the Indian Ocean island state, killing over 50 whales and dolphins, directly contaminating 125 square kilometers of coral lagoon, washing up along 36 kilometers of coastline, and poisoning fish along this entire region.

How could one of the largest ships in the ocean have been off course for four days , without anyone being aware – no-one on board, at the Head Office of either the Owner or the Charterer, or the Mauritian Coastguard (headed by an Indian military officer). The ship crashed into Mauritius’ Coral Reefs at a cruising speed. Even more troubling, the $14 billion charterer of the ship, Japanese giant Mitsui OSK Lines (MOL) was not made aware of this event for four and a half hours, according to statement from their spokesperson, made to Forbes on September 27. Even then, a third party - the shipowner - had to inform MOL.

A MOL-chartered vessel being off course and crashing into Mauritius’ coral reefs should have had red lights and alarms going off at MOL Mission Control (called Safety Operation Supporting Center or SOSC) in Tokyo.  This was the first layer of safety that would have had to have failed.

MOL was unaware for four and a half hours

On September 27, Mitsui OSK Lines was asked by journalists, when they were first made aware that the Wakashio was in difficulty. A spokesperson replied, “We were informed by the Owners around midnight local time on the 25th of July.”

Satellite analysis reveals that the Wakashio beached onto Mauritius’ coral reefs at 7.25pm on July 25. This means that the Wakashio had been sitting on Mauritius’ coral reefs for 4.5 hours before the vessel charterer – one of the biggest shipping company in the world – was even aware. Indeed, it was not even their safety center but the vessel’s owner that had to inform MOL that one of its vessels had been grounded for four and a half hours, and a potential oil spill hazard to another country.

Even the most basic subscription to a service like $4 billion a year service provider, IHS Markit, using Orbcomm or Exactearth’s AIS-tracking satellites could get real-time positions of vessels with just a 15-second delay. To be unaware for four and a half hours that one of the world’s biggest ships chartered by your company has ground to a halt in the coral lagoon of another country is truly shocking, especially for a company that prides itself for being on the forefront of the technological edge with their ‘FOCUS’ technology program upon which their entire fleet depends on for ship safety.  

Being unaware that a massive ship has gone off line for 4.5 hours is even more serious in a region like the Indian Ocean that has been known for piracy risks (not just in Somalia but close to the Mozambique channel too), and for which there are clear international laws (the IMO’s  ISPS Code that came into force in2004).

The vessel owner, Nagashiki Shipping has not responded to questions from the media since August 30.

This leaves the world’s second-biggest shipping company, Mitsui OSK Lines, with a lot of explaining do, including addressing questions about what changes MOL has put in place after the Wakashio for how it is handling risk among its 815 other large, ocean-going vessels around the world (ranging from oil tanker, container ships, cargo ships and bulk carriers), that could also pose a similar grounding and oil spill threat to countries around the world, given its global network of ships that it both owns and charters.

Failsafe 1: MOL’s Ship Safety Operations Command Center (SOSC)?

All major ship companies normally have some form of ‘central mission control.’ This keeps track of all ships everywhere in the world – regardless of whether vessels are owned or chartered by the parent company. MOL is no exception.  Although its mission control appears to be a lot smaller than most other companies relative to the size of MOL’s fleet. By a long way.

MOL’s ‘Mission Control’ safety system is called the Safety Operation Supporting Center or SOSC. In MOL’s description of the system on their website that the MOL spokesperson pointed media to, MOL highlights how they established the SOSC in 2007 (the year the Wakashio was built), and that through the SOSC MOL would “develop measures that will help us forge ahead to become the world leader in safe operation.”

In response to further clarifying questions by Forbes about the scope of SOSC a spokesperson for MOL said on September 22, “The SOSC is a monitoring center where our whole fleet including chartered vessels are monitored.” 

Describing situations of difficulty such as bad weather or piracy, they went on to explain, “The purpose [of SOSC] is to support the Captain in such situations, so the Captain doesn’t have to make a decision in an isolated situation.”

This implies that the Captain of a vessel should never be alone in any such situation, such as being off course heading to Mauritius, or in the initial hours when the Wakashio was grounded and swift intervention could have avoided the massive oil spill caused by delays to the salvage operation that the vessel insurer, Japan P&I Club, was responsible for.

Failsafe 2: MOL’s Marine Technical Group?

Changing the course of a vessel as large as the Wakashio, should not be the decision of one person, given the carefully planned routing of the ship.

In 2018 alone MOL vessels recorded 46,685 events that required a change in course due to adverse weather conditions. That is an average of 127 course changes a day among MOL’s fleet of over 800 vessels, according to the SOSC factsheet.

Such course changes must be jointly approved by MOL’s Marine Technical Group and those responsible for the operation of the vessel, who would contact the vessel to confirm course changes.

Satellite analysis revealed that the Wakashio had been off course from the moment it entered the Indian Ocean on July 16, as shown in an article in Forbes on October 19. It was indeed the 13 degree course correction on July 21, that put the Wakashio on its deadly heading straight for Mauritius, four days ahead of running aground.

In a surprising announcement two and a half weeks later on August 12, it was the shipping authorities responsible for inspecting and vouching for the safety of the Wakakshio, the Panama Maritime Authority, that reported that the Wakashio had encountered adverse weather conditions and the captain was struggling with navigation, which had led to the grounding.  This was despite an article appearing in Forbes three days earlier on August  9, that had shown calm weather conditions in the region. Why would Panama issue such a detailed and factually incorrect statement?

The statement from the Panama Maritime Authorities on August 12 read. “On 14 July 2020, the bulk carrier sailed from Singapore (Offshore Terminal) to Tubarao, Brazil. Everything went smoothly until July 25, when the ship faced adverse weather conditions near the coast of Mauritius. It was then, necessary to perform various maneuvers to change course due to the state of the sea. 

All maneuvers were supervised by the captain and first officer of the ship who were aware of the situation and weather conditions; At 19:25hrs of the same day, while on the bridge, the captain, the first officer and the chief engineer noticed that the ship stopped moving and that it was stranded, in a latitude position: 20°26.6S and longitude: 057°44.6E, notifying the parties concerned (flag of the ship, ship operators and local authorities).”

This now reveals three discrepancies from the Panama Maritime Authorities:

  • The time that each party was informed (including the ship operators)
  • Weather conditions on the day of the grounding on July 25
  • The fact the vessel performed ‘various maneuvers’

This is in addition to the three other discrepancies that the Panama Maritime Authorities have made in the case so far:

Why would the Panama Maritime Authority be issuing factually incorrect statements, and will the cause of these factual discrepancies show up in the IMO Audit Reports that are performed on each Flag State? The Panama Maritime Authority has not responded to a request for comments.

Failsafe 3: MOL’s Ship Inspection team?

So in order for the Wakashio to have ended up on Mauritius’ reefs, in addition to evading tracking by MOL’s Mission Control and violating MOL’s Marine Technical Group for route changes, the Wakashio would have had to have failed both Panama’s inspections (outsourced to multimillion dollar ship inspection service, Class NK), as well as MOL’s own inspectors.

According to statements on MOL’s website, Mitsui OSK Lines conducts regular ship inspections with a checklist of 500 items, including the vessel’s operational and maintenance status. The statement goes on to describe the rigor involved.  “MOL conducts periodic ship inspections, based on our unique safety standards, targeting all MOL Group-operated vessels, regardless of whether they are owned or chartered. These inspections verify that the vessels are properly maintained and can operate safely.

With chartered vessels, we communicate closely with the shipowners and assigned ship management companies, to make sure they have a full understanding of the safety standards we require. We also cooperate with them to pursue safety measures while building mutually trusting relationships.”

So it appears that MOL would have picked up any safety or security issues with the vessels it charters and operates, including course deviations, safety flaws and vessels encountering difficulties. Those early moments as soon as the Wakashio was grounded proved critical in the end to preventing the vessel from splitting in two and spilling its oily cargo across the coast of Mauritius.

If we believe there was no breakdown in MOL’s failsafe systems, let’s now turn to what the cyber risks the Wakashio could have been vulnerable to. 

It is important to understand the context of how there has been a spike of cyber attacks against global shipping in the past year.

A spike in cyber attacks against shipping

While this has all the ingredients of a James Bond thriller, 2020 is the year where fact is even stranger than fiction. Cyberattacks are now a top-five issue in global shipping (up there with Covid-19 bottlenecks, the stranded crew crisis and global shipping sustainability issues). Specialist cyber security firm, Pen Test Partners, has already found 44 cyber security vulnerabilities on board large ocean vessels, including serious cyber risks on how to sink bulk carriers.

Indeed, new international cyber security laws were due to come in force in January 2021 (in two months time). In an ironic twist of fate, the shipping regulator who were mandating these laws – the United Nation’s shipping agency, the IMO - was hacked themselves at the start of the month

Here are a few of the high profile cyber-hacking cases in global shipping that captured headlines recently:

With these risks, it is important to assess whether the Wakashio was vulnerable to cyber attacks.

To do so, Forbes spoke with several cybersecurity experts in the shipping industry.  They identify the risks and vulnerabilities of the Wakashio and what the devastating outcomes could be. They also identify the solutions that should have been put in place by ship owners and operators around the world. 

What were the Wakashio’s cyber security vulnerabilities?

Captain John Konrad of gCaptain, who is authorized to captain vessels the size of Wakashio and who runs leading maritime news site gCaptain, believes Wakashio’s biggest hacking risk lay with the Navigational Computer (ECDIS).  He highlights that the system was not only vulnerable to hacking, but raises important questions why appropriate cybersecurity measures had not been put in place.

“There are three explanations for what could have occurred:

1. Systems failure. In modern ships, there should never be a single point of failure. A modern ship is designed around a system, where the Captain is supported with land and sea-based support, augmented with technology that controls navigation, propulsion, steering, cargo loading, ballast and communications. A lot of things would have had to have gone wrong to have beached a large, 13-year old vessel in calm weather. This raises the question why there is still no air traffic control system for ships in the year 2020?

2. Software glitch. A software failure could have accidentally misreported the direction and bearing of the vessel. No malicious action but poor software or hardware. However, this is highly unlikely. GPS is a robust, simple, and well tested positioning system. Gyro-compass systems have been operational for years and ships carry magnetic compasses and sextants so they can navigate manually in the event of a failure. 

3. Intentional intervention. Hacking is entirely possible. The question is, where are the greatest vulnerabilities.  I see three main possibilities for how the Wakashio could have been hacked.

  • GPS hacking. Most GPS hacking requires that the hacker be near the antenna of the ship, which is very hard to do in the middle of the ocean.
  • Hacking before departure. A hacking device could have been installed before the ship departed Singapore but that is unlikely, especially with Covid-19 restrictions.
  • Navigational computer. Slightly more feasible is the possibility that the navigational computer was hacked.

Many of these systems run old versions of Windows or other compromised software. It would be fairly straightforward for a smart and determined hacker to cause a vessel to go off course.

Again, this is a problem that startups like Moran Cyber have solutions for.

Shipowners are mandated by the IMO to boost cybersecurity measures in 2021 but few have so far. Many who were planning early upgrades delayed their plans due to COVID-19.  And the companies are not required to install the latest and most innovative security platforms being developed by companies like Moran Cyber.”

This raises the questions whether the Wakashio and other MOL-operated vessels (owned and chartered) had sufficiently and robustly complied with the IMO 2021 standards with just months to go to the deadline. A full audit would be needed by the investigators of the cyber-security software in place on the Wakashio, as well as the vessel’s ISM Code, which is what is required by international law to show compliance with the new cyber security measures.

The satellite communications vulnerability

We asked the same question to leading maritime cyber security expert, Ken Munro, one of the founders of leading device cyber security firm, Pen Test Partners.

“Yes, it is possible for the Wakashio to have been cyber-attacked,” says Ken Munro, who shared a video of how easy vessels without the proper security measures in place to be tampered with (3 minute video below), again highlighting the vulnerability of the ECDIS system.

 In terms of vulnerabilities, he went on to say, “The game-changer is Satcoms (satellite communications).  Historically vessels were not secure, but they were not really connected to the internet.  Security did not really matter, as Datacoms (data communications) at sea were extremely expensive and very slow.  To hack a ship, one needed to be on board, which carried a high risk of being caught.  

It would also be pretty stupid to capsize a vessel through a hack while the hacker was still on board!

That all changed with VSAT and cheap satellite internet connectivity.  Always-on satellite connections have exposed the security of vessels that simply weren’t ready to be connected to the internet.  A lack of understanding of cyber in both operators and maritime technology providers have compounded this, with much of the industry rushing to catch up and retro-fix security on board.

We’ve even seen security products marketed at the maritime sector that actually  introduced vulnerabilities to vessels!”

Munro pointed to exercises that his team had run showing the vulnerabilities of ship internet services on board large cruise ships. The team, which spent a week on board a cruise ship for the demonstration, showed (in a 30 minute video) that it was possible to access a ship’s control via satellite internet and mask any data coming off the vessel. This could explain why MOL’s SOSC was unable to detect the Wakashio had run aground for 4.5 hours until contacted by the vessel owners.

What could be the result of a cyber attack against a ship?

Ken Munro was very clear on the risks he saw in modern shipping.  He listed four major risks and several smaller ones.

“1. Vessel traveling off course – any number of attacks could be used to convince a crew to change course. Tampering with GPS inputs to the onboard Navigational Systems would be virtually undetectable, unlike the more widely known GPS spoofing attacks seen around some military ports. Adjusting autopilot or helm commands is also possible, as is log data.

2. Vessel changing speed – perhaps the easiest here would be to send erroneous log data, so the autopilot reacts and increases or decreases engine revolutions. Tampering with the echo sounder data can also make a vessel believe it is about to ground, so the engine would automatically reduce power to prevent perceived damage.

3. Tampering with engine sensor data - another insidious attack we discovered was to tamper with data from engine crankcase oil mist detectors. If data was sent to indicate that mist levels were increasing, the engine automatically powers down to prevent a crankcase explosion.

4. Vessel being incorrectly loaded – vessel stability (known as ‘GM’) is dependent on the ballasting system. As integrated bridge systems become more capable, the ballasting station is no longer isolated as it used to be. Talking to vessel chiefs, simply tampering with a cross-feed valve control, or emptying the tanks could be enough to capsize a vessel. This happens enough times through load & ballast mismanagement (e.g. the Hoegh Osaka car transport ship capsizing off the the Isle of Wight), let alone through cyber attacks”.

Other risks could include vessel's equipment malfunctioning such as the doors, or a malfunction that causes a fire, and even malfunctions that result in crew being locked out of all controls.

Pen Test Partners had even demonstrated vulnerabilities for bulk carriers travelling the exact same route as the Wakashio - from the Straits of Malacca to the Port of Tubarao in Brazil.

Specifically for the Wakashio, the vessel traveling off course could explain a few disconnected statements from authorities so far:

  • Could cyber-hacking have masked the fact that the Wakashio was off course for four days without anyone on the vessel, the shipowners, MOL Head Office, or the Indian military-run Mauritian coastguard being aware.
  • Panama Maritime Authorities’ statements that the captain ordered the vessel to steer 5 miles offshore (even if this story is itself not credible, looking at other satellite analysis of the region and passing vessels that all passed at least 10 nautical miles offshore), and the wrong map, wrong vessel positioning and wrong scale in ECDIS meant that the vessel was much closer to the coast than the crew thought it would be.

How an enquiry should assess cyber-hacking

US Department of Interior Official, Rick Dawson explains how he would investigate an instance of suspected cyber-hacking.

“First, we would get all the data from the bridge and navigational systems. We would then interrogate the Captain and all the Bridge Watch Standers. We would try to determine if everyone’s stories align. 

What did they rely on for their navigation? Did they have marked charts or electronic navigational records? Do they have any recorded radio or electronic transmissions that established their routes to and from ports. This is basic data that needs to be collected in any investigation.

From there, there are forensic digital analysis groups within the US NTSB and other advanced nations that could look into the Bridge Navigation systems and other digital data from on board the vessel for traces or digital signatures of any interference.”

Have you seen any specific examples of Cyber Attacks?

All four of the largest ship operators have been hit by major hacks in the last three years. In just the last month alone, there have been several high profile cyber attacks against French giant CMA-CGM and the IMO. Major ship operator Mediterranean Shipping Company (MSC) experienced a massive data center malware in April 2020, bringing down its network, and the world’s largest container shipping line,  Maersk, had $300 million of costs due to ransomware. There are some incredible inside accounts of what went on at the IT Security Department in Maersk, that was also featured more broadly in a Wired Magazine special

The notable exceptions to the major ship hackings (that have been publicly mentioned) has been any of the major Japanese shipping lines, Mitsui OSK Lines, NYK Lines or K Lines.

However, on operational issues, such examples are rarely disclosed publicly.

Ken Munro explains. “There are few public examples of ship hacking, primarily as operators tend to keep such incidents quiet for risk of damaging their profile. However, the FBI investigated possible nation-state hacking of the Lady May a few years ago.

We also encounter numerous anecdotal incidents where navigational systems such as the ECDIS are rendered useless by ransomware. These charting systems are usually outdated Windows-based PCs, with multiple vulnerabilities. A lack of USB hygiene for example, can easily introduce malware.

 Targeted attacks are rarer, much harder to detect, diagnose, and much harder to resolve. Cybercriminals will follow the money. For example, if a commodity’s spot price can be moved by delaying a vessel, they will pounce.”

The ECDIS vulnerability on the Wakashio

The risks to the Wakashio’s ECDIS system have been flagged as a major vulnerability. During the crash and oil spill investigation it will be critical to understand the hardware manufacturer, software provider, and maps service provider being used for the Wakashio, especially for this leg of the voyage. 

In questions put to MOL about the use of ECDIS, they were surprisingly avoidant about the question. 

In a response from the MOL media team on September 27, MOL said, “First of all, the Captain and crew who navigated the Wakashio are not employed by MOL, thus how we evaluate map data has no relation with the incident.” MOL went on to say, “Given those circumstances we have no comment” on questions relating to ECDIS use on board the Wakashio.  MOL then referred all questions from media about the map systems to the owners of the vessel.

When the vessel owner was contacted, they did not respond. It has been 92 days since Mauritius declared a State of National Environmental Emergency due to a MOL-chartered, Nagashiki Shipping-owned vessel. 

The vessel owner, Nagashiki Shipping, has not responded, even though their vessel has caused a national environmental emergency in a country for over three months, it is the actions of insurers of their vessel that is coordinating a cleanup without consultation of Mauritius’ leading environmental specialists, and the lawyers for the captain of the Wakashio was ousted in preference for lawyers provided by the vessel owner and insurer in circumstances that one of the most respected lawyers in Mauritius described as ‘dark forces’ at work. This secrecy is hardly a beacon of transparency and trust for Japan’s important shipping industry.

There is certainly going to be a lot of international scrutiny on the defense strategy of the captain’s legal team, in light of this change of lawyers.

The responsibility for the Wakashio equally  lies onshore

Captain John Konrad has highlighted how the responsibility for many maritime incidents lie equally onshore.

“A commonly cited statistic is that 96% of maritime incidents are due to human error. New technology like AIS, digital charts, and remote monitoring promised to reduce human errors but have failed to reduce the number of major incidents. The problem is that while they do provide a lot of good information, they have also increased the level of complexity and the chances for system failure.

A bigger problem is that responsibility and fault has been increasingly put on the Captain. The industry term for this is ‘criminalization of the mariner.’ This is a major problem because mariners are increasingly reliant on decisions made ashore in today’s increasingly interconnected and complex world.

Were there known problems with the system aboard the Wakashio? Did the company provide the funds and opportunity to fix these problems. Where the problems identified by regulators and the classification society or where they ignored? 

When one company, managed by another owns a ship chartered to another, insured by another, flagged in Panama, crewed in India, operating in Brazil, inspected in Singapore… who is responsible?

It usually serves everyone’s interest to arrest and blame the Captain even though the majority of the findings of all major reports find that major incidents are a collection of mistakes and many of the mistakes originate onshore. “

Questionable statistics of ship incidents blamed on human error

Allianz did a comprehensive study of almost 15,000 marine liability insurance claims and found that "between 75-96 percent of marine accidents can be attributed to human error”. 

The Allianz report actually says that 75% is due to human error at sea, 21% is due to human error on shore, and that leads to the 96% figure in the industry for most marine incidents being due to human error.

However, Allianz relies only on reports from the authorities where the vessels are registered. In states like Panama, the quality of investigation is seen as superficial and lacks any meaningful analysis beyond proximate causes.

This is a major failing of international regulation, as by not having a robust level of rigor to investigate shipping incidents, risky systems continue to be allowed in the maritime sector.

A fuller explanation of the root causes of many maritime disasters can be found in former MIT Professor and oil tanker builder and owner, Jack Devanney’s 2006 book, Tankship Tromedy. In it, he highlights that “human error is often to blame, but it is rarely the crew. It is often the systems, processes, culture and management of the ship builders, owners, operators and insurers, who allow risks to materialize on ships.”

Questions about cybersecurity training

Ken Munro of Pen Test Partners also highlights the importance of investing in a dedicated cyber security resource to help manage risk when at sea.

“The master is responsible for the vessel, though I wonder how they expect a master to be suitably cyber-experienced to spot a cyber attack, particularly if it’s subtle and in the deep ocean where no visual position fixes from land are possible.”

Shortage of Ship Cyber Security Experts

Pen Test Partners have also flagged that cyber risks are growing in shipping.

“Fortunately, IMO, BIMCO, and various ship classification societies are mandating cybersecurity standards. However, owing to an extreme shortage of expertise in ship cyber, these certifications are checklist-based. Checklists help, but they don’t find security vulnerabilities; maritime pen testers and hackers do.

We’ve carried out numerous tests of ships security for various operators. In most cases, we found vulnerabilities that allowed the ship to be remotely compromise and then further in to the rest of their fleet. Typically, the issues were related to poor security from maritime technology suppliers, weak password controls by operators, and vulnerable network design.

While the latest vessels coming out of yards today with integrated bridge systems are definitely more secure than those that have been at sea for a few years, we still find serious cybersecurity issues in brand new ships.”

Voyage Data Recorder (VDR) is critical for the investigation

Ken Munro emphasizes the importance of the data that would come out from the Voyage Date Recorder (VDR) of the Wakashio. This is essentially the ‘black box’ of the vessel.

“The VDR is an interesting device that needs additional comment: it’s the one device that is connected to just about everything. It gathers data from multiple sources (Engine, Log, Nav Equipment, BNWAS, etc).”

This data should be released to a forensic technological team such as US NTSB, Australia AMSA, UK’s Marine Accident Investigation Branch, Canada’s Transportation Safety Board.”

The Mauritian Police Force revealed on October 7 that the VDR of the Wakashio did not have any voice recording on it. Either the Mauritian Police Force did not have the training for how to extract this voice playback, there was a major violation in IMO law by not having a fully functioning VDR, or a smart cyber-hacker found a way to erase their trail.

There will be a lot of interest in the forensic analysis of the Wakashio’s Voyage Data Recorder in the upcoming weeks.

How cyber security risks on ships should have been reduced

Ken Munro identifies several ways that vessel operators should have reduced their cyber security risks on ships.

“Several of our team have been ships officers and engineers previously. There are five broad categories of advice:

  • Tactically, ensure your Satcom system is properly secured with strong passwords and updates with the latest software patches.
  • Properly segregate your onboard networks. If the integrated bridge or engine management system is on the same network as the crew Wifi, you’ll get in trouble soon enough. It’s critical to actually test that segregation and controls are effective. Checking a box on a list is very different from a pen tester, proving that they’re separate. So often, the security controls you built-in at the yard are tampered with by well-meaning crews at sea.

  • Resources such as Be Cyber Aware At Sea are great for raising awareness and helping your crew avoid inadvertently opening the vessel to compromise.
  • If all else fails, ensure your crew can actually navigate and control the vessel without any digital systems. Paper charts aren’t often carried on board, but how do you navigate in the ocean when your electronic chart systems goes down with ransomware?
  • Look out of the window! Screen fixation and complete trust in digital systems will lead you into trouble. Don’t rely on the ECDIS: use all sources of data, such as the ‘mark one eyeball,’ ARPA (automatic radar plotting aid), depth, and more. If something isn’t right, cross-check.”

Systemic fixes for the shipping industry

John Konrad goes further and highlights the sorts of technologies that would make global shipping safer as a transportation sector.

He looks at pioneering ocean technologies companies like BlkSail, Moran Cyber and Geollect, who are all using advanced data science and artificial intelligence to ensure safer global shipping.

“blkSAIL and Moran Cyber have the best technology for helping the captains and crews identify major risks like grounding and cyber attacks,” Konrad says, “But it’s critical that shoreside managers and authorities have better domain awareness and access to navigational equipment so they can monitor for problems.  I believe that blkSAIL has the best solution in the world for connecting bridge systems with AI, and shoreside managers, and emergency response.

But until blkSAIL is adopted there is one solution that the Royal Navy is using today to help identify risk without equipment installed on the vessel. That is Geollect.”

When contacted about the applicability of Geollect’s technology to the Wakashio, Co-founder and COO, Richard Gwilliam said, “I believe our solution would have definitely given an early warning and indication in the Mauritian example.”

blkSAIL: A Maritime industry 100% free of incidents

MIT graduate Dr Mohamed Seddik is founder and CEO of MIT Maritime AI startup, blkSAIL.

“BlkSAIL's vision is a maritime industry 100% free of accidents like this one.

We have built an AI mate that brings only the most important information to the crew when it is needed. We call it the ‘mAIte,’ and can be viewed just like another mate on the bridge, powered by our proprietary AI models.

Using the existing sensors and navigation system onboard the ship, it builds a digital map of the environment where it can run all possible future scenarios. It recommends the safest path to the crew, just like an experienced captain.

Therefore, in a situation like the Wakashio, the mAIte would have been issuing early warnings that the current helm commands in the current environment conditions would most likely lead to a grounding and would suggest an alternative.

The mAIte not only recommends an action to prevent, but in case where no action is taken by the crew, it will start evaluating alternatives to limit the impact of the imminent accident.

These dynamic recommendations are what sets us apart from existing solutions, plus the fact that we do not require additional sensors for grounding and COLREGs.

We do believe that such a system will not only prevent these black swan events from happening, but also help reduce the environmental impact of shipping by recommending ‘greener’ commands.”

Questions for the Wakashio investigation

With several new cyber-risk vulnerabilities now raised for the Wakashio, it would be important for any investigation to answer the following questions.

1. Given the difficulty the Mauritian Police are having extracting audible voices from the Wakashio’s Voyage Data Recorder, should Mauritius engage a specialist like the US NTSB to conduct a forensic analysis of the VDR?

2. As a result, should the full Wakashio investigation be opened up to the world’s leading accident investigation cyber forensics teams from US, Australia, UK, or Canada to understand other cyber risks that the Wakashio could have been vulnerable to?

3. When can the investigation conduct and publish a full digital forensic analysis of the ECDIS system, to understand the systems used (hardware, software and map system), and whether it could have been compromised? This also includes a full audit of the training of the crew who were responsible for using the ECDIS system, including who provided the training and certified them.

4. The investigation should be able to conduct a full audit of the vessel’s Cyber Security protocols as part of the International Safety Management (ISM) Documentation and System, including physically evaluating the Windows system, Password protocols, internet traffic in and out of the ship over the past few months, as well as training and certification of the crew to ensure they met these standards.

5. The investigators should also conduct an analysis of who else may have had access to the ship’s I.T. systems from land (including accessing any vulnerable systems such as the engine controls, ECDIS navigations or satellite communications).

If these basic steps are undertaken, it would shed light on the question whether there may have been cyber risks on the Wakashio that were exploited. In doing so, it would also get us one step closer to the most important question of all.

Who would be motivated to perform such an act?