Cyber Risks and Cyber Security (No.1) 10 November 2017 No.929 Download PDF (120KB) This is the first of three Club circulars issued to inform and update members on cyber risks and cyber security issues.  This first circular is a general introduction to cyber risks.  The second circular will address the international regulations and guidance on cyber security.  In the third circular, we will consider some case study scenario of a cyber incident.  The second and third circulars will be published during November.   INTRODUCTION TO CYBER RISKS Cyber security is not a new topic but it is receiving a large amount of attention in the international news and the shipping press.  Members are likely to have read about many high profile cyber security breaches this year.  For example, Maersk were the subject of a high profile cyber attack caused by a virus called "NotPetya".  This attack impacted Maersk Line, APM Terminals and Damco causing several weeks of disruption in July 2017.  As the attack on Maersk has shown, the shipping industry needs to take the risk of a cyber attack very seriously.  Information technology and electronic systems play an essential role in the shipping industry.  To take some obvious examples: Automatic Identification Systems (AIS) exchange vessel tracking and identification data with other vessels, ports and the coastguard;    A ship's position and speed are displayed on the Electronic Chart and Display Information System (ECDIS) which is often updated via the internet.    Ships and container ports also rely on electronic Global Positioning Systems (GPS) to identify vessel positions, steer cranes and stack containers.     In general, these technological advances have brought about increased efficiency and operations.   However it has become clear that these systems have vulnerabilities which could be exploited.  There is an increased risk whe