KnowBe4 Security Awareness Training Blog

Could A Botched Ransomware Attack Have Caused The Massive Mauritius Oil Spill?

Written by Stu Sjouwerman | Oct 27, 2020 2:05:53 PM

I found a super interesting and at the same time scary article at Forbes by Nishan Degnarain about the cyber vulnerabilities of these massive oil tankers and container ships. It's enlightening how these vessels are put together network-wise and how pentesters have found multiple ways to get into these systems. 

Nishan started with: "Cyber attacks against global shipping firms have spiked 400% since  COVID-19 has hit. And this was before the two high-profile ransomware victims in the last month alone – the world’s fourth largest shipping company, French giant CMA-CGM, and the UN’s own global shipping regulator, the IMO.

Now questions are being asked whether Mitsui OSK Lines (MOL)-chartered Wakashio, could have been a dry run for cyber hackers this summer that led to its grounding and subsequent oil spill in Mauritius.

It turns out that one of the ship’s system that investigators have already revealed an anomaly with, the ship’s navigation system (called ECDIS, or Electronic Chart Display and Information System), had already been flagged by cyber security experts as one of the most vulnerable systems on large, ocean-bound ships like the Wakashio. "

Check out these ships possible cyber vulnerabilities, revealed by cybersecurity company Pen Test partners:

The ECDIS system, which the ship relies on for its navigation, could have been exposed it to digital criminals, as five leading cyber security experts explain in interviews for this article.  This could also explain some of the discrepancies in the accounts from various authorities so far.

The reason cyber-criminal activities should be included as part of the investigation into the Wakashio incident is because when one looks at the layers of safety that MOL has in place for its fleets (including the vessels  it charters), several major, multi-million dollar layers of ship safety protection would have had to fail to explain how the Wakashio ended up on Mauritius’ reefs in July this year. 

This is a fascinating article with many open questions regarding responsibilities, unexplained mysteries like who would be motivated to perform such an act, and cyber security lessons to be learned. Warmly recommended for a lunch break! 

https://www.forbes.com/sites/nishandegnarain/2020/10/26/could-mol-chartered-mauritius-oil-spill-ship-wakashio-have-been-hacked/#39db8597fbbc

Happy reading!