Navigation
Browse previous issues
Signup

CrowdStrike’s wake-up call: What the marine industry can learn for the future

By Andre Wright, Product Development Manager – PCS®, a Verisk Analytics business

As the maritime industry becomes more dependent on digital systems, its vulnerability to cyber incidents increases, which was demonstrated by the NotPetya attack in 2017. This incident, which initially targeted Ukraine but quickly spread globally, caused severe disruptions worth over $3 billion in insured losses according to Verisk PCS®, to multiple industries including some to the marine industry. For instance, Maersk, one of the world’s largest shipping companies, experienced substantial losses and operational delays when its IT systems were inaccessible for days and digital backups were deleted due to the incident, resulting in an estimated $300 million in economic damages based on internal research from PCS.

The CrowdStrike incident of July 2024, designated by PCS as Cyber Cat Event #2413, was due to a faulty update and not a malicious attack. Nevertheless, it demonstrates how similar instances could have even more devastating consequences for the marine sector. The industry's reliance on digital systems for navigation, cargo management, and communication makes it particularly susceptible to cyberattacks and systemic disruptions. A breach could disrupt global trade routes, port operations, and vessel navigation, leading to significant operational delays, financial losses, and safety risks. For example, compromised navigational systems could increase the likelihood of accidents, environmental disasters and more.

The maritime industry is responding to these threats by increasing its cybersecurity investments to counter growing threats. This includes establishing the International Maritime Cyber Security Organization (IMCSO) to improve resilience. As the global maritime cybersecurity market grows, the industry must learn from incidents such as NotPetya and CrowdStrike. It’s crucial to understand the insured impact of these events to strengthen defenses and protect critical operations from future cyber threats. With so much at stake, robust cybersecurity measures and appropriate risk transfer tools are vital to safeguard global trade and logistics.

Back