Observers are calling for a greater emphasis on cybersecurity to protect Africa’s growing maritime sector.
The discussion came at a workshop organized by Stellenbosch University, the Institute for Security Studies (ISS), and the United Nations Office on Drugs and Crime.
About 90% of trade on the African continent is conducted by sea, yet ports and ships remain particularly vulnerable to cyberattacks. Panelists said the 2021 Transnet ransomware attack, which shut down several key South African ports, should serve as a wake-up call to the threat.
“We are dependent on well-functioning maritime infrastructure, which needs to be protected, including from cyber threats,” said Denys Reva, a maritime researcher at the ISS.
Cyberattacks on ships and ports grew globally from 50 in 2018 to more than 500 in 2020, according to the Handy Shipping Guide. Observers believe the true number is far higher.
“We don’t know the real scope of the problem,” Reva said. “Some cybersecurity reports suggest hundreds of thousands or millions of attacks.”
Attacks are projected to grow as more aspects of shipping and ports become digitalized. Modern ships use Electronic Chart Display and Information System, GPS, and remote engine and cargo control systems. Ports are going paperless and becoming automated to load and unload cargo, defenceWeb reported.
Fifty-three, or about 4%, of the world’s container terminals are fully automated. That number is increasing.
In a 2021 speech on the issue, Abdul-Hakeem Ajijola, chair of the African Union Cybersecurity Experts Group, offered best practices for improving cybersecurity aboard ships. They include: making sure satellite communication systems are on private IP addresses; regularly updating software; changing passwords regularly; creating separate networks for the bridge, engine room, crew and business on board vessels; ensuring that USB ports are secure; and using encryptions on all onboard Wi-Fi networks.
Ajijola also recommended cybersecurity training of crew members, measures to ensure that technology suppliers are trusted, and conducting vessel and harbor security audits.
“Building trust and addressing cyber malfeasance requires global multistakeholder collaboration, as one weak link potentially undermines global value chains,” Ajijola said in a 2021 speech for a webinar hosted by the ISS. “It is thus imperative that Africa, its nations, organizations and peoples are not the weak link.”