NIGERIA recorded 41 piracy attacks on vessels calling at her ports in the whole of 2017, the Nigerian Maritime Administration and Safety Agency (NIMASA) stated in its ‘Nigeria’s Maritime Industry Forecast 2018-2019. This is even as the agency said the nation suffered 135 piracy attacks between 2015 and 2017.
According to data sourced from the agency’s industry forecast document, the highest number of attacks occurred in the last quarter of 2017, with 16 attacks occurring within the nation’s waters.
“In the first quarter of 2017, nine reported attacks occurred within Nigerian waters. Out of the nine reported attacks, three were successful while the remaining six attacks were not successful. In the second quarter of 2017, eight vessels were attacked within Nigerian waters. Out of the eight vessels attacked, four were successful and the other four attacks were unsuccessful.
“Also in the third quarter of 2017, eight vessels were attacked and four were successful while another four were unsuccessful. In the last quarter of 2017, 16 vessels suffered piracy attacks within Nigerian waters and six of those attacks were successful, while the remaining 10 attacks were unsuccessful.
“For vessel movement in 2016, the nation recorded the highest number of piracy attacks within her waters as 77 attacks were recorded on vessels in the year under review. In the first quarter of 2016, 27 vessels were attacked by pirates and 14 of those attacks were successful, while the remaining 13 attacks were unsuccessful.
‘In the second quarter of 2016, another 27 vessels were attacked, and this time, 17 of those attacks were successful while the remaining 10 attacks were not successful. In the third quarter of 2016, there was a reduction of piracy attacks within the nation’s waterways as only eight vessels were attacked, and only four of those attacks were successful.
“In the last quarter of 2016, piracy on waters within Nigerian waters rose again as 15 vessels suffered attacks at different locations within the nation’s waterways. Out of the 15 attacks in the last quarter of 2016, five were successful while 10 were not successful.
“For 2015, eight vessels were attacked in the first quarter of the year under review and five of those attacks were successful, and the remaining three attacks were not successful. In the second quarter of 2015, five piracy attacks occurred within Nigerian waters, and one out of the five was successful, while the remaining four attacks were not successful.
“There was no recorded piracy attack for the third quarter of 2015. However, piracy activities resumed in the last quarter of the year under review with four different attacks on vessels within the nation’s waters. Two out of the four attacks were successful while the remaining two were unsuccessful, thereby bringing to a total of 135 piracy attacks on vessels within Nigerian waters between 2015 and 2017,” information from Nigeria’s Maritime Industry Forecast 2018-2019 revealed.
The maritime cyber security landscape is a confusing place. On the one hand, you have commercial providers suggesting the risks of everything from a hostile attack on ship’s systems which allows the vessel to be remotely controlled by pirates and direct it to a port of their choice, or causing a catastrophic navigation errors, a phishing attack or ransomware on the Master’s PC. While on the other, you have sensible people who point out that this notion is nonsense due to the number of fail safes and manual overrides and controls in place.
Then there are calmer voices still, who point out that the most likely threat is actually to the servers inside your head office, or a man in the middle attack on your company’s bank accounts.
Recognizing the threats
So what are the real, documented, current threats to the shipping industry from cyber criminals? Here, we hope to offer some genuine guidance without scaremongering. We’re not trying to sell you anything. We’re just trying to make sure you know what the risk of simply doing nothing is.
Much has been made of the threat to vessels on the water from hackers. However, there is only limited available credible evidence to support claims of hacks at sea. Rather, the real threats on the water come from a lack of crew training and awareness and a culture which turns a blind eye to crew using their own devices at work (Bring Your Own Device, or BYOD) and plugging them into ship systems to charge them, thereby possibly releasing a malware they may have been inadvertently carrying onto the vessel.
Maritime cyber security survey results
In 2017, I.H.S. Fairplay conducted a maritime cyber security survey, to which 284 people responded. 34 percent of them said that their company had experienced a cyber attack in the previous 12 months. Of those attacks, the majority were ransomware and phishing incidents; exactly the same sort of incidents affecting companies everywhere, and not at all specific to the maritime world.
The good news is that only 30 percent of those responding to the survey had no appointed information security manager or department, meaning that the majority of companies have a resource able to respond and mitigate any attack.
However, the survey did reveal that there are still a lot of employees who have not received cyber awareness training of any kind, which means the shipping industry must try harder, for its own security.
Additionally, only 66 percent of those questioned said that their company had an IT security policy, which is a serious cause for concern; IT security cannot be approached on an ad hoc, incident by incident basis. It’s the security equivalent of plugging holes in a hull with cardboard.
To underline that, 47 percent of those questioned believed that their organization’s biggest cyber vulnerability was the staff. Hardly a glowing endorsement but, if you don’t train your staff to be aware of threats, it’s not surprising.
Mitigating the risk – train your staff
Imagine you’re in charge of a company. You trust your staff to do everything. Except, it seems, ensure your bank accounts aren’t handed over to cyber criminals or that your network is exposed to ransomware or malicious attack.
It would seem to be a rather curious way to run a company.
The key to mitigating cyber crime is training. Yes, you can put posters up; send company memoranda out; promote industry guidelines. But how many of your staff take those in? A robust workplace IT security policy is the first step, but that can only work when also supported by a training course where employees can see the risks through demonstrations, simulations and good teaching.
There are very simple changes that any company can make to ensure better security in the workplace. From enforcing a zero tolerance on BYOD, which is often disliked by the crew, to separating crew and administrative or operational networks, blanking unused USB ports and requiring monitors be turned away from public view to prevent “shoulder surfing” and a rule that all computers go into secure sleep mode when left unattended.
For staff dealing with accounts, additional rules may be required to ensure the risks of phishing and social engineering (whale attack) are reduced.
You don’t think your company is at risk? In November 2016, Europe’s largest manufacturer or wires and electrical cables, Leoni AG, lost £34 million in a whale attack, when cyber criminals tricked finance staff into transferring money to the wrong bank account.
£34 million. Lost… That should be read out to every board of directors.
And similar attacks take place every week.
In the last six months, the shipping industry has seen several incidents in the sector, ranging from a data breach at Clarksons through to the damage done to Maersk by the WannaCry NotPetya variant sabotage/ransomware incident, which the company believes cost it as much as $300 million.
These are some of the reasons for the creation of the Maritime Cyber Alliance, a project created by CSO Alliance in partnership with Airbus Defence & Space. The aim is simple: connect maritime and oil and gas chief information security officers via a secure, private platform, allow verified cyber intrusions to be reported anonymously and provide members with threat alerts and tools to analyze malware and prevent attacks as well as offering workshops to promote best practice in the industry and listen to concerns.
February saw the Alliance participate in four workshops across the U.K., in Aberdeen for the offshore industry; Edinburgh for the ports community and Glasgow for ship management. Guest speakers included Kewal Rai, Policy Adviser for Cyber Security with the Department of Transport, Sergeant David Sanderson from Hampshire Police, Vic Start, Thomas de Menthiere and Jean Baptsiste Lopez of Airbus, among others.
Among the concerns raised by attendees were questions on mitigation of attacks, the impact of E.U.’s General Data Protection Regulation (GDPR) on the U.K. and how Airbus was delivering its solutions to users of the site.
The Alliance is already gathering detailed cyber crime incident reports from industry. We’ve seen an examples from shipowners who lost two days’ hire due to malware contamination via a USB stick, invoice fraud in the port, superyacht and ship broker sectors. The latter saw a ship broker’s systems compromised by criminals who altered payment details to steal £500,000.
Luckily, in that case, the company’s quick reaction, a court order and a rapid forensic investigation ensured they recovered the missing funds. We are starting to see multiple attempts of invoice fraud using privileged information, which means a vendor’s company accounts have been compromised. The timely sharing and analysis of information will grow with the increased cyber crime report data flow via the Cyber Alliance’s crime reporting servers, based in Iceland in order to ensure anonymity. The solution, of course, is to ensure your company requires multiple sign-offs for any payments over a certain amount and pick up the phone to verify and vendor bank account changes. The risk of getting it wrong could bankrupt you.
There’s clearly a need for industry to take the lead on protection and, hopefully, the Maritime Cyber Alliance will enable that. Further workshops, which are all free to attend, are planned for the coming months.
The next major hurdle facing companies around the globe comes in the shape of the GDPR, which comes in to force in May 2018. It will affect companies in every sector, but the maritime industry in particular, given its global reach.
In essence, the GDPR is the first data protection measure to affect the entire world. If your company holds or processes the personal data of E.U. citizens, people working for E.U. entities or trading with the E.U., then you’re affected and will need to ensure that you’re compliant with the new regulations. Failure to do so will result in huge fines. GDPR’s definition of “personal data” is far broader than previous regulations, meaning that any information which can be used to identify an individual falls under it.
The new regulation introduces Privacy Impact Assessments (PIAs), which means that companies will be required to conducts PIAs wherever privacy breach risks are high in order to minimize risk to data subjects. Many companies may have to hire data protection officers in order to ensure compliance, while those companies dealing with EU crews will also want to take note of their liabilities in this regard.
The good news is that GDPR will also bring in common data breach protection notification requirements, so companies will be forced to report any breach of their systems within 72 hours, thus ensuring industry awareness and a better response time to potential vulnerabilities. This, in itself, may require staff training and is yet another aspect of GDPR companies need to be aware of.
For companies doing business in the E.U., which covers a vast swathe of the maritime industry, the NIS Directive covering network and information security also comes in to force in May 2018. In the U.K., the government has announced that organizations working in critical services like energy, transport, water and health can be fined up to £17 million as a “last resort” if they fail to demonstrate that their cyber security systems are equipped against attacks.
The NIS Directive requires organizations to have the right staff in place and the proper software to mitigate cyber attack and intrusion. Private and public companies in each sector will be evaluated by regulators who will vet everything from infrastructure and issue fines for firms who fail.
“Network and information systems give critical support to everyday activities, so it is absolutely vital that they are as secure as possible,” said Ciaran Martin, U.K. National Cyber Security Centre CEO, in a statement.
Ultimately, the new regulations will be of benefit to everyone, but ensuring your company meets the right standards will be crucial. The days where maritime cyber security amounted to just making sure you turned the office PC off are long gone. Today, cyber security demands board room level attention as well as vigilance from all employees, be they in head office or out on the water.
David Rider is Spokesman for CSO Alliance.
Port Harcourt — The Federal Republic of Germany yesterday presented five gunboats to the Nigerian Navy for counter-insurgency operations at Lake Chad.
But the excursion organised by the Navy for the Consul General of the German Embassy, Mr. Ingo Herbert, and his team to the Navy Security Station 023 positioned along the Cawthorn Channel after the inauguration turned eventful as the team chased and arrested five suspected oil thieves in three separate incidents.
Handing over the boats to the Chief of Naval Staff, Vice Admiral Ibok Ete Ibas, at Onne, Rivers State, the Consul General of Germany in Nigeria, Mr. Ingo Herbert, said the donation was part of his country’s contribution to the fight against insurgency in the North-east of Nigeria.
He also said it was directed at deepening Germany’s partnership with Nigeria and to help build peace and development in the country.
“The five boats are part of the Greater Initiatives of Germany in enhancing the peace and security of partner governments. The focus is to support partner countries in the fight against terrorism,” he said.
He noted that Nigeria is a complex country and that it is difficult to cover the whole area in terms of security. He however said the flat-bottom boats would assist in checking crime in the maritime sector,
“The maritime space sensitively accommodates a lot of activities and movements and therefore prone to security breaches. These boats will not only primarily contribute in your fight in the North-east, but also to fight illegal fishing, oil theft and other maritime crimes,” he said.
He added, “A very important aspect of this donation is that the boats are built in Nigeria. So it is actually a co-operation and has full local content.”
He recalled that he had recently inaugurated a vocational training centre in Port Harcourt equipped with German technology, adding that more German firms were coming to Nigeria to contribute to the development of the country.
Receiving the boats, Ibas said by the donation, the maritime landscape of the nation, especially the Lake Chad area, was gradually being accorded much needed security for the stability and prosperity of the country.
Ibas, who was represented by Chief of Logistics, Naval Headquarters, Rear Admiral James Oluwole, lamented: “Today, our nation is at crossroad, challenged by multi-faceted threats with grave manifestations, especially in the North-eastern Region and the maritime environment where the Nigerian Navy is the lead security agency. These challenges require enormous resources to surmount.”
He however said in line with the strategic partnership between both nations, Germany has assisted the Nigerian Navy with the five riverine patrol boats to fight the insurgency and criminality in the North-east.
He disclosed that the five boats were built locally by Epenal Boat Yard and fitted with 2 x 8.2m HP Yamaha Outboard Engines, mounting for 12.7mm and Automatic Grenade Launchers (AGL).
Ibas also noted that Germany had earlier supported the Nigerian Navy in provision of Motorised Turbine Unit (MTU) series training engines as well as training of 23 naval personnel on MTU engines in Germany.
“It is satisfying that Germany, in its strategic partnership with Nigeria, continue to remain true and committed to navy’s dream. By your effort, the maritime landscape of our nation, especially the Lake Chad area, is gradually being accorded much needed security, stability and prosperity.”
After the inauguration of the boats, the German officials were taken on sail to the Cawthorn Channel through some creeks of the Niger Delta.
In the course of the boat ride, the team in three different incidents chased and arrested five suspected oil thieves with speed boats laden with locally refined petroleum products popularly called in local parlancekpo-fire.
The suspects were brought back to Onne where the naval personnel said they would be interrogated and later handed over to the police for necessary action.
Commenting on the incidents, the German Consul General, Herbert, said the trip opened his eyes to the enormity of the challenges faced by the Nigerian Navy and the Government in combating crime in the creeks.
“I am glad that the German Government through the donation we made today to the Nigerian Navy could assist the Nigerian Government to deal with this kind of situations. I saw the vast area, the challenges with regard to the ecological system, to the people and the challenge to restore the Rule of Law and security. I appreciate the efforts of the Nigerian Navy,” Herbert said.
Source: This Day
Yemeni security forces seized a shipment of weapons on their way to the Houthi militia in Sanaa on Wednesday.
Security sources revealed that one of the security forces at a check point, in Marib province east of Sanaa seized the shipment.
The weapons ranged from missile launchers, Kalashnikovs, explosives, which were hidden carefully in a large truck.
Yemeni security services in Marib (east of Sanaa), seized more than once shipments of weapons and military equipment on the way to the Iran backed Houthi militia.
The Yemeni security forces, in cooperation with the Arab Coalition, are making great efforts to reduce the smuggling of weapons and military equipment coming from Iran to the militias.
HMAS Warramunga in support of CMF continues seizure success with over 7 tonnes of drugs seized in Arabian Sea
ON 3-4 MARCH HMAS Warramunga continued the remarkable success of Combined Task Force (CTF) 150 by seizing over 7 tonnes of hashish in back to back seizures. HMAS Warramunga conducted two boardings and after a thorough search found over 7 tonnes of hashish, valued at over $300 million USD. Over the last three months, CTF 150 has interdicted over 25 tonnes of drugs valued at over $1.3 billion USD in eight seizures.
HMAS Warramunga, as part of Combined Maritime Forces’ (CMF) CTF 150, was conducting a patrol in the international waters of the Gulf of Aden, on 3 March when she detected a suspicious vessel. The Australian ship quickly closed in on the suspicious dhow to conduct further investigations that led to the boarding. HMAS Warramunga was authorised to conduct a non-destructive search for illegal narcotics, weapons and charcoal. During that search, the boarding team located 4 tonnes of hashish, valued at over $155 million USD. After completing a thorough search, the drugs were catalogued and transferred to HMAS Warramunga for safe disposal at sea.
The Commanding Officer of HMAS Warramunga, Commander Dugald Clelland, RAN, said he’s been continually impressed with the crew’s determination and professionalism and stated: “This has been a high tempo deployment for HMAS Warramunga but we have been fortunate in seeing significant quantities of narcotics not reach their final destination as a result of the efforts of the crew and the CTF 150 team.”
On 4 March, HMAS Warramunga continued her relentless pursuit of illicit smuggling, detecting a second suspicious dhow in the Arabian Sea. Intercepting and investigating the second dhow, boarding teams from HMAS Warramunga discovered an additional 3.9 tonnes of hashish, valued at over $151 million USD.
Commander of CTF 150, Commodore Mal Wise, Royal Australian Navy, spoke of the success of the most recent interdictions. “CTF 150 remains focused on our task to suppress the funding of terrorist activities. The great results that HMAS Warramunga continues to achieve is a testament to her training, her drive to succeed in the mission and the collaborative work between her team, the CTF 150 staff and other partners ashore. I am extremely proud of this entire effort and the impact that the team continues to have on terrorism funding.”
Since December 2017, multinational assets in support of CMF have seized 27.9 tonnes of hashish and 1.5 tonnes of heroin, valued at over $1.3 billion USD. CTF 150 is currently under Australian leadership, supported by a combined Australian and Canadian staff.
MANILA: The United States handed over six surveillance drones to its ally the Philippines on Tuesday (Mar 13), as part of efforts to boost its ability to tackle a growing threat from Islamist militants and to respond to natural disasters.
The six Boeing Insitu ScanEagle drones, which have two cameras and can operate for up to 24 hours on a single run, were financed through a US$13.7 million grant from Washington’s foreign military assistance programme.
It follows the transfer of two single-engine surveillance planes last year.
The Philippines plans to deploy the drones for surveillance against militants and pirates, and for surveying the aftermath of disasters like typhoons, mudslides and earthquakes.
“This acquisition of ScanEagle is one way to modernize the military to deter those who want to wage war against our country,” Defence Secretary Delfin Lorenzana said at a ceremony at a Manila air force base, attended by the US ambassador.
“This collaboration is also an indication of the Philippines and the United States’ goodwill, deep friendship and genuine commitment to peace.”
The United States is the most important military partner of the Philippines, with a decades-old treaty alliance and numerous pacts that enable rotational deployment of U.S. troops and annual joint exercises.
However, ties have been tested by President Rodrigo Duterte’s hostility towards the United States.
Nevertheless, the US military provided technical support and surveillance vital in helping the Philippines end a five-month occupation of Marawi City by pro-Islamic State rebels last year.
KOTA KINABALU: The Eastern Sabah Security Command (Esscom) has identified three new kidnap-for-ransom groups, its chief DCP Hazani Ghazali says.
Speaking during a gathering with the media organised by Esscom in Sandakan last night, Hazani said the groups were also involved in robbery.
But he declined to give further details to maintain the integrity of the authorities’ investigations and operations.
The Sulu and Celebes Seas off Sabah’s east coast used to be a hotspot for kidnappings and sea-jackings but thanks to efforts by Esscom, no incidents were recorded last year.
Esscom has also tightened security to prevent possible trans border movement of militants during the five-month Marawi war in southern Philippines between government troops and pro-Islamic State groups.
The heightened security resulted in Esscom shooting dead an Abu Sayyaf group member during a chase in the waters off Silam in December last year.
The suspect, identified as Abu Paliyak, belonged to an Abu Sayyaf group responsible for a spate of kidnappings-for-ransom and robberies in the east coast of Sabah.
More recently, Esscom and Tawau police killed three Filipinos believed to be linked to terrorism at an oil palm estate in Kalabakan, also in Sabah’s east coast.
The team seized a Colt M4 assault rifle, a revolver and a samurai sword from the unidentified suspects during the Feb 23 chase and shootout.
The authorities were in the process of identifying them through Interpol and security agencies of the Philippines and Indonesia.
However, the next day, a national newspaper published a report identifying one of the slain suspects, citing a Philippine intelligence source.
Later, Esscom issued a statement criticising the report which it said had jeopardised its investigation.
In the statement, Hazani urged the media to verify with the authorities any information received before publishing it to safeguard their investigation and operational integrity.
During the dialogue with the media last night, Hazani said the authorities had to continue their investigation after the shootout with the three suspects.
“You have to understand that the matter did not end there. We had to look for the accomplices of the three slain suspects but that news report upended our investigation.
“We hope the media will give their cooperation by verifying their information with us before reporting it.”
Hazani also revealed a planned road checkpoint to stem the crossing of criminal elements from the east coast of the state to the west, to be set up at the end of the month.
“We will start the road checkpoint in Kalabakan and then have another one in Telupid,” he said.
“We are also in talks with our counterparts from the neighbouring nations to determine the location for our sea checkpoint.
“All vessels entering Sabah’s east coast waters will have to go through inspection at the sea checkpoint.”
The 1,700km coastline in Sabah‘s east coast is a specially designated security area called the Eastern Sabah Security Zone or Esszone.
Esszone and Esscom were established in 2013 following an incursion in Lahad Datu by some 200 Sulu militants who wanted to stake their territorial claim on Sabah.
Ten Malaysian security personnel and 68 militants were killed in the five-week standoff.
HMAS Warramunga’s MH 60 Romeo helicopter was conducting routine aerial surveillance in the Arabian Sea when it detected a vessel of interest. HMAS Warramunga approached the dhow in international waters and upon investigation CTF 150 authorised a non-destructive search of the dhow. During that search, the boarding team located 132 kgs of heroin, valued over $30 million USD. After a thorough search, the heroin was catalogued and destroyed safely at sea.
Commander of CTF 150, Commodore Mal Wise, Royal Australian Navy, stated:
“The illicit drug trade has had a profound effect on the lives of the people in East Africa. We know that heroin seizures like today’s will have a direct impact on the operations of terrorist organizations at distribution points in East Africa. Removing heroin from circulation reduces the funding resources available for terrorists, which then reduces their ability to inflict suffering on the communities in East Africa.”
CTF 150, as part of CMF, aims to disrupt smuggling networks transferring illicit narcotics from Central Asia, through to East Africa. CTF 150 is currently under Australian command, staffed by a combined Canadian and Australian team and supported by assets from Australia, France, New Zealand, Pakistan, the United Kingdom and the US.
Dutch shipowners with vessels passing regularly through areas frequented by pirates will now be able to carry their own security guards who are permitted to carry arms and fire if necessary. A majority of MPs, including the coalition Christian party ChristenUnie, voted for the measure which was favoured by the maritime community, on Thursday evening, public broadcaster NOS reported. Pirates have a heavy presence along the coast of Somalia in west Africa and in the Gulf of Aden and have seized many merchant vessels in the past, despite patrols by the EU’s anti-pirate mission. Shipowners have been asking to be allowed to employ private security guards who can use force for many years. MPs have now agreed, with the proviso that the guards are equipped with bodycams and a 360-degree sound camera is mounted on the ship itself. This means officials can evaluate any incidences afterwards to determine whether force was actually necessary. Denmark, Spain, Norway and Britain already allow shipping firms to use private security guards when travelling close to the Somali coast.