As shipping and logistics companies reeled from the impact of COVID-19 on their businesses, cyber criminals ruthlessly exploited the situation with series of attacks on IT systems. The criminals hacked into shipping and logistics systems and diverted shipments to other locations as well forging documents to collect valuable cargo before driving off in a truck causing a whole new ‘cyber pandemic’ disrupting the supply chain and maritime industry in a global scale.

“Cyber criminals know that any source of disruption provides valuable opportunities for them to exploit. And around the world, staff have been laid off or are working from home, or following temporary procedures hastily developed as the lockdown began. In other words, it’s a perfect opportunity for them to hack into systems and divert shipments, or turn up with a truck and forged documents, and drive off with valuable cargoes,” said Omera Khan, Professor of Supply Chain Management, Royal Holloway at the University of London.

Hackers have also targeted the information layer of supply chains to access confidential logistics information, including shipment schedules and security surveillance of warehouses, ports and terminals, helping them to identify the most lucrative shipments to steal, when to carry out thefts, and how to conduct the operation. After a cargo theft, tech-savvy criminals can cover their tracks by deleting or altering digital data and records,” according to the Transported Asset Protection Association (TAPA).


There are also some similarities between how a cyber-attack spreads to computers and other devices and how a virus like COVID-19 is transmitted from person to person. COVID-19 has a reproductive rate, or RO, which means it will spread to two or three people if there is no social distancing. A typical cyber-attack worm has an RO of 27 and above and in the case of the Slammer/Sapphire worm it can infect 75,000 devices in 10 minutes and 10.8 million devices within 24 hours, according to a feature on the World Economic Forum (WEF) website.

Potentially, if a cyber vaccine is not found for a super virus, it could spread around the world ultimately disabling a large part of the internet and Internet of Things (IoT), according to WEF.


TAPA members managing cyber supply chain risks can look at using protective systems, updating security programmes regularly and transmitting data with encryption as part of their resilience solutions.

The type of cyber-attack may often appear as an innocuous email with malicious document attachments. Many existing organised crime groups have changed their tactics to use COVID-19 related materials on health updates, fake cures, fiscal packages, emergency benefits and supply shortages, according to a report by KPMG.

Often the messages will not be addressed to the recipient but as ‘Dear colleague’, ‘Dear friend’ or ‘Dear customer’ and there may be grammatical errors or irregular formatting of the text.


  • Raise awareness amongst your team warning them of the heightened risk of COVID-19 themed phishing attacks.
  • Share definitive sources of advice on how to stay safe and provide regular communications on the approach your organisation is taking to the COVID-19 pandemic.
  • Make sure you set up strong passwords, and preferably two factor authentications, for all remote access accounts.

“It is very important that changes in your IT environment are always assessed on risk to the continuity of business and on cyber security risk. Changes that organisations have made to allow a greater part of the workforce to work from home should be carefully assessed on security,” said Ward Veltman, Cyber Security & Risk Officer, Program manager FERM (Rotterdam Port Cyber Resilience), Port of Rotterdam.

“In general, it is best practice to make sure you have a ‘patch’ policy that ensures updates are installed timely and have an access policy in place to determine who can access what information in a secure way.”

“Additionally, it is wise to ask security professionals to assess the current state of your cyber security, especially if you have made changes to the IT environment that allow your employees to access company resources and data in new ways,” said Veltman.

There have also been warnings that some IT staff who have been made redundant during COVID-19 and may not have any income, are turning to cyber-crime as a way of making money.

Many organisations may want to provide guidance on how to support members of staff who have lost their jobs to consider taking this period to learn a new skills and undertake online courses, according to a Deloitte report called ‘Managing the impact of COVID-19 on cyber security’.


There is also a concern about attacks on ship operations as cyber technologies are essential to systems critical to the safety and security of shipping and the protection of the marine environment, according to the International Maritime Organization (IMO).

Given the potential for major incidents involving very large tankers, bulk carriers or containerships, the IMO has listed some possible entry points that cyber criminals may use to access vessel systems.

  • Bridge systems
  • Cargo handling and management systems
  • Propulsion and machinery management and power control systems
  • Access control systems
  • Passenger servicing and management systems
  • Passenger facing public networks
  • Administrative and crew welfare systems
  • Communications systems


In a post-COVID-19 world many logistics and shipping analysts are predicting that there will be major changes in the supply chain, with production shifting from Mainland China centric model to sourcing from multiple locations such as Vietnam and India. From a risk management perspective will this diversified supply chain pose an increased threat to cybersecurity? asked OPPORTUNITY.

“In general, more locations and diversification means that the attack surface may grow. The investment in cybersecurity should keep track with the changes in your organisation,” said Veltman.

Omera Khan concurred, “To invest in digital processes is to be secure, it is important for organisations to invest appropriately – trying to cut corners, and save money, will add risk.”

During the COVID-19 pandemic, many people from all kinds of organisations have, for the first time ever, experienced a truly digital way of working. This poses threats to cybersecurity as employees might not be aware of the cybersecurity risks associated with the new way of working. It is therefore vital to not only invest in a robust cybersecurity policy and framework, but also in awareness and basic cybersecurity skills for your employees, said Veltman.


As digital communications become the norm in shipping and other industries, the current pandemic has ‘stress tested’ the corporate world’s ability to protect its IT systems, as security vulnerabilities have been exposed by cyber criminals at great cost in terms of lost revenue and reputation.

A positive note is that cyber security experts are on a steep learning curve on how to protect and mitigate loss to their digital assets and IT systems in the future, as many staff may continue to work from home. Extending cyber protection to remote computer terminals and extensive training are recommended by analysts, security experts and risk managers.

The shipping industry’s fragmented supply chain with multiple parties involved in transactions and shipments across the globe poses unique challenges in order to secure its cyber-sphere. There is no time to waste as the cyber criminals have demonstrated during the pandemic.


The World Economic Forum (WEF) echoed the call to action and as the shipping world continues to digitise its networks and operations, it is critical that all connections are safe, fast, scalable and strong. Speed is now of the essence for companies to build their own robust cyber security foundation, according to the WEF.

“A combination of blockchain, edge, cloud and network security must be synonymous and a single security driven networking strategy distributed into a single coherent solution is now an imperative,” WEF reported.


The tech-tonic shock caused by COVID-19 across the global supply chain will live long in the memory. The main lesson learned is that cyber criminals are waiting for extraordinary global events to wreak havoc across the business world. With this knowledge gained through the experience of the last seven months, corporate, governmental IT departments and law enforcement cyber agencies now have a blueprint to future proof cyberspace.

Action will also be needed at company level to protect digital assets by increasing IT budgets and combating cyber-attacks through training, software and adopting new defensive cyber strategies.