AI increasing physical cyber risk in shipping
AI-based coding tools could make complicated marine systems hackable by 'novice' threat actors, the joint Insurance Day/Lloyd’s List podcast has heard
The use of artificial intelligence (AI) could increase the risk of physical cyber attacks in the marine sector, a joint Insurance Day/Lloyd's List podcast has heard.
William Altman, director of cyber threat intelligence services at CyberCube, said AI-based coding tools could help “novice” threat actors exploit critical operational technology (OT) – which interfaces digital infrastructure to real-world machinery and systems.
These systems are usually complex and bespoke in the shipping industry and would currently require a sophisticated threat actor to breach.
“We're headed into this world in which seemingly novice threat actors can use coding assistance to achieve what was once only possible for sophisticated threat actors,” Altman told the Insurance Day/Lloyd’s List podcast.
He continued: “OT technology on board ships is very complex. It often requires the people who build it to manage it, so not every threat actor knows even the protocols that are in use on these ships. But presumably AI in the future will be able to do that fairly easily.
"I think we're entering a world in which threat actors now have augmented abilities that could allow them to attack maritime infrastructure, specifically the physical stuff, more than they have in the past.”
Altman was joined on the Insurance Day/Lloyd’s List podcast by Robert Dorey, chief executive at Astaara, and Stephen Wares, head of international underwriting at Coalition, to discuss how the insurance market is responding to the growing cyber threat, what protection options are available to businesses and how attacks are becoming more sophisticated and financially driven.
The speakers also examined how geopolitical tensions, including Russia’s war in Ukraine and conflicts in other regions, continue to shape the threat environment and the particular challenges faced by the marine sector, which is grappling with legacy systems, complex supply chains and geopolitical exposure.
The conversation also covered the growth of cyber managing general agents, how cyber products have been tailored for shipping and logistics sectors, and how emerging technologies such as generative AI are reshaping both risks and insurance solutions.