Safety and Shipping Review 2021: Security and sanctions safety concerns mount

Expert risk article | August 2021
The piracy threat remains, driven by record numbers of crew kidnappings and vessels targeted further out at sea. Covid-19 could make it worse. Cyber bring both business interruption and regulatory risk for shippers. At the same time, the burden of international sanctions continues to rise, posing both a compliance and safety risk, as a number of vessels turn off transponders to avoid detection.
AGCS' Safety and Shipping Review identifies loss trends and highlights a number of risk challenges for the maritime sector.
On March 11, 2021, pirates boarded the Maltese-flagged chemical tanker Davide B in the Gulf of Guinea, kidnapping 15 of the 21 crew. The incident followed a similar attack in January against Liberianflagged container vessel Mozart, which resulted in the death of one crew member and the kidnapping of 15 others.

The Gulf of Guinea has emerged as the world’s piracy hotspot. It accounted for over 95% of crew numbers kidnapped worldwide in 2020, as well as the sole crew fatality, according to the International Maritime Bureau (IMB)[1]. Last year, 130 crew were kidnapped in 22 separate incidents [2] in the region, the highest ever number. The problem has continued into 2021, with the Gulf of Guinea accounting for a third of all reported piracy incidents in the first half of 2021[3].

The International Maritime Organization (IMO) [4] recently warned that piracy in the Gulf of Guinea poses a “serious and immediate” threat to global trade and the safety of seafarers working in the region.

“Attacks against the Davide B and Mozart are symbolic of the growing problem of piracy in West Africa, with an increase in the number, sophistication and violence of piracy attacks in the past year,” says Captain Rahul Khanna, Global Head of Marine Risk Consulting at AGCS. “Perpetrators are now well-equipped to target vessels further away from the shore - the furthest crew kidnapping occurred just over 200 nautical miles (nm) from land." 

As a result, the IMB recommends vessels in the Gulf of Guinea remain at least 250nm from the coast at all times.

Piracy in the Gulf of Guinea contributed to an overall increase in piracy worldwide in 2020 with the number of incidents up by more than 20% year-on-year (195 incidents in comparison to 162 in 2019, according to IMB). However, the total of incidents declined to a 27-year low during the first six months of 2021 (68). Despite the reduction, violence against crew has continued with 50 crew kidnapped, three each threatened and taken hostage, two assaulted, one injured and one killed throughout the first half of 2021. Vessels were boarded in 91% of the reported incidents.

Last year marked another year without incident in Somalia, the world’s former piracy hotspot. However, crew must maintain vigilance when transiting the Somali Basin and wider Indian Ocean as Somali pirates continue to possess the capacity to carry out attacks. During the first three months of 2021, a bulk carrier repulsed an attack by armed pirates in the Gulf of Aden.

The economic and political consequences of the Covid-19 pandemic could exacerbate piracy, according to Captain Andrew Kinsey, Senior Marine Risk Consultant at AGCS. “Piracy is tied to underlying social, political and economic problems, which could deteriorate further with the impact of Covid-19. We may yet see recent piracy hotspots like Somalia re-emerge, in addition to the tragedy we already see in West Africa,” says Kinsey. 

[1] International Maritime Bureau, Gulf of Guinea remains world’s piracy hotspot in 2021, according to IMB’s latest figures, April 14, 2021
[2] International Maritime Bureau, Latest Gulf of Guinea piracy attack alarming, warns IMB
[3] International Maritime Bureau, Piracy and armed robbery incidents at lowest level in 27 years, but risks remain to seafarers, IMB cautions, July 12, 2021
[4] Global Trade Review, Piracy in Gulf of Guinea poses “serious” trade threat, February 17, 2021

Photo: Adobe Stock

The crippling ransomware attack against the Colonial oil pipeline in the US in May 2021 should be a wake-up call for the maritime industry. As a critical part of the global supply chain, the shipping industry could become an attractive target for cyber criminals and politically motivated attacks. 

The 9,000km-long Colonial Pipeline, which connects some 30 oil refineries and nearly 300 fuel distribution terminals, was brought down by a cyber attack which resulted in petrol shortages across the eastern US. The company paid a $4.4mn [5] ransomware demand to hacking group DarkSide in return for getting its systems back online.

The attack has far-reaching implications for critical industries, including shipping. Not only did it reveal weaknesses in cyber security, but also the attractiveness of critical infrastructure to cyber criminals and nation states. Given its perceived success, the attack could encourage similar attacks, and result in tougher cyber security requirements and higher penalties for critical service providers.

Ransomware has become a global problem. All four of the world’s largest shipping companies have been hit by cyber attacks, including the Mediterranean Shipping Company (MSC), which suffered a network outage in April 2020 from a malware attack, and CMA CGM SA, which was hit with a ransomware attack in September 2020. Even the IMO was recently targeted by a cyber attack, forcing some of its services offline.

According to security services provider BlueVoyant [6], shipping and logistics firms in 2020 experienced three times as many ransomware attacks last year as in 2019. A spike in malware, ransomware, and phishing emails during the pandemic helped drive a 400% increase in attempted cyber attacks against shipping companies through the first months of 2020.

“To date, most cyber incidents in the shipping industry have been shore-based, including ransomware and malware attacks against shipping companies and ports,” says Captain Nitin Chopra, Senior Marine Risk Consultant at AGCS. “But with growing connectivity of shipping, and with the concept of autonomous shipping, cyber will become a more important exposure that will require more detailed risk assessment going forward.”

The shipping community has grown more alert to cyber risk over the past couple of years, in particular in the wake of the 2017 NotPetya malware attack that crippled ports, terminals and cargo handling operations. However, reporting of incidents is still uncommon as owners fear reputational risk and delays from investigations. Meanwhile, cyber security regulation for ships and ports has been increasing. In January 2021, the International Maritime Organization’s (IMO) Resolution MSC.428(98) came into effect, requiring cyber risks to be addressed in safety management systems. The EU’s Network and Information Systems Directive also extends to ports and shipping.

Increased awareness has translated into an increased uptake of cyber insurance by shipping companies, although mostly for shore-based operations, according to Justus Heinrich, Global Product Leader Marine Hull at AGCS.

“However, the threat to vessels is growing as more and more ships are linked to onshore systems for navigation and performance management. Smart ships are coming, and we would expect demand for insurance to develop accordingly,” says Heinrich.

Geopolitical conflict is increasingly played out in cyber space, as illustrated by spoofing attacks on ships. Recent years have seen a growing number of GPS spoofing incidents, particularly in the Middle East and China, which can cause vessels to believe they are in a different position than they actually are, while concerns have been growing for a potential cyber attack on critical maritime infrastructure, such a major port or shipping route.

“From a hull perspective, the worst-case scenario is a terrorist attack or nation state group targeting shipping in a bid to inflict damage or major disruption to trade, such as blocking a major shipping route or port. While this would seem a remote possibility, it is a scenario we need to understand and monitor,” says Chopra.

“Although an accident, the recent blockage of the Suez Canal by the ultra-large vessel Ever Given is an eye-opener on many fronts as it shows the disruption a momentary loss of propulsion or steering failure on a vessel navigating a narrow waterway can cause.”

[5] Reuters, Colonial Pipeline CEO acknowledges paying hackers to restore pipeline, May 19, 2021
[6] BlueVoyant, Cyber Security And Attacks In The Logistics Industry

Photo: Adobe Stock

The burden of international sanctions continues to rise, posing both a compliance and safety risk, as a growing number of vessels turn off transponders to avoid detection. 

The use of trade sanctions continues to grow. A myriad of US, EU and national sanctions currently target government agencies, individuals and commercial operators in countries like Iran, Russia, Venezuela and China. Increasingly, sanctions are targeting the sectors that facilitate trade, including shipping companies, their financiers and insurers.

Sanctions are a growing issue for the shipping industry and for insurers, according to Justus Heinrich, Global Product Leader Marine Hull at AGCS. “They pose a significant compliance burden. As a result of sanctions, we need to ask more and more questions of our clients,” says Heinrich.

Sanctions regimes in Iran and Venezuela, for example, have expanded to include the energy and shipping industry. Earlier this year, the US blacklisted [7] 14 largely European companies and six tankers over alleged involvement in the trade of Venezuelan crude oil [8]. Last year, the US sanctioned a number [9] of shipping companies in Hong Kong for their dealings with Iran.

In a worrying development, some vessels have been switching off Automatic Identification Systems (AIS) as they seek to hide their location and defy US sanctions. In April, the US seized a Cameroon-flagged oil tanker [10] for evading the country’s sanctions on trade with North Korea. The vessel, which had engaged in a ship-to-ship transfer of more than $1.5m worth of oil to a North Korean ship, had stopped transmitting location information in a bid to avoid detection.

“It is unfortunate to see that AIS is being used for sanction enforcement,” says Kinsey. "It was introduced to make navigation of the seas safer, but now we see it is being used to track vessels. As a result, some ships have disabled AIS, which could obviously have a detrimental impact on maritime safety, given the potential for a serious incident to occur, such as a collision.”

[7] S&P Global Platts, US sanctions European oil traders, tankers for violating Venezuelan crude oil sanctions, January 19, 2021
[8] Reuters, US blacklists oil traders, tankers for undermining Venezuela sanctions, January 19, 2021
[9] Marine Log, Hong Kong shipping companies hit with US sanctions, October 20, 2020
[10] US Government Seizes Oil Tanker Used To Violate US And UN Sanctions Against North Korea, April 23, 2021.

Photo: Adobe Stock

Keep up to date on all news and insights from Allianz Commercial