Cyber Insurance on the Edge: Was the Baltimore Bridge Incident a Cyber Attack?

‍

The recent collapse of the Francis Scott Key Bridge in Baltimore has led to a significant response effort and is expected to have substantial legal and financial repercussions for the marine market. But one question that is still in the air is whether there was any cyber attack behind this incident. While the investigation is still ongoing, a cyber attack of that scale on critical infrastructure could make cyber insurers think through how to modify their coverage for outsized events like this.

‍

What Happened in Baltimore?

‍

The reason for the ship's collision with the Francis Scott Key Bridge in Baltimore on March 26, 2024, was a power outage onboard the container ship, according to Clay Diamond, executive director and general counsel of the American Pilots' Association.

‍

The Singapore-registered vessel, named the Dali, underwent a "complete blackout" at approximately 1:20am (05:20 GMT), which caused it to lose engine power and electrical power. The local pilot, not the crew, was guiding the ship at the time of the accident.

‍

The pilot immediately ordered the rudder hard to port to keep the ship from turning right and ordered the port anchor be dropped. However, the collision with one of the bridge's piers ultimately led to the collapse of the bridge's midsection into the river below.

‍

Post-Incident Overview

‍

Search and Rescue Efforts: Following the bridge collapse, multiple vehicles were submerged in the Patapsco River, prompting immediate search and rescue operations.

‍

Implications for Insurers: The event is set to initiate considerable legal disputes and insurance claims, particularly affecting major reinsurers.

‍

Financial Impact

‍

Claims Predictions: John Miklus from the American Institute of Marine Underwriters (AIMU) predicts that the incident could lead to one of the largest claims in marine insurance history.

‍

Cost Elements: Key financial concerns include the costs of bridge reconstruction, lost toll revenue, and potential liability claims due to the loss of life and supply chain disruptions.

‍

Comparative Analysis

‍

Historical Context: The scale and potential cost of the incident are compared to the significant financial impact of the Costa Concordia disaster, which drove a marine insurance loss of $1.5 billion.

‍

Legal and Insurance Responses

‍

Corporate Statements: Maersk, the company associated with the vessel involved in the incident, has issued a statement expressing condolences and confirming their cooperation with authorities.

‍

Insurance Involvement: The vessel was insured through Britannia, with additional details on the reinsurance coverage provided by the International Group of P&I Clubs.

‍

Market Implications

‍

Reinsurance Concerns: The incident is highlighted as a potential factor in the availability of reinsurance, as discussed by Matilde Jakobsen of AM.

‍

Port Closure: The closure of the Port of Baltimore has immediate effects on maritime traffic and logistics, underlining the incident's wider market implications.

‍

Reconstruction and Costs

‍

Rebuilding Efforts: The projected costs for rebuilding the bridge are significantly higher than initial estimates, emphasizing the urgent nature of the reconstruction.

‍

Insurance Implications: The accident is expected to have widespread implications for the insurance industry, affecting shipping companies and maritime authorities.

‍

Historical Significance and Ongoing Operations

‍

Comparison with Past Disasters: The incident joins a list of notable marine disasters in the U.S., illustrating the range of potential economic impacts.

‍

Current Status: Ongoing search-and-rescue operations and the continued assessment of the incident's broader implications are being closely monitored.

‍

Was it a Cyber Attack?

‍

It is currently unknown if the ship suffered a cyber attack. While some social media users have speculated about the possibility, there is no confirmed evidence to support this claim. The cause of the power outage on the ship is still under investigation.

‍

A ship can technically lose power due to a cyber attack. Modern ships rely heavily on electronic systems for navigation, propulsion, and other critical functions. If these systems are compromised by a cyber attack, it could result in a loss of power or other serious consequences.

‍

In 2017, the shipping giant Maersk suffered a cyber attack that caused significant disruption to its operations, including the loss of power on some of its vessels. The attack, which was attributed to a piece of malware called NotPetya, caused the company to lose control of its computer systems, resulting in a loss of power on some of its ships.

‍

While the loss of power in the recent incident in Baltimore has not been confirmed to be the result of a cyber attack, it is technically possible for a cyber attack to cause a loss of power on a ship.

‍

How the Cyber Attacked Could Have Happened?

‍

A cyber attack on a ship can be carried out through various methods, targeting different vulnerabilities in the ship's systems. Here are some of the ways a cyber attack can be executed:

‍

Phishing and Social Engineering: Attackers can use phishing emails or social engineering techniques to trick crew members into revealing sensitive information, such as login credentials, which can then be used to access the ship's systems.

‍

Exploiting Software Vulnerabilities: Ships rely on various software systems for navigation, propulsion, and communication. If these systems have unpatched vulnerabilities or outdated software, attackers can exploit these weaknesses to gain unauthorized access or disrupt the ship's operations.

‍

Compromising Remote Access: Many ships use remote access systems to allow shore-based personnel to monitor and control onboard systems. If these remote access systems are not properly secured, attackers can exploit them to gain access to the ship's systems.

‍

Targeting Operational Technology: Ships rely on various operational technology systems, such as the Electronic Chart Display and Information System (ECDIS), Automatic Identification System (AIS), and Global Positioning System (GPS). If these systems are not properly secured, attackers can target them to disrupt navigation, communication, and other critical functions.

‍

Physical Access: An attacker can gain physical access to a ship's systems by posing as a crew member, contractor, or visitor. Once onboard, they can install malware, modify system configurations, or steal sensitive information.

‍

To mitigate the risk of a cyber attack on a ship, it is essential to implement strong cybersecurity measures, such as regular software updates, strong access controls, employee training, and network segmentation.

‍

Implications for Cyber Insurance

‍

If the ship's power outage in Baltimore were a cyber attack, it could have significant implications for cyber insurance. Cyber insurance is a relatively new form of insurance that is designed to protect businesses and individuals from the financial losses that can result from cyber attacks.

‍

In this case, if it were determined that the power outage was caused by a cyber attack, it could lead to a claim being made against the cyber insurance policy of the company operating the ship (if any at all). The insurance company would then need to assess the validity of the claim and determine the extent of the damages.

‍

The incident could also lead to increased scrutiny of the cyber insurance industry, with questions being raised about the coverage and protection that these policies offer. It may also lead to changes in the way that cyber insurance policies are written and priced, with insurers taking into account the potential for cyber attacks on critical infrastructure such as ships.

‍

Overall, if the ship's power outage in Baltimore were a cyber attack, it could have far-reaching implications for the cyber insurance industry and for the way that businesses and individuals think about cyber risks.