By Dr. Rebekah Tanti-Dougall LL.B. LL.M. (IMLI) LL.D
Maritime security is of utmost importance and the industry is constantly updating its security measures to ensure the safety and security of vessels and port facilities; however there is an insufficient consideration of cyber security in maritime regulation. This article discusses the criminalization of cyberncrime and terrorism in maritime law.
The new threat of cyber terrorism poses a great risk as a result of the increased dependency upon information technology by the maritime industry. As a result, terrorists have the opportunity to resort to such measures, and such a threat has been referred to as a 'cyber-Pearl Harbor.' Furthermore, the awareness of the maritime industry to the threat of cyber terrorism has been deemed to be 'low to non-existent.' Therefore, since various maritime activities rely significantly on the effectiveness and accuracy of information technology and computer data, any disruption thereof or any interference therewith may lead to disastrous consequences. Consequently, there is an imminent need for the maritime industry to ensure that potential cyber attacks are prevented and that an adequate legal framework is in place to ensure the criminalization of any acts by cyber terrorists.
In this regard, it is important to note that although the IMO has not yet established a legal framework to combat cyber terrorism, it has recognized the threat in its approach adopted in the 'IMO Reservation and Guidelines for Implementation of the Athens Convention,' where the possibility of a cyber attack against a vessel is directly referred to as a defence for insurance companies.
One must distinguish between the acts of 'cyber crime,' 'cyber terrorism' and 'hacktivism.' Hacktivism is conceptually distinct from cyber terrorism; although it refers to acts of unauthorized digital intrusion to express a political agenda, such acts do not intend to create intimidation or fear as is intended in cyber terrorism and are non-violent in nature. On the other hand, cyber crime has been described as 'computer related crime', referring to crimes committed through a computer. From the differences elicited, one may therefore conclude that hacktivism and computer crime do not require the specific intent as is present in the act of cyber terrorism. Also, the end result in cyber terrorism is more serious and damaging than in hacktivism and cyber crime.
A widely accepted definition of cyber terrorism is provided by Professor Dorothy E. Denning, who defines it as an 'unlawful attack' against computer networks, to cause violence against persons or property, and as a result, to coerce a government. In addition, it must be carried out against an essential and critical infrastructure, which would result in a great impact; attacks that would merely disrupt non-essential services would therefore not be referred to as an act of cyber terrorism. With the increase in the use and dependency upon information technology, cyber terrorism may be the next method of attack adopted by a terrorist.
Moreover, it is important to consider that when analyzing the modus operandi of cyber terrorism, it has various advantages over traditional terrorism. Primarily, the physical presence of the terrorist is not required and a terrorist may perform the act in the comfort of his own house. This is because 'no matter where they physically reside, the internet provides an inexpensive tool for destruction.' The only things required are 'a good computer and hacking skills that exceed his opponent's.'
Cyber terrorism also provides the cyber terrorist with anonymity, as it would be very difficult for security agencies to identify the terrorists' real identity. Furthermore, the number of targets is unlimited, and may include governments and public utilities, such as transport systems, without the need to overcome physical security barriers and security personnel. Moreover, since there exist several vulnerabilities in the software system, these could easily be exploited by cyber terrorists.
Rebekah Tanti-Dougall, LL.B., LL.M. (IMLI), LL.D [email@example.com] is an Associate at Advocates, Tanti-Dougall & Associates, based in Valletta, Malta [www.tdlegal.com]. The legal services offered by Tanti-Dougall & Associates, Advocates address a wide range of practice areas including corporate and tax advisory services, yacht, shipping and aircraft registration, occupational health & safety services with relative risk assessments, airport safety & security including applicable emergency plan, personal separations, divorces, annulments and adoptions, debt collecting, employment and industrial relations, competition, intellectual property, film industry, i-gaming, real estate, travel and tourism, mediation as alternative dispute resolution as well as litigation before the local Courts of Law and Administrative Tribunals, the European Court of Human Rights and the European Commission.
Sign in with your Lexis.com ID to access the full text of this commentary, Cyber Terrorism: A New Threat Against The Maritime Industry. Additional fees may be incurred. (approx. 20 pages)
If you do not have a lexis.com ID, you can purchase the full text of this commentary on the LexisNexis Store.
For more information about LexisNexis products and solutions connect with us through our corporate site