The global supply chain is heavily reliant on maritime transportation with more than 90% of world trade carried out by the shipping industry. Nowadays, more and more ships are using advanced Information Technology (IT) including electronic Operational Technology (OT) systems, and are connected to the internet more than ever before. Due to the rapid digitalizing progress of the maritime industry, not only ships and sea ports but also offshore installations are at risk as drilling rigs are now far more connected to shore-based systems making them more vulnerable to cyber-attacks.

A report published by Lloyd’s of London indicated that a single cyber-attack on major ports across Asia-Pacific could cost $110 billion in losses.  Due to the nature of the interconnected global maritime supply chain, a disruption at major ports in the Asia Pacific may result in economic losses worldwide.

There have been several reported cyber-attacks against ships and ports globally including the 2017 Maersk NotPetya cyber-attack , the Indian Jawaharlal Nehru Port Terminal cyber-attack in 2022 Japan’s Nagoya Port ransomware attack in 2023 , and the DP World attack which affected ports operations in Australia in four different locations.

Malaysia is a littoral State to the Straits of Malacca, which is not only the major sea line of communication but also a vital artery in the world’s supply chain, energy security, and connectivity. About 90 thousand ships annually or nearly 200 ships every day pass through the Strait of Malacca,  with the majority of them being oil tankers. The disruptions to the safety of navigation using cyber-attacks against ships passing through the Straits of Malacca may create another unfortunate incident like the Suez Canal blockage where the stranded ship was holding up an estimated $9.6bn of trade for every day it was stuck.

In addition, Malaysia is home to some of the World’s busiest ports in the World including port Klang and the Port of Tanjung Pelepas.

In responding to maritime cyber threats, a comprehensive legal and regulatory framework, systematic risk management and a highly coordinated approach among the multi-stakeholders from private and public sectors are crucially important.

Therefore, it is suggested that Malaysia take proactive action in establishing a comprehensive national maritime security strategy that also recognizes the urgency of establishing a legal and risk management framework in dealing with maritime cyber threats.


* Dr Su Wai Mon, Senior Lecturer at the Faculty of Law, University of Malaya.

** The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the position of Astro AWANI.