Cyber Risks on Autonomous Ships and Challenges in the International Law of the Sea

In recent years, autonomous ships have been one of the burning issues in the maritime sector. The projects currently being carried out regarding autonomous ships create great excitement around the world. As a matter of fact, autonomous ships have several advantages in commercial activities, such as operational and crew-related cost savings and low risk in perilous environments. For this very reason, they will most likely have a permanent role in world maritime trade. On the other hand, it could be stated that they have some drawbacks that cannot be ignored, new vulnerabilities related to information technologies in particular. There exist some reasons to speculate that autonomous ships might be primary targets for cybercrim- inals. First of all, integrated information technology and operational technology systems will be the backbone of remote and autonomous operations. Another reason is that even ensuring whether the au- tonomous vessel is secure will depend on data produced by the sensors or received from maritime support systems including GPS and AIS, which can be exposed to leading or following cyberattacks. In addition, it can be claimed that high-speed internet, which will be used by a shore centre to gather data from autonomous ships without delay, will serve the purpose of criminals to hack the system in a shorter time. Last but not least, in case of a cyberattack, autonomous ships will not have an onboard crew to protect and rectify the ship. Thus, these new ships might bring new players to the scene with the thought that autonomous technologies are more vulnerable targets. Considering all these, cyber risks on autonomous ships spark a wide range of legal issues. On this matter, the first question is whether the international law of the sea is capable of accommodating the cyber vulnerabilities of autonomous ships. This begs the question of whether these acts amount to piracy in the context of the United Nations Convention on Law of the Sea. A further issue involves whether the 1988 and 2005 Conventions for the Suppression of Unlawful Acts against the Safety of Maritime Navigation can resolve the challenges related to autono- mous ships. This paper provides, firstly, background information about autonomous ships and the dispute on the legal definition and classification of autonomous ships. After discussing the differences between traditional and autonomous ships in terms of cyber vulnerabilities, it canvasses the possible challenges over the course of cyberattacks on autonomous ships. Then, it analyses the legal issues originating from those threats in the context of the law of the sea. Finally, it reflects whether there is a need for new regu- lations or amendments in existing laws to combat emerging cyber threats related to autonomous ships.