DNV-023年海事网络优先事项：在互联互通时代保持安全（英）-2023

MARITIMECYBERPRIORITY2023Stayingsecureinaneraof

connectivityDNV

MaritimeCyberPriority2023ABOUT

THISRESEARCHABOUT

THIS

RESEARCHThis

report

is

published

by

DNV,

the

world’s

leading

classification

societyand

a

recognized

advisor

for

the

maritime

industry.

It

is

part

of

DNV’sCyber

Priority

research

exploring

changing

attitudes

and

approaches

tocyber

security

in

key

industrial

sectors.801

72

70

%

11maritimeprofessionalssurveyedcountriessupport,

developoroperateoperationaltechnologyin-depthinterviewswithindustryleadersrepresentedThis

is

DNV’s

first

dedicated

Maritime

Cyber

Priorityreport.

It

is

published

alongside

our

Energy

CyberPriority

2023

report1.partnership

with

FT

Longitude

(a

Financial

Times

company).Fieldwork

was

conducted

between

March

and

April2023.

Survey

respondents

represent

a

range

offunctions

within

the

industry,

including

those

within-depth

knowledge

of

cyber

security

along

withgeneral

managers

and

C-suite

executives.The

research

draws

on

a

survey

of

801

maritimeprofessionals

along

with

a

number

of

in-depth

interviewswith

leaders

and

experts.

It

was

developed

by

DNV

inSURVEY

DEMOGRAPHICSWe

thank

our

survey

respondents

from

across

the

maritime

industry.ACKNOWLEDGEMENTSSectorAnnual

revenue

of

organization8%We

would

like

to

thank

the

following

intervieweesfor

their

time

and

insight:Kelly

Malynn,

Product

Leader

Cyber

Physical

DamageUnderwriting,

BeazleyPassenger

transportationFreight

and

transportationIndustry

services19%Less

than

$50mUS50m

-

$99m24%26%39%7%US$100m

-

$499mUS$500m

-

$999mUS$1bn

-

$4.9bnUS$5bn

-

$9.9bnUS$10bn

or

moreWayne

Arguin,

Assistant

Commandantfor

Prevention

Policy,

US

Coast

GuardPaul

Meyer,

CIO

+

Managing

Directorof

the

AI

lab

of

MEYER

Group,

Meyer

Werft8%7%Offshore

operators

andproduction14%Regulation

and

adminShipbuilding

and

repair4%3%Peter

Aylott,

Director

of

Policy,

UK

Chamber

of

ShippingCommander

Monte,

Bundeswehr

(German

Navy)29%8%6%Don't

know/not

applicableJalal

Bouhdada,

Global

Segment

Director,Stefan

Nysjö,

Vice

President

PowerCyber

Security,

DNVSupply

-

Marine

Power,

WärtsiläSvante

Einarsson,

Head

of

Maritime

CyberDr.

Phanthian

Zuesongdham,

Head

of

Division

PortSecurity

Advisory,

DNVProcess

Solution,

Hamburg

Port

Authority

(HPA)RegionSenioritySean

Gray,

Electrical

and

ElectronicsSuperintendent,

Stena

DrillingThe

Group

CIO

of

a

global

energy

infrastructure

andtechnology

company4%15%9%20%C-suite

executive(or

equivalent)EuropeAsia

PacificC-1

(report

directly

toC-suite)Americas27%Middle

East

and

Africa60%33%C-2

(boss

reportsdirectly

to

C-suite)33%All

other

levels

andreporting

lines1Energy

Cyber

Priority

2023,

DNV23DNV

MaritimeCyberPriority2023CONTENTSCONTENTS1Cyber

security

is

a

growing

maritime

riskOT

vs

IT:

The

two

sides

of

the

threatIndustry

recognises

safety

risk,710but

business

risks

still

the

priorityConnectivity

is

unlocking

bold

ambitionsand

new

vulnerabilities121416Profile

of

adversaries

is

broadening23Industry

responding,

but

not

fully

preparedfor

the

threatCyber

resilience

remains

a

complex

taskMany

factors

driving

investment

and

focuson

cyber

security192224Five

key

challenges

facing

the

sector272828323536Investment

is

lagging

behind

what

is

neededQuestions

about

the

effectiveness

of

regulationAgeing

assets

and

supply

chain

vulnerabilitiesKnowledge

silos

are

holding

back

maturityTalent

shortages

and

workforce

vulnerabilities4Recommendations4145DNV

MaritimeCyberPriority2023Cyber

security

is

agrowing

maritime

risk

CHAPTER11CYBER

SECURITYISA

GROWINGMARITIME

RISK67DNV

MaritimeCyberPriority2023Cyber

security

is

agrowing

maritime

risk

CHAPTER11

CYBER

SECURITY

ISA

GROWING

MARITIME

RISKMaritime

professionals

expect

disruptive

incidents

in

the

coming

years,including

impacts

as

serious

as

the

closure

of

major

ports

and

waterways.The

‘NotPetya’

attack

on

Maersk

represented

a

step-change

in

awareness

about

the

severity

of

the

cyberthreat

facing

today’s

maritime

sector.offline4,5.

DNV

experienced

a

ransomware

cyber-attackon

the

servers

of

its

ShipManager

software

in

January2023industry

such

as

the

International

Maritime

Organization(IMO)

have

also

been

targeted.

The

Port

of

Los

Angeles6,

and

other

organizations

serving

the

maritimeIt

started

one

morning

when

Maersk’s

employeesbegan

receiving

strange

messages

on

their

laptops

–warning

them

that

their

files

had

been

encrypted

andcould

only

be

unlocked

with

a

bitcoin

payment

worth$300.

Two

hours

later,

the

company’s

entire

globalnetwork

had

been

disconnected.

Maersk

was

unable

toprocess

shipping

orders

until

its

systems

were

restored,freezing

revenue

from

its

container

line

business

and7recently

announced

that

it

records

twice

as

manyattacks

as

it

did

just

a

few

years

ago

and

must

nowcontend

with

40

million

ransomware,

malware

andspear-phishing

incidents

each

month

.8Although

events

like

these

cause

significant

financialand

reputational

damage,

arguably

they

don’t

comeclose

to

being

a

worst-case

scenario

for

a

cyber

incidentin

the

sector

today.

DNV’s

new

survey

of

801

maritimeprofessionals,

carried

out

between

March

and

April2023,

suggests

that

cyber-attacks

could

further

disruptglobal

shipping

and

are

even

likely

to

threaten

physicalhealth

and

safety.contributing

to

a

total

loss

of

some

$300

million2,3.Since

this

incident

in

2017,shipping

majors

like

Cosco,MSC

and

CMA

CGM

have

all

experienced

high-profileattacks,

with

a

flurry

of

incidents

in

the

early

2020staking

e-commerce

platforms

and

vital

data

centresMaritime

professionals

expect

serious

outcomes

from

cyber

in

the

near

futureDisruptionof

shipand/of

fleetoperationsTheftof

property/cargo90%79%76%76%72%68%60%56%8%2%3%3%3%4%2%2%4%18%21%21%24%30%Damagetoport/cargo-handlinginfrastructureClosureof

amajorportorstrategicwaterwayHarmtotheenvironmentAccording

to

our

research,

more

than

six

in

10

industryprofessionals

expect

cyber-attacks

to

cause

ship

collisions(60%)

and

groundings

(68%)

within

the

next

few

years.More

than

three-quarters

(76%)

believe

a

cyber

incident

islikely

to

force

the

closure

of

a

strategic

waterway.

As

wesaw

during

the

blockage

of

the

Suez

Canal

in

2021,

sucha

closure

can

cause

a

global

supply

shock

–

in

this

caseholding

up

some

$10bn

worth

of

cargo

every

day

.9A

groundedvesselorvesselsShipcollision37%40%Physicalinjuryorlossof

life2The

Untold

Story

of

NotPetya,

the

Most

Devastating

Cyberattack

in

History,

Wired3The

Cost

of

a

Malware

Infection?

For

Maersk,

$300

Million,

Digital

Guardian4MSC

confirms

malware

attack

caused

website

outage,

Seatrade

MaritimeLikelyUnlikelyDon’t

know5020406080100CMA

CGM

targeted

by

hackers

in

new

cyber

attack,

Offshore

Energy6Cyber-attack

on

ShipManager

servers,

DNV7IMO

hit

by

cyber

attack,

Seatrade

Maritime8Cyber-attacks

on

Port

of

Los

Angeles

have

doubled

since

pandemic,

BBC9In

Suez

Canal,

Stuck

Ship

Is

a

Warning

About

Excessive

Globalization,

New

York

TimesQ:

How

likely

is

it

that

cyber-attacks

in

the

maritime

industry,

within

the

next

one

or

two

years,

could

result

in

the

following

outcomes?Percentages

reflect

likely/unlikely

(i.e.

moderately

+

highly

likely,

and

moderately

+

highly

unlikely).89DNV

MaritimeCyberPriority2023Cyber

security

is

agrowing

maritime

risk

CHAPTER1OT

VS

IT:

THE

TWO

SIDES

OF

THE

THREATconnected

networks.

This

air

gap

is

now

closing

asindustry

assets

and

infrastructure

become

morenetworked

and

connected.

In

turn,

the

attack

surface

iswidening

as

potentially

vulnerable

protocols,

interfacesand

communications

channels

come

on

stream.IT

security

related

impacts

dominate

industry

concernsGrowing

concern

about

the

severity

of

cyber-attacksreflects

an

expansion

in

the

kinds

of

technologysystems

that

are

vulnerable

to

infiltration.Disruptionof

service/operationsLostorcorrupteddata56%Whereas

maritime

companies

have,

for

severaldecades,

been

safeguarding

their

data

and

the

ITenvironments

in

which

that

data

is

stored

and

transferred,the

cyber

security

of

their

operational

technology

(OT)–

which

governs

physical

assets

including

sensors,switches,

safety

and

navigation

systems,

and

vessels

–has

been

less

of

a

priority.In

April

2023,

an

attack

on

the

industrial

control

systemsof

Fincantieri

Marine

Group

–

a

shipbuilder

with

tiesto

the

US

government

–

left

critical

manufacturingequipment

unusable10.

The

Port

of

Antwerp

experiencedattacks

on

its

oil

terminals

in

2022,

affecting

the

unloading53%Reputationaldamage(potentiallyleadingtoterminationof

commercialorcustomerrelationships)48%Financiallosses(includingtheft,

lostopportunities,

etc.)Customerdatatheft43%37%of

barges

at

the

height

of

an

energy

crisis

in

Europe11.Failureof

automationsystems(i.e.,

resortingtomanualcontrol)33%31%Although

attacks

on

IT

environments

can

and

dodisrupt

normal

shipping

operations,

as

was

the

caseduring

the

NotPetya

incident,

it

is

through

directattacks

on

OT

that

the

greatest

threat

to

physical

safetyand

infrastructure

becomes

possible.IntellectualpropertytheftOne

reason

for

this

is

that,

until

relatively

recently,operational

systems,

particularly

aboard

vessels,

werenot

connected

to

wider

IT

environments,

meaning

thatOT

was

protected

by

an

air

gap

that

insulated

it

fromDamagetoequipment,

machines,

buildings,vessels,

orinfrastructure29%LossesviaextortionorransomPhysicalsafetyincidents,

injuries,

anddeathsLossof

controlof

physicalassets26%20%19%19%16%EnvironmentaldamageorcontaminationFinancialpenalties(includingregulatory/legislativefines,

sanctions,

etc)Q:

Thinkingaboutthepotentialimpactthatacyber-attackcouldhaveonyourorganization,

whichof

thefollowingconsequencesdoyouthinkarethemostconcerning–intermsof

theirseveritycombinedwiththeirchanceof

happening?As

well

as

enabling

threat

actors

to

demand

ransom,

stealintelligence

and

cause

widespread

disruption

–

whichhackers

can

also

achieve

by

breaching

IT

networks

–attacks

on

OT

systems

can

disable

assets

or

safetycontrols.

Indeed,

56%

of

maritime

professionals

expectcyber-attacks

to

cause

physical

injury

or

death

in

theindustry

within

the

next

few

years.In

terms

of

the

impact

of

attacks,

factors

relating

to

bothIT

and

OT

threats

–

like

disruption

to

operations,

financialloss,

and

reputational

damage

–

are

of

greatest

concern

tomaritime

professionals.

However,

concerns

about

impactsrelating

to

the

IT

environment,

such

as

loss

of

data,

comefar

ahead

of

outcomes

that

are

exclusive

to

OT

attacks,including

physical

safety

incidents

and

loss

of

control

ofphysical

assets.

This

suggests

it

is

still

IT

cyber-attacks,

notOT

attacks,

that

are

top

of

mind

in

the

industry.Paul

Meyer,

the

Chief

Information

Officer

of

shipbuilderMeyer

Werft

in

Germany,

says

OT-related

cyber

risksare

increasingly

front

of

mind

for

shipping

companies.“Ship

systems

are

being

increasingly

connected

with

theoutside

world,“

says

Jalal

Bouhdada,

Global

SegmentDirector,

Cyber

Security,

DNV.

“This

brings

manybenefits,

but

it

also

means

cyber-attacks

on

vesselssystems

are

likely

to

have

a

greater

impact

in

the

future.”“The

priority

is

always

to

make

sure

that

the

ship

sailssafely,

but

it

might

not

even

be

manoeuvrable

if

boththe

IT

and

OT

systems

were

compromised,”

he

says.10

US

Navy

Contractor

Fincantieri

Marine

Group

Hit

by

Cyber-Attack,

Infosecurity11

Major

European

ports

hit

by

cyberattack,

Port

Technology

International1011DNV

MaritimeCyberPriority2023Cyber

security

is

agrowing

maritime

risk

CHAPTER1INDUSTRY

RECOGNIZES

SAFETY

RISK,BUT

BUSINESS

RISKS

ARE

STILL

THE

PRIORITYinvestment

by

56%

of

maritime

professionals,

arestill

less

likely

to

unlock

budgets

than

financial

andreputational

damage

(84%)

or

regulatory

stipulations(84%).A

clear

majority

of

maritime

professionals

believe

thatcyber

security

risks

are

considered

as

important

ashealth

and

safety

risks

in

their

industry.“Acharter’s

vetting

inspection

of

a

ship

will

look

at

safetyand,

these

days,

at

its

carbon

footprint,”

Aylott

says.“It

won't

look

necessarily

at

the

risk

of

an

ICT

incident,but

I

think

we

are

getting

towards

the

place

where

thatwill

need

to

be

carried

out.”Our

assessment

is,

however,

that

there

is

still

a

gap

inmaturity

in

how

the

industry

manages

the

two

risks

inpractice,

with

cyber

security

having

significant

room

forimprovement

before

it

could

be

said

to

be

treated

asseriously

as

physical

health

and

safety.

Maritimebusinesses

are

committed

in

principle

to

improving

thesecurity

of

their

OT

systems,

and

thereby

minimizingthe

risk

of

cyber-related

safety

incidents,

but

theiractions

and

priorities

–

with

respect

to

regulations,workforce

and

investment

–

suggest

they

are

still

morefocused

on

the

IT

rather

than

the

OT

side

of

cybersecurity,

and

on

its

business

risk

rather

than

its

safetyrisk

implications.Moreover,

despite

the

effort

they

are

putting

intosecuring

OT

systems

–

in

recognition

that

a

cyber-attackmay

lead

to

a

safety

incident

in

the

future

–

maritimeprofessionals

will

inevitably

give

greater

priority

in

theshort

term

to

an

immediate

physical

safety

risk.Sean

Gray

at

Stena

Drilling

explains

that

there

can

evenbe

a

conflict

between

implementing

cyber-securityupgrades

to

OT

and

maintaining

safety

principles

onsite.At

the

UK

Chamber

of

Shipping,

Peter

Aylott

suggeststhat

safety

risk

is

likely

to

remain

a

higher

priority

thancyber

risk

until

charters

apply

more

scrutiny

to

thecyber

resilience

of

vessels

and

other

maritimeinfrastructure.

This

aligns

with

our

finding

that

charterrequirements,

although

seen

as

drivers

of

cyber“Someone

in

IT

would

consider

it

sacrilege

to

skip

asecurity

update

to

their

laptop,

but

that

is

not

practicalon

a

control

system

running

safety-critical

software,”

hesays.

“We've

all

had

updates

that

stop

a

computer

fromworking,

and

we

can’t

risk

a

similar

effect

on

a

blowoutpreventer

or

other

control

system.”Cyber

securityarising

business

concern,

but

cyber

regulation

isalower

priority85%83%79%76%71%Total66%66%64%61%60%AmericasAsia

PacificEurope59%53%Cybersecurityrisksinthemaritimeindustryare

increasinglyconsideredtobeasimportantashealthandsafetyrisksCybersecurityisahighpriorityforthemostseniorleadersatmyorganizationCybersecurityregulationisgenerallyseenasalowerprioritythanotherregulationsthatgovernamaritimeorganizationTo

what

extentdoyouagree

ordisagreewiththefollowing?Percentages

reflect

netagreement(i.e.

moderately

+

stronglyagree)1213DNV

MaritimeCyberPriority2023Cyber

security

is

agrowing

maritime

risk

CHAPTER1ConnectivityisunlockingboldambitionsandnewvulnerabilitiesAdvances

in

digital

and

connected

technologies

areenabling

a

greener,

safer

and

more

efficient

globalshipping

network.

In

an

increasingly

competitiveindustry,

these

tools

represent

a

major

opportunityfor

maritime

companies.The

upshot

of

these

developments

is

that

maritimebusinesses

today

face

a

choice

between

connecting

theirassets

and

infrastructure

at

pace

or

potentially

under-performing

relative

to

their

peers

on

several

key

metrics.“Governments,

regulatory

bodies,

andclients

are

all

forcing

us

into

the

world

ofdigitalization

to

connect

control

systemsfor

real-time

monitoring.“Every

ship

owner

is

looking

to

optimize

and

run

theirships

more

efficiently,

without

having

to

go

in

and

replacemajor

gear,”

says

Wayne

Arguin,

Assistant

CommandantforPrevention

Policy

for

the

US

Coast

Guard.

“To

maximizethe

return

on

investment,

to

improve

efficiency

andeffectiveness,

you

use

real-time

information

that

isbroadcast

directly

from

ships.

If

you

closed

thosecommunications

doors

to

prevent

vulnerabilities,

you’dbe

putting

yourself

at

a

competitive

disadvantage.”In

our

research,

85%

of

maritime

professionals

believethat

connected

technologies

are

helping

the

industryreduce

emissions

through

fleet

and

route

optimization.Many

have

already

embarked

on

this

journey.

Morethan

half

(51%)describe

digital

technology

as

a

keyenabler

of

their

existing

decarbonization

plans,

risingto

61%

of

freight

transportation

firms,

which

have

facedgrowing

scrutiny

in

recent

years

over

their

use

ofIt's

always

been

islanded

in

the

past,

but

nowthere

is

a

requirement

for

it

to

send

real-timedata

to

shore.“Sean

Gray,

Electrical

and

ElectronicSuperintendent

at

Stena

Drillinghigh-carbon

bunker

fuel12.The

corollary

of

these

developments

is

that

the

issue

ofOT

cyber

security

becomes

more

pressing

every

day.Simply

put,

the

more

connections

that

a

system

has,

thelikelier

it

is

that

a

breach

will

occur.

And,

when

it

doesoccur,

the

breach

spreads

further,

wider

and

quickerthan

ever

before.As

well

as

improving

sustainability

performance,

digitaltechnologies

provide

safety

advantages

by

automatingand

streamlining

complex

processes,

which

help

toenhance

safety

at

ports

and

at

sea.

In

the

words

of

theUnited

Nations

Conference

on

Trade

and

Development,digitalization

is

helping

the

industry

navigate

the“efficiency,

optimization,

reliability,

visibility,

resilience,predictability,

and

sustainability”

challenges

of

theMoreover,

there

are

some

parts

of

the

industry

whereoperators

do

not

have

a

choice

but

to

connect

theirexisting

assets.post-Covid

economy13.FreighttransportationisrelyingmoreheavilythanothersectorsonconnectivitytoenabledecarbonizationStrong

sentiment

that

greater

connectivity

is

key

to

the

industry’s

futureExtent

to

which

respondents

agree

that

digital

technology

isa

key

enabler

of

their

organization's

decarbonization

activity.Thefutureof

themaritimeindustryreliesonasignificantincreaseinconnectednetworksbetweenorganizations(suchasbetweenshipoperators,

portsandregulatoryauthorities)TotalPassengertransportationFreighttransportation51%51%87%Cybersecurityisseenasabarriertotechnologyinnovationinthemaritimeindustry33%61%Thesuccessof

mybusinessreliesonasignificantincreaseinconnectednetworksacrosstheorganization(bothOTandIT

networks)67%Shipbuildingandrepair53%Myorganizationiscommittedtodigitallyconnectingexistingoperationalassets,

suchasmarinevessels,

tothewidernetworkof

assetsandinfrastructure61%OffshoreoperatorsandproductionIndustryservices44%Automationoperationaltechnologyisamajorstrategicpriorityformybusiness(e.g.,

navigation,

powerandcargomanagement)49%61%12

Pressure

grows

on

shipping

industry

to

accept

carbon

levy,

The

Guardian13

Review

of

Maritime

Transport

2022,

UN

Conference

of

Trade

and

DevelopmentQ:

Towhat

extent

do

you

agree

or

disagree

with

the

following?

Percentages

reflect

net

agreement

(i.e.

moderately

+

strongly

agree).1415DNV

MaritimeCyberPriority2023Cyber

security

is

agrowing

maritime

risk

CHAPTER1PROFILE

OF

ADVERSARIES

IS

BROADENINGThe

context

is

that

Russia’s

invasion

of

Ukraine

hasincreased

cyber

security

concerns

in

sectors

operatingcritical

infrastructure.

In

DNV’s

Energy

Cyber

Priority2022

report15,

focusing

on

the

energy

industry,

we

sawan

increase

in

the

perceived

threat

posed

by

all

forms

ofcyber-criminal

in

the

two

weeks

following

the

invasionin

February

2022.

Attacks

on

OT

materialized

soon

afterwith

the

Russian

cyber-attack

on

satellite

internetoperator

ViaSat16,

which

deactivated

thousands

ofwind

turbines

in

Germany.

More

than

a

year

later,

themaritime

industry

is

also

on

high

alert,

particularly

inEurope.In

parallel

with

the

movement

towards

greater

connectivityin

maritime,

the

profile

of

adversaries

is

broadening.

Today,a

growing

rollcall

of

malicious

and

inadvertent

threat

actorsis

targeting

maritime

companies’

OT

networks.As

their

specific

methods

vary

–

comprising

everything

fromphishing

tactics

that

trick

employees

into

downloadingmalware,

to

collaborating

with

insiders

with

access

torestricted

networks14

–

individual

threat

actors

are

bestunderstood

in

relation

to

their

ultimate

objectives.Whether

they

are

nation

states

attacking

criticalinfrastructure,

criminal

gangs

looking

for

ransompay-outs,

or

politically

motivated

hacktivists

using

toolsfrom

the

dark

web,

we

can

expect

a

growing

number

totarget

OT

systems

as

way

to

achieve

their

goals.It

is

worth

noting

that,

although

the

Ukraine

conflictmay

explain

additional

attacks

by

state

actors

andhacktivists,

other

threat

actors

are

likely

to

havebecome

more

wary

of

attacking

OT

out

of

concern

thattheir

actions

may

be

mistaken

for

those

of

a

hostilepower.Commander

Monte

of

the

German

Navy,

believes

thatrising

geopolitical

tensions

increase

the

possibility

thata

coordinated

attack

on

OT

will

take

place.“None

of

the

financially

motivated

threat

actors

wantsto

be

the

reason

why

there's

an

escalation

in

thephysical

war,”

says

Kelly

Malynn,

Product

Leader

CyberPhysical

Damage

Underwriting

at

the

insurer

Beazley.“Some

are

being

more

careful

about

who

they

selectand

how

they

deploy

ransomware

because

theremight

be

a

very

kinetic

response

if

they

were

toaccidentally

cause

an

OT

or

critical

issue.”“The

attacks

focus

more

on

the

disruption

of

trade

andinfrastructure,

rather

than

purely

criminal

activityfocused

on

the

extortion

of

money,”

he

says.

“Commercialshipping

may

be

the

single

most

important

link

inglobalized

trade

and

logistics.

That

implies

a

huge

riskfor

coordinated

cyber-attacks

on

commercial

shipping.”Hacktivists

and

foreign

powers,

which

may

share

the

same

objectives,

are

the

top

threat

todayRussia’s

invasion

of

Ukraine

has

increased

awareness

of

the

cyber

security

threat

in

the

maritime

industryExtenttowhichrespondentsagreethattheRussianinvasionof

UkrainehasmadethemaritimeindustrymoresensitivetothethreatofcybersecurityincidentsthanitwasbeforeHacktivistsForeignpowersandstate-sponsoredactorsCriminalgangs62%59%56%66%69%58%71%