THE ROLE OF CYBER SITUATIONAL AWARENESS OF HUMANS IN SOCIAL ENGINEERING CYBER ATTACKS ON THE MARITIME DOMAIN

Year 2023, Volume: 5 Issue: 2, 22 - 36, 31.12.2023

Cihat Aşan

https://doi.org/10.47512/meujmaf.1370274

Abstract

Through technological advancements, the expanding proportion of maritime transportation on a global scale is becoming faster, more automated, more digital, and ultimately more cyber-space. In particular, the Industrial Revolution 4.0 has brought real-time digital integration of stakeholders in the maritime industry, both on land and at sea, into cyberspace. However, the scope of life and property protection at sea has expanded with the participation of the cyber environment as well as the physical environment. The human factor plays a leading role in ensuring the security of both the physical and cyber environment. In parallel, the main target of hackers who try to gain profit by violating the security environment is the person who does not have sufficient situational awareness of cyber security and can be called the weakest link in the chain. In this study, as main goal, the role of the situational awareness of the employees in the past cyber-attacks on the maritime industry was examined, and a perspective on the measures to be taken was presented. To achieve this research goal, the study utilized the snowballing technique to access literature, which helped uncover additional relevant resources not initially detected. This was followed by a systematic analysis of the collected literature. An analysis of attacks conducted since 2010 revealed that 76% of them utilized social engineering methods, such as phishing, malware, and ransomware. These attackers appear to exploit the maritime industry's insufficient cybersecurity awareness among its employees and the lack of a comprehensive understanding of cybersecurity within the industry.

Keywords

Maritime industry, Cyber security, Cyber-attack, Situational awareness

References

• Agius, M. (2020). TM mum on whether cyber-attack affected ship, air registries - Newsbook. https://newsbook.com.mt/en/tm-mum-on-whether-cyber-attack-affected-ship-air-registries/
• Alcaide, J. I., & Llave, R. G. (2020). Critical infrastructures cybersecurity and the maritime sector. Transportation Research Procedia, 45, 547–554. https://doi.org/10.1016/j.trpro.2020.03.058
• Algarni, A., Xu, Y., Taizan Chan, & Yu-Chu Tian. (2013). Social engineering in social networking sites: Affect-based model. 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), 508–515. https://doi.org/10.1109/ICITST.2013.6750253
• Athens Group Services. (2019). Cybersecurity – There Is No Silver Bullet. https://athensgroupservices.com/cybersecurity-there-is-no-silver-bullet/
• Azzopardi, K. (2020). Investigation into Transport Malta cyber-attack has not yet determined whether hack led to data leakage. https://www.maltatoday.com.mt/news/national/105593/watch_transport_malta_cyber_attack_investigation_has_not_yet_determined_whether_data_was_stolen#.ZBW3OhTP25c
• Bada, M., Sasse, A. M., & Nurse, J. R. C. (2019). Cyber Security Awareness Campaigns: Why do they fail to change behaviour? Cornell University, Computer Science, Cryptography and Security. https://doi.org/https://doi.org/10.48550/arXiv.1901.02672
• BBC News. (2020). Red Funnel ferry firm’s IT system hit by “malicious attack.” https://www.bbc.com/news/uk-england-hampshire-54368110
• Bolat, P. & Kayişoğlu, G. (2019). Antecedents and Consequences of Cybersecurity Awareness: A Case Study for Turkish Maritime Sector. Journal of ETA Maritime Science, 7(4), 344-360.
• Farah, M. A., Ukwandu, E., Hindy, H., Brosset, D., Bures, M., Andonovic, I., & Bellekens, X. (2022). Cyber Security in the Maritime Industry: A Systematic Survey of Recent Advances and Future Trends. Information, 13(1), 22. https://doi.org/10.3390/info13010022
• Bøe, E., & Jordheim, H. (2020). Police investigate the computer attack against Hurtigruten – E24. https://e24.no/hav-og-sjoemat/i/7KPeEK/politiet-etterforsker-dataangrepet-mot-hurtigruten
• Borazjani, P. N. (2017). Security Issues in Cloud Computing (pp. 800–811). https://doi.org/10.1007/978-3-319-57186-7_58
• Buurma, C., & Sebenius, A. (2020). Ransomware Shuts U.S. Natural Gas Compressor Facility for Two Days. https://www.carriermanagement.com/news/2020/02/20/203485.htm
• Čekerevac, Z., Dvorak, Z., Prigoda, L., & Čekerevac, P. (2017). Man-In-The-Middle Attacks and Internet Of Things. FBIM Transactions, 5(2). https://doi.org/10.12709/fbim.05.05.02.03
• Cimpanu, C. (2018a). Ransomware Infection Cripples Shipping Giant COSCO’s American Network. https://www.bleepingcomputer.com/news/security/ransomware-infection-cripples-shipping-giant-coscos-american-network/
• Cimpanu, C. (2018b). Ransomware Infection Cripples Shipping Giant COSCO’s American Network. https://www.bleepingcomputer.com/news/security/ransomware-infection-cripples-shipping-giant-coscos-american-network/
• Cimpanu, C. (2019). US Coast Guard discloses Ryuk ransomware infection at maritime facility | ZDNET. https://www.zdnet.com/article/us-coast-guard-discloses-ryuk-ransomware-infection-at-maritime-facility/
• CISA-US. (2020). Avoiding Social Engineering and Phishing Attacks | CISA. https://www.cisa.gov/uscert/ncas/tips/ST04-014
• Clark, J. (2018). Cybercrime in the shipping industry. A Presentation by Shipping Hill Dickinson LLP.
• Coble, S. (2020). Ransomware Attack on Shipping Giant. https://www.infosecurity-magazine.com/news/ransomware-attack-on-shipping-giant.
• Corallo, A., Lazoi, M., & Lezzi, M. (2020). Cybersecurity in the context of industry 4.0: A structured classification of critical assets and business impacts. Computers in Industry, 114, 103165. https://doi.org/10.1016/j.compind.2019.103165
• D’Amico, A., Whitley, K., Tesone, D., O’Brien, B., & Roth, E. (2005). Achieving Cyber Defense Situational Awareness: A Cognitive Task Analysis of Information Assurance Analysts. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 49(3), 229–233. https://doi.org/10.1177/154193120504900304
• Dragos. (2020). Assessment of Ransomware Event at U.S. Pipeline Operator. https://www.dragos.com/blog/industry-news/assessment-of-ransomware-event-at-u-s-pipeline-operator/
• ENISA. (2011a). Analysıs of Cybersecurity Aspects in The Marıtıme Sector.
• ENISA. (2011b). Cyber Security Aspects in the Maritime Sector. https://www.enisa.europa.eu/publications/cyber-security-aspects-in-the-maritime-sector-1
• Fitton, M. O., Prince, D., & Lacy, M. (2015). The Future of Maritime Cyber Security. https://eprints.lancs.ac.uk/id/eprint/72696/
• Futurenautics Maritime-KVH and Intelsat. (2018). Crew Connectivity 2018 Survey Report Maritime. http://www.navarino.co.uk/wp-content/uploads/2018/04/Crew_Connectivity_2018_Survey_Report.pdf
• Goud, N. (2019). Cyber Attack on James Fisher and Sons - Cybersecurity Insiders. https://www.cybersecurity-insiders.com/cyber-attack-on-james-fisher-and-sons/
• Goud, N. (2020). Ransomware attack on Norwegian Ship yard results in job loss to many - Cybersecurity Insiders. https://www.cybersecurity-insiders.com/ransomware-attack-on-norwegian-ship-yard-results-in-job-loss-to-many/
• Grinter, M. (2020). Maritime cyber-attacks up 900% in three years - Hong Kong Maritime Hub. http://www.hongkongmaritimehub.com/maritime-cyber-attacks-up-900-in-three-years/
• Gupta, B. B., Tewari, A., Jain, A. K., & Agrawal, D. P. (2017). Fighting against phishing attacks: state of the art and future challenges. Neural Computing and Applications, 28(12), 3629–3654. https://doi.org/10.1007/s00521-016-2275-y
• Hareide, O. S., Jøsok, Ø., Lund, M. S., Ostnes, R., & Helkala, K. (2018). Enhancing Navigator Competence by Demonstrating Maritime Cyber Security. Journal of Navigation, 71(5), 1025–1039. https://doi.org/10.1017/S0373463318000164
• Hellenic Shipping News Worldwide. (2020). Greater Cyber Security Needed For Coronavirus And Economic Crises. https://www.hellenicshippingnews.com/greater-cyber-security-needed-for-coronavirus-and-economic-crises/
• Hindy, H., Tachtatzis, C., Atkinson, R., Bayne, E., & Bellekens, X. (2021). Developing a Siamese Network for Intrusion Detection Systems. Proceedings of the 1st Workshop on Machine Learning and Systems, 120–126. https://doi.org/10.1145/3437984.3458842
• IMO. (2017). Guidelines on Maritime Cyber Risk Management. https://wwwcdn.imo.org/localresources/en/OurWork/Facilitation/Facilitation/MSC-FAL.1-Circ.3-Rev.1.pdf
• Interpol. (2020). Cyber Crime: COVID-19 Impact. https://www.interpol.int/en/content/download/15526/file/COVID-19%20Cybercrime%20Analysis%20Report-%20August%202020.pdf?inLanguage=eng-GB
• Jensen, L. (2015). Challenges in Maritime Cyber-Resilience. Technology Innovation Management Review, 5(4), 35–39. https://doi.org/10.22215/timreview/889
• Kapalidis, P. (2020). Cybersecurity at Sea. In L. Otto (Ed.), Global Challenges in Maritime Security. Advanced Sciences and Technologies for Security Applications. (pp. 127–143). https://doi.org/10.1007/978-3-030-34630-0_8
• Kessler, G. C., & Uk, A. (n.d.). Cybersecurity in the Maritime Domain Cybersecurity in the Maritime Domain CORE View metadata, citation and similar papers at core. Retrieved March 21, 2023, from https://commons.erau.edu/publication/1318
• Kim, J., & Saul, J. (2016). South Korea Revives GPS Backup Project After Blaming North for Jamming. https://gcaptain.com/south-korea-revives-gps-backup-project-after-blaming-north-for-jamming/
• Kokar, M. M., & Endsley, M. R. (2012). Situation Awareness and Cognitive Modeling. IEEE Intelligent Systems, 27(3), 91–96. https://doi.org/10.1109/MIS.2012.61
• Lam, J. S. L., & Bai, X. (2016). A quality function deployment approach to improve maritime supply chain resilience. Transportation Research Part E: Logistics and Transportation Review, 92, 16–27. https://doi.org/10.1016/j.tre.2016.01.012
• Larsen, M. H., & Lund, M. S. (2021). Cyber Risk Perception in the Maritime Domain: A Systematic Literature Review. IEEE Access, 9, 144895–144905. https://doi.org/10.1109/ACCESS.2021.3122433
• Le journal 2L’Afrique. (2021). Cyber attacks cripple South African ports. https://lejournaldelafrique.com/en/cyber-attacks-paralyze-South-African-ports/
• Lebek, B., Uffen, J., Neumann, M., Hohler, B., & H. Breitner, M. (2014). Information security awareness and behavior: a theory-based literature review. Management Research Review, 37(12), 1049–1092. https://doi.org/10.1108/MRR-04-2013-0085
• Lemos, R. (2019). Coast Guard Warns Shipping Firms of Maritime Cyberattacks. https://www.darkreading.com/vulnerabilities-threats/coast-guard-warns-shipping-firms-of-maritime-cyberattacks
• Linton, A. (2016). Port Authority Role in Cyber-Security -LinkedIn. https://www.linkedin.com/pulse/port-authority-role-cyber-security-art-linton/
• Lubold, G., & Volz, D. (2018). Chinese Hackers Breach U.S. Navy Contractors - WSJ. https://www.wsj.com/articles/u-s-navy-is-struggling-to-fend-off-chinese-hackers-officials-say-11544783401
• Mahoney, S., Roth, E., Steinke, K., Pfautz, J., Wu, C., & Farry, M. (2010). Cognitive Task Analysis for Cyber Situational Awareness. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 54(4), 279–283. https://doi.org/10.1177/154193121005400403
• Mallik, A., Ahsan, A., Shahadat, M. Md. Z., & Tsou, J.-C. (2019). Man-in-the-middle-attack: Understanding in simple words. International Journal of Data and Network Science, 77–92. https://doi.org/10.5267/j.ijdns.2019.1.001
• Maritime Executive. (2020a). Carnival Corporation Reports Ransomware Attack Accessed Data. https://www.maritime-executive.com/article/carnival-corporation-reports-ransomware-attack-accessed-data
• Maritime Executive. (2020b). Hurtigruten Reports Passenger Data Exposed in Cyberattack. https://www.maritime-executive.com/article/hurtigruten-reports-passenger-data-exposed-in-cyberattack
• Maritime Executive. (2020c). Naval Dome: Cyberattacks on OT Systems on the Rise. https://www.maritime-executive.com/article/naval-dome-cyberattacks-on-ot-systems-on-the-rise
• Maritime Executive. (2020d). Ransomware Cripples IT Systems of Inland Port in Washington State. https://www.maritime-executive.com/article/ransomware-attack-cripples-systems-of-inland-port-in-washington-state
• McNeese, M., Cooke, N. J., D’Amico, A., Endsley, M. R., Gonzalez, C., Roth, E., & Salas, E. (2012). Perspectives on the Role of Cognition in Cyber Security. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 56(1), 268–271. https://doi.org/10.1177/1071181312561063
• Mcquade, M. (2018). The Untold Story of NotPetya, the Most Devastating Cyberattack in History. https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
• Meland, P. Há., Bernsmed, K., Wille, E., Rødseth, Ø. J., & Nesheim, D. A. (2021). A Retrospective Analysis of Maritime Cyber Security Incidents. TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation, 15(3), 519–530. https://doi.org/10.12716/1001.15.03.04
• Mraković, I., & Vojinović, R. (2019a). Maritime Cyber Security Analysis – How to Reduce Threats? Transactions on Maritime Science, 8(1), 132–139. https://doi.org/10.7225/toms.v08.n01.013
• Mraković, I., & Vojinović, R. (2019b). Maritime Cyber Security Analysis – How to Reduce Threats? Transactions on Maritime Science, 8(1), 132–139. https://doi.org/10.7225/toms.v08.n01.013
• Mraković, I., & Vojinović, R. (2019c). Maritime Cyber Security Analysis – How to Reduce Threats? Transactions on Maritime Science, 8(1), 132–139. https://doi.org/10.7225/toms.v08.n01.013
• Nguyen, L. (2018, February). e-paper: Collaboration in the Shipping Industry: Innovation and Technology. KNect365. https://informaconnect.com/epaper-collaboration-in-the-shipping-industry-innovation-and-technology/
• NSI, N. S. I. (2017). A Brief User’s Guide to Getting the Most from Your Employee Security Connection Subscription. https://www.nsi.org/pdf/ESC_User’s_Guide.pdf
• Okoli, C. (2015). A Guide to Conducting a Standalone Systematic Literature Review. Communications of the Association for Information Systems, 37. https://doi.org/10.17705/1CAIS.03743
• Parizo, E. (2019). Maersk CISO Says NotPeyta Devastated Several Unnamed US firms. https://www.darkreading.com/omdia/maersk-ciso-says-notpeyta-devastated-several-unnamed-us-firms
• Perez, G. F. (2019). Cyber Situational Awareness and Cyber Curiosity Taxonomy for Understanding Susceptibility of Social Engineering Attacks in the Maritime Industry [Nova Southeastern University]. https://nsuworks.nova.edu/gscis_etd
• Pfleeger, S. L., & Caputo, D. D. (2012). Leveraging behavioral science to mitigate cyber security risk. Computers & Security, 31(4), 597–611. https://doi.org/10.1016/j.cose.2011.12.010
• Port Technology International. (2021). CMA CGM faces cyber attack leading to data leak - Port Technology International. https://www.porttechnology.org/news/cma-cgm-faces-cyber-attack-leading-to-data-leak/
• Progoulakis, I., Rohmeyer, P., & Nikitakos, N. (2021). Cyber Physical Systems Security for Maritime Assets. Journal of Marine Science and Engineering, 9(12), 1384. https://doi.org/10.3390/jmse9121384
• Refsdal, A., Solhaug, B., & Stølen, K. (2015). Cyber-Risk Management. Springer International Publishing. https://doi.org/10.1007/978-3-319-23570-7
• Reuters. (2012). Saudi Arabia says cyber attack aimed to disrupt oil, gas flow | Reuters. https://www.reuters.com/article/saudi-attack/saudi-arabia-says-cyber-attack-aimed-to-disrupt-oil-gas-flow-idUSL5E8N91UE20121209
• RTE. (2022). European oil port terminals hit by cyberattack. https://www.rte.ie/news/world/2022/0203/1277569-oil-terminal-cyberattack/
• S. de Vleeschhouwer. (2017). Safety of data. The risks of cyber security in the maritime sector. https://maritimetechnology.nl/media/NMT_Safety-of-data-The-risks-of-cyber-security-in-the-maritime-sector.pdf
• Safety4sea. (2018). 2018 Highlights: Major cyber-attacks reported in maritime industry. https://safety4sea.com/cm-2018-highlights-major-cyber-attacks-reported-in-maritime-industry/
• Safety4sea. (2020a). Hurtigruten hit by cyber-attack. https://safety4sea.com/hurtigruten-hit-by-cyber-attack/
• Safety4sea. (2020b). Vard shipbuilder experiences ransomware attack - SAFETY4SEA. https://safety4sea.com/vard-shipbuilder-experiences-ransomware-attack/
• Safety4sea. (2021a). CMA CGM face to face with another cyber-attack - SAFETY4SEA. https://safety4sea.com/cma-cgm-face-to-face-with-another-cyber-attack/
• Safety4sea. (2021b). K Line issues apology after yet another cyber-attack. https://safety4sea.com/k-line-issues-apology-after-yet-another-cyber-attack/
• Safety4sea. (2022a). Cyber attack hits Port of Lisbon. https://safety4sea.com/cyber-attack-hits-port-of-lisbon/
• Safety4sea. (2022b). Cyber attacks hit European oil terminals - SAFETY4SEA. https://safety4sea.com/cyber-attacks-hit-european-oil-terminals/
• Schenkelberg, B. (2021). S. Africa Cyber-Attack, Durban & Richards Bay Terminals - X-Industry - Red Sky Alliance. https://redskyalliance.org/xindustry/s-africa-cyber-attack-durban-richards-bay-terminals
• Schmitt, M. (2017). Introduction. In Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations (pp. 1-8). Cambridge: Cambridge University Press. doi:10.1017/9781316822524.006
• Secureworks. (2018). Gold Galleon: How a Nigerian Cyber Crew Plunders the Shipping Industry. https://www.secureworks.com/research/gold-galleon-how-a-nigerian-cyber-crew-plunders-the-shipping-industry
• Shauk, Z. (2013, April 28). Malware on the offshore rig: Danger lurks where the chips fail. https://www.houstonchronicle.com/business/energy/article/Malware-on-the-offshore-rig-Danger-lurks-where-4470723.php
• Shen, C., & Baker, J. (2020). CMA CGM confirms ransomware attack. https://lloydslist.maritimeintelligence.informa.com/LL1134044/CMA-CGM-confirms-ransomware-attack
• Tam, K., & Jones, K. (2019). MaCRA: a model-based framework for maritime cyber-risk assessment. WMU Journal of Maritime Affairs, Port18(1), 129–163. https://doi.org/10.1007/s13437-019-00162-2
• The Maritime Executive. (2018). Saipem’s Servers Hit by Cyberattack. https://maritime-executive.com/article/saipem-s-servers-hit-by-cyberattack
• The Norwegian National Security Authority (NSM). (2020). RISIKO 2020. https://www.digi.no/filer/NSM_Risiko_2020_a_pen.pdf
• The Portugal News/Lusa. (2022). Cyberattack at Lisbon port - The Portugal News. https://www.theportugalnews.com/news/2022-12-26/cyberattack-at-lisbon-port/73281
• Toogood, D. (2020). Red Funnel Suffers “Malicious Attack” on IT Systems Causing Major Disruption. https://www.islandecho.co.uk/red-funnel-suffers-malicious-attack-on-it-systems-causing-major-disruption/
• Torbati, Y., & Saul, J. (2012, October). Iran’s top cargo shipping line says sanctions damage mounting | Reuters. https://www.reuters.com/article/us-iran-sanctions-shipping-idUSBRE89L10X20121022
• Volz, D. (2019). Chinese Hackers Target Universities in Pursuit of Maritime Military Secrets - WSJ. https://www.wsj.com/articles/chinese-hackers-target-universities-in-pursuit-of-maritime-military-secrets-11551781800
• Walker, J. (2020). AIDA Cruise Ships Under Cyber Attack - Are Costa Ships Also Affected? | Cruise Law News.https://www.cruiselawnews.com/2020/12/articles/cyber-attacks/aida-cruise-ships-under-cyber-attack-are-costa-ships-also-affected/
• Walker, J., & Spencer, J. (n.d.). Cyber Marine: Risks & Loss Scenarios. International Marine Claims Conference. Retrieved March 8, 2023, from http://www.marineclaimsconference.com/imcc-docs/docs/Cyber%20workshop.pdf
• Warrick Joby, & Nakashima, E. (2020). Officials: Israel linked to a disruptive cyberattack on Iranian port facility - The Washington Post. https://www.washingtonpost.com/national-security/officials-israel-linked-to-a-disruptive-cyberattack-on-iranian-port-facility/2020/05/18/9d1da866-9942-11ea-89fd-28fb313d1886_story.html
• Wohlin, C. (2014). Guidelines for snowballing in systematic literature studies and a replication in software engineering. Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering - EASE ’14, 1–10. https://doi.org/10.1145/2601248.2601268