        TY  - JOUR
T1  - THE ROLE OF CYBER SITUATIONAL AWARENESS OF HUMANS IN SOCIAL ENGINEERING CYBER ATTACKS ON THE MARITIME DOMAIN
AU  - Aşan, Cihat
PY  - 2023
DA  - December
DO  - 10.47512/meujmaf.1370274
JF  - Mersin University Journal of Maritime Faculty
JO  - MEUJMAF
PB  - Mersin University
WT  - DergiPark
SN  - 2687-6612
SP  - 22
EP  - 36
VL  - 5
IS  - 2
LA  - en
AB  - Through technological advancements, the expanding proportion of maritime transportation on a global scale is becoming faster, more automated, more digital, and ultimately more cyber-space. In particular, the Industrial Revolution 4.0 has brought real-time digital integration of stakeholders in the maritime industry, both on land and at sea, into cyberspace. However, the scope of life and property protection at sea has expanded with the participation of the cyber environment as well as the physical environment. The human factor plays a leading role in ensuring the security of both the physical and cyber environment. In parallel, the main target of hackers who try to gain profit by violating the security environment is the person who does not have sufficient situational awareness of cyber security and can be called the weakest link in the chain. In this study, as main goal, the role of the situational awareness of the employees in the past cyber-attacks on the maritime industry was examined, and a perspective on the measures to be taken was presented. To achieve this research goal, the study utilized the snowballing technique to access literature, which helped uncover additional relevant resources not initially detected. This was followed by a systematic analysis of the collected literature. An analysis of attacks conducted since 2010 revealed that 76% of them utilized social engineering methods, such as phishing, malware, and ransomware. These attackers appear to exploit the maritime industry&#039;s insufficient cybersecurity awareness among its employees and the lack of a comprehensive understanding of cybersecurity within the industry.
KW  - Maritime industry
KW  - Cyber security
KW  - Cyber-attack
KW  - Situational awareness
CR  - Agius, M. (2020). TM mum on whether cyber-attack affected ship, air registries - Newsbook. https://newsbook.com.mt/en/tm-mum-on-whether-cyber-attack-affected-ship-air-registries/
CR  - Alcaide, J. I., &amp; Llave, R. G. (2020). Critical infrastructures cybersecurity and the maritime sector. Transportation Research Procedia, 45, 547–554. https://doi.org/10.1016/j.trpro.2020.03.058
CR  - Algarni, A., Xu, Y., Taizan Chan, &amp; Yu-Chu Tian. (2013). Social engineering in social networking sites: Affect-based model. 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), 508–515. https://doi.org/10.1109/ICITST.2013.6750253
CR  - Athens Group Services. (2019). Cybersecurity – There Is No Silver Bullet. https://athensgroupservices.com/cybersecurity-there-is-no-silver-bullet/
CR  - Azzopardi, K. (2020). Investigation into Transport Malta cyber-attack has not yet determined whether hack led to data leakage. https://www.maltatoday.com.mt/news/national/105593/watch_transport_malta_cyber_attack_investigation_has_not_yet_determined_whether_data_was_stolen#.ZBW3OhTP25c
CR  - Bada, M., Sasse, A. M., &amp; Nurse, J. R. C. (2019). Cyber Security Awareness Campaigns: Why do they fail to change behaviour? Cornell University, Computer Science, Cryptography and Security. https://doi.org/https://doi.org/10.48550/arXiv.1901.02672
CR  - BBC News. (2020). Red Funnel ferry firm’s IT system hit by “malicious attack.” https://www.bbc.com/news/uk-england-hampshire-54368110
CR  - Bolat, P. &amp; Kayişoğlu, G. (2019). Antecedents and Consequences of Cybersecurity Awareness: A Case Study for Turkish Maritime Sector. Journal of ETA Maritime Science, 7(4), 344-360.
CR  - Farah, M. A., Ukwandu, E., Hindy, H., Brosset, D., Bures, M., Andonovic, I., &amp; Bellekens, X. (2022). Cyber Security in the Maritime Industry: A Systematic Survey of Recent Advances and Future Trends. Information, 13(1), 22. https://doi.org/10.3390/info13010022
CR  - Bøe, E., &amp; Jordheim, H. (2020). Police investigate the computer attack against Hurtigruten – E24. https://e24.no/hav-og-sjoemat/i/7KPeEK/politiet-etterforsker-dataangrepet-mot-hurtigruten
CR  - Borazjani, P. N. (2017). Security Issues in Cloud Computing (pp. 800–811). https://doi.org/10.1007/978-3-319-57186-7_58
CR  - Buurma, C., &amp; Sebenius, A. (2020). Ransomware Shuts U.S. Natural Gas Compressor Facility for Two Days. https://www.carriermanagement.com/news/2020/02/20/203485.htm
CR  - Čekerevac, Z., Dvorak, Z., Prigoda, L., &amp; Čekerevac, P. (2017). Man-In-The-Middle Attacks and Internet Of Things. FBIM Transactions, 5(2). https://doi.org/10.12709/fbim.05.05.02.03
CR  - Cimpanu, C. (2018a). Ransomware Infection Cripples Shipping Giant COSCO’s American Network. https://www.bleepingcomputer.com/news/security/ransomware-infection-cripples-shipping-giant-coscos-american-network/
CR  - Cimpanu, C. (2018b). Ransomware Infection Cripples Shipping Giant COSCO’s American Network. https://www.bleepingcomputer.com/news/security/ransomware-infection-cripples-shipping-giant-coscos-american-network/
CR  - Cimpanu, C. (2019). US Coast Guard discloses Ryuk ransomware infection at maritime facility | ZDNET. https://www.zdnet.com/article/us-coast-guard-discloses-ryuk-ransomware-infection-at-maritime-facility/
CR  - CISA-US. (2020). Avoiding Social Engineering and Phishing Attacks | CISA. https://www.cisa.gov/uscert/ncas/tips/ST04-014
CR  - Clark, J. (2018). Cybercrime in the shipping industry. A Presentation by Shipping Hill Dickinson LLP.
CR  - Coble, S. (2020). Ransomware Attack on Shipping Giant. https://www.infosecurity-magazine.com/news/ransomware-attack-on-shipping-giant.
CR  - Corallo, A., Lazoi, M., &amp; Lezzi, M. (2020). Cybersecurity in the context of industry 4.0: A structured classification of critical assets and business impacts. Computers in Industry, 114, 103165. https://doi.org/10.1016/j.compind.2019.103165
CR  - D’Amico, A., Whitley, K., Tesone, D., O’Brien, B., &amp; Roth, E. (2005). Achieving Cyber Defense Situational Awareness: A Cognitive Task Analysis of Information Assurance Analysts. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 49(3), 229–233. https://doi.org/10.1177/154193120504900304
CR  - Dragos. (2020). Assessment of Ransomware Event at U.S. Pipeline Operator. https://www.dragos.com/blog/industry-news/assessment-of-ransomware-event-at-u-s-pipeline-operator/
CR  - ENISA. (2011a). Analysıs of Cybersecurity Aspects in The Marıtıme Sector.
CR  - ENISA. (2011b). Cyber Security Aspects in the Maritime Sector. https://www.enisa.europa.eu/publications/cyber-security-aspects-in-the-maritime-sector-1
CR  - Fitton, M. O., Prince, D., &amp; Lacy, M. (2015). The Future of Maritime Cyber Security. https://eprints.lancs.ac.uk/id/eprint/72696/
CR  - Futurenautics Maritime-KVH and Intelsat. (2018). Crew Connectivity 2018 Survey Report Maritime. http://www.navarino.co.uk/wp-content/uploads/2018/04/Crew_Connectivity_2018_Survey_Report.pdf
CR  - Goud, N. (2019). Cyber Attack on James Fisher and Sons - Cybersecurity Insiders. https://www.cybersecurity-insiders.com/cyber-attack-on-james-fisher-and-sons/
CR  - Goud, N. (2020). Ransomware attack on Norwegian Ship yard results in job loss to many - Cybersecurity Insiders. https://www.cybersecurity-insiders.com/ransomware-attack-on-norwegian-ship-yard-results-in-job-loss-to-many/
CR  - Grinter, M. (2020). Maritime cyber-attacks up 900% in three years - Hong Kong Maritime Hub. http://www.hongkongmaritimehub.com/maritime-cyber-attacks-up-900-in-three-years/
CR  - Gupta, B. B., Tewari, A., Jain, A. K., &amp; Agrawal, D. P. (2017). Fighting against phishing attacks: state of the art and future challenges. Neural Computing and Applications, 28(12), 3629–3654. https://doi.org/10.1007/s00521-016-2275-y
CR  - Hareide, O. S., Jøsok, Ø., Lund, M. S., Ostnes, R., &amp; Helkala, K. (2018). Enhancing Navigator Competence by Demonstrating Maritime Cyber Security. Journal of Navigation, 71(5), 1025–1039. https://doi.org/10.1017/S0373463318000164
CR  - Hellenic Shipping News Worldwide. (2020). Greater Cyber Security Needed For Coronavirus And Economic Crises. https://www.hellenicshippingnews.com/greater-cyber-security-needed-for-coronavirus-and-economic-crises/
CR  - Hindy, H., Tachtatzis, C., Atkinson, R., Bayne, E., &amp; Bellekens, X. (2021). Developing a Siamese Network for Intrusion Detection Systems. Proceedings of the 1st Workshop on Machine Learning and Systems, 120–126. https://doi.org/10.1145/3437984.3458842
CR  - IMO. (2017). Guidelines on Maritime Cyber Risk Management. https://wwwcdn.imo.org/localresources/en/OurWork/Facilitation/Facilitation/MSC-FAL.1-Circ.3-Rev.1.pdf
CR  - Interpol. (2020). Cyber Crime: COVID-19 Impact. https://www.interpol.int/en/content/download/15526/file/COVID-19%20Cybercrime%20Analysis%20Report-%20August%202020.pdf?inLanguage=eng-GB
CR  - Jensen, L. (2015). Challenges in Maritime Cyber-Resilience. Technology Innovation Management Review, 5(4), 35–39. https://doi.org/10.22215/timreview/889
CR  - Kapalidis, P. (2020). Cybersecurity at Sea. In L. Otto (Ed.), Global Challenges in Maritime Security. Advanced Sciences and Technologies for Security Applications. (pp. 127–143). https://doi.org/10.1007/978-3-030-34630-0_8
CR  - Kessler, G. C., &amp; Uk, A. (n.d.). Cybersecurity in the Maritime Domain Cybersecurity in the Maritime Domain CORE View metadata, citation and similar papers at core. Retrieved March 21, 2023, from https://commons.erau.edu/publication/1318
CR  - Kim, J., &amp; Saul, J. (2016). South Korea Revives GPS Backup Project After Blaming North for Jamming. https://gcaptain.com/south-korea-revives-gps-backup-project-after-blaming-north-for-jamming/
CR  - Kokar, M. M., &amp; Endsley, M. R. (2012). Situation Awareness and Cognitive Modeling. IEEE Intelligent Systems, 27(3), 91–96. https://doi.org/10.1109/MIS.2012.61
CR  - Lam, J. S. L., &amp; Bai, X. (2016). A quality function deployment approach to improve maritime supply chain resilience. Transportation Research Part E: Logistics and Transportation Review, 92, 16–27. https://doi.org/10.1016/j.tre.2016.01.012
CR  - Larsen, M. H., &amp; Lund, M. S. (2021). Cyber Risk Perception in the Maritime Domain: A Systematic Literature Review. IEEE Access, 9, 144895–144905. https://doi.org/10.1109/ACCESS.2021.3122433
CR  - Le journal 2L’Afrique. (2021). Cyber attacks cripple South African ports. https://lejournaldelafrique.com/en/cyber-attacks-paralyze-South-African-ports/
CR  - Lebek, B., Uffen, J., Neumann, M., Hohler, B., &amp; H. Breitner, M. (2014). Information security awareness and behavior: a theory-based literature review. Management Research Review, 37(12), 1049–1092. https://doi.org/10.1108/MRR-04-2013-0085
CR  - Lemos, R. (2019). Coast Guard Warns Shipping Firms of Maritime Cyberattacks. https://www.darkreading.com/vulnerabilities-threats/coast-guard-warns-shipping-firms-of-maritime-cyberattacks
CR  - Linton, A. (2016). Port Authority Role in Cyber-Security -LinkedIn. https://www.linkedin.com/pulse/port-authority-role-cyber-security-art-linton/
CR  - Lubold, G., &amp; Volz, D. (2018). Chinese Hackers Breach U.S. Navy Contractors - WSJ. https://www.wsj.com/articles/u-s-navy-is-struggling-to-fend-off-chinese-hackers-officials-say-11544783401
CR  - Mahoney, S., Roth, E., Steinke, K., Pfautz, J., Wu, C., &amp; Farry, M. (2010). Cognitive Task Analysis for Cyber Situational Awareness. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 54(4), 279–283. https://doi.org/10.1177/154193121005400403
CR  - Mallik, A., Ahsan, A., Shahadat, M. Md. Z., &amp; Tsou, J.-C. (2019). Man-in-the-middle-attack: Understanding in simple words. International Journal of Data and Network Science, 77–92. https://doi.org/10.5267/j.ijdns.2019.1.001
CR  - Maritime Executive. (2020a). Carnival Corporation Reports Ransomware Attack Accessed Data. https://www.maritime-executive.com/article/carnival-corporation-reports-ransomware-attack-accessed-data
CR  - Maritime Executive. (2020b). Hurtigruten Reports Passenger Data Exposed in Cyberattack. https://www.maritime-executive.com/article/hurtigruten-reports-passenger-data-exposed-in-cyberattack
CR  - Maritime Executive. (2020c). Naval Dome: Cyberattacks on OT Systems on the Rise. https://www.maritime-executive.com/article/naval-dome-cyberattacks-on-ot-systems-on-the-rise
CR  - Maritime Executive. (2020d). Ransomware Cripples IT Systems of Inland Port in Washington State. https://www.maritime-executive.com/article/ransomware-attack-cripples-systems-of-inland-port-in-washington-state
CR  - McNeese, M., Cooke, N. J., D’Amico, A., Endsley, M. R., Gonzalez, C., Roth, E., &amp; Salas, E. (2012). Perspectives on the Role of Cognition in Cyber Security. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 56(1), 268–271. https://doi.org/10.1177/1071181312561063
CR  - Mcquade, M. (2018). The Untold Story of NotPetya, the Most Devastating Cyberattack in History. https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
CR  - Meland, P. Há., Bernsmed, K., Wille, E., Rødseth, Ø. J., &amp; Nesheim, D. A. (2021). A Retrospective Analysis of Maritime Cyber Security Incidents. TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation, 15(3), 519–530. https://doi.org/10.12716/1001.15.03.04
CR  - Mraković, I., &amp; Vojinović, R. (2019a). Maritime Cyber Security Analysis – How to Reduce Threats? Transactions on Maritime Science, 8(1), 132–139. https://doi.org/10.7225/toms.v08.n01.013
CR  - Mraković, I., &amp; Vojinović, R. (2019b). Maritime Cyber Security Analysis – How to Reduce Threats? Transactions on Maritime Science, 8(1), 132–139. https://doi.org/10.7225/toms.v08.n01.013
CR  - Mraković, I., &amp; Vojinović, R. (2019c). Maritime Cyber Security Analysis – How to Reduce Threats? Transactions on Maritime Science, 8(1), 132–139. https://doi.org/10.7225/toms.v08.n01.013
CR  - Nguyen, L. (2018, February). e-paper: Collaboration in the Shipping Industry:  Innovation and Technology. KNect365. https://informaconnect.com/epaper-collaboration-in-the-shipping-industry-innovation-and-technology/
CR  - NSI, N. S. I. (2017). A Brief User’s Guide to Getting the Most from Your Employee Security Connection Subscription. https://www.nsi.org/pdf/ESC_User’s_Guide.pdf
CR  - Okoli, C. (2015). A Guide to Conducting a Standalone Systematic Literature Review. Communications of the Association for Information Systems, 37. https://doi.org/10.17705/1CAIS.03743
CR  - Parizo, E. (2019). Maersk CISO Says NotPeyta Devastated Several Unnamed US firms. https://www.darkreading.com/omdia/maersk-ciso-says-notpeyta-devastated-several-unnamed-us-firms
CR  - Perez, G. F. (2019). Cyber Situational Awareness and Cyber Curiosity Taxonomy for Understanding Susceptibility of Social Engineering Attacks in the Maritime Industry [Nova Southeastern University]. https://nsuworks.nova.edu/gscis_etd
CR  - Pfleeger, S. L., &amp; Caputo, D. D. (2012). Leveraging behavioral science to mitigate cyber security risk. Computers &amp; Security, 31(4), 597–611. https://doi.org/10.1016/j.cose.2011.12.010
CR  - Port Technology International. (2021). CMA CGM faces cyber attack leading to data leak - Port Technology International. https://www.porttechnology.org/news/cma-cgm-faces-cyber-attack-leading-to-data-leak/
CR  - Progoulakis, I., Rohmeyer, P., &amp; Nikitakos, N. (2021). Cyber Physical Systems Security for Maritime Assets. Journal of Marine Science and Engineering, 9(12), 1384. https://doi.org/10.3390/jmse9121384
CR  - Refsdal, A., Solhaug, B., &amp; Stølen, K. (2015). Cyber-Risk Management. Springer International Publishing. https://doi.org/10.1007/978-3-319-23570-7
CR  - Reuters. (2012). Saudi Arabia says cyber attack aimed to disrupt oil, gas flow | Reuters. https://www.reuters.com/article/saudi-attack/saudi-arabia-says-cyber-attack-aimed-to-disrupt-oil-gas-flow-idUSL5E8N91UE20121209
CR  - RTE. (2022). European oil port terminals hit by cyberattack. https://www.rte.ie/news/world/2022/0203/1277569-oil-terminal-cyberattack/
CR  - S. de Vleeschhouwer. (2017). Safety of data. The risks of cyber security in the maritime sector. https://maritimetechnology.nl/media/NMT_Safety-of-data-The-risks-of-cyber-security-in-the-maritime-sector.pdf
CR  - Safety4sea. (2018). 2018 Highlights: Major cyber-attacks reported in maritime industry. https://safety4sea.com/cm-2018-highlights-major-cyber-attacks-reported-in-maritime-industry/
CR  - Safety4sea. (2020a). Hurtigruten hit by cyber-attack. https://safety4sea.com/hurtigruten-hit-by-cyber-attack/
CR  - Safety4sea. (2020b). Vard shipbuilder experiences ransomware attack - SAFETY4SEA. https://safety4sea.com/vard-shipbuilder-experiences-ransomware-attack/
CR  - Safety4sea. (2021a). CMA CGM face to face with another cyber-attack - SAFETY4SEA. https://safety4sea.com/cma-cgm-face-to-face-with-another-cyber-attack/
CR  - Safety4sea. (2021b). K Line issues apology after yet another cyber-attack. https://safety4sea.com/k-line-issues-apology-after-yet-another-cyber-attack/
CR  - Safety4sea. (2022a). Cyber attack hits Port of Lisbon. https://safety4sea.com/cyber-attack-hits-port-of-lisbon/
CR  - Safety4sea. (2022b). Cyber attacks hit European oil terminals - SAFETY4SEA. https://safety4sea.com/cyber-attacks-hit-european-oil-terminals/
CR  - Schenkelberg, B. (2021). S. Africa Cyber-Attack, Durban &amp; Richards Bay Terminals - X-Industry - Red Sky Alliance. https://redskyalliance.org/xindustry/s-africa-cyber-attack-durban-richards-bay-terminals
CR  - Schmitt, M. (2017). Introduction. In Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations (pp. 1-8). Cambridge: Cambridge University Press. doi:10.1017/9781316822524.006
CR  - Secureworks. (2018). Gold Galleon: How a Nigerian Cyber Crew Plunders the Shipping Industry. https://www.secureworks.com/research/gold-galleon-how-a-nigerian-cyber-crew-plunders-the-shipping-industry
CR  - Shauk, Z. (2013, April 28). Malware on the offshore rig: Danger lurks where the chips fail. https://www.houstonchronicle.com/business/energy/article/Malware-on-the-offshore-rig-Danger-lurks-where-4470723.php
CR  - Shen, C., &amp; Baker, J. (2020). CMA CGM confirms ransomware attack. https://lloydslist.maritimeintelligence.informa.com/LL1134044/CMA-CGM-confirms-ransomware-attack
CR  - Tam, K., &amp; Jones, K. (2019). MaCRA: a model-based framework for maritime cyber-risk assessment. WMU Journal of Maritime Affairs, Port18(1), 129–163. https://doi.org/10.1007/s13437-019-00162-2
CR  - The Maritime Executive. (2018). Saipem’s Servers Hit by Cyberattack. https://maritime-executive.com/article/saipem-s-servers-hit-by-cyberattack
CR  - The Norwegian National Security Authority (NSM). (2020). RISIKO 2020. https://www.digi.no/filer/NSM_Risiko_2020_a_pen.pdf
CR  - The Portugal News/Lusa. (2022). Cyberattack at Lisbon port - The Portugal News. https://www.theportugalnews.com/news/2022-12-26/cyberattack-at-lisbon-port/73281
CR  - Toogood, D. (2020). Red Funnel Suffers “Malicious Attack” on IT Systems Causing Major Disruption. https://www.islandecho.co.uk/red-funnel-suffers-malicious-attack-on-it-systems-causing-major-disruption/
CR  - Torbati, Y., &amp; Saul, J. (2012, October). Iran’s top cargo shipping line says sanctions damage mounting | Reuters. https://www.reuters.com/article/us-iran-sanctions-shipping-idUSBRE89L10X20121022
CR  - Volz, D. (2019). Chinese Hackers Target Universities in Pursuit of Maritime Military Secrets - WSJ. https://www.wsj.com/articles/chinese-hackers-target-universities-in-pursuit-of-maritime-military-secrets-11551781800
CR  - Walker, J. (2020). AIDA Cruise Ships Under Cyber Attack - Are Costa Ships Also Affected? | Cruise Law News.https://www.cruiselawnews.com/2020/12/articles/cyber-attacks/aida-cruise-ships-under-cyber-attack-are-costa-ships-also-affected/
CR  - Walker, J., &amp; Spencer, J. (n.d.). Cyber Marine: Risks &amp; Loss Scenarios. International Marine Claims Conference. Retrieved March 8, 2023, from http://www.marineclaimsconference.com/imcc-docs/docs/Cyber%20workshop.pdf
CR  - Warrick Joby, &amp; Nakashima, E. (2020). Officials: Israel linked to a disruptive cyberattack on Iranian port facility - The Washington Post.
https://www.washingtonpost.com/national-security/officials-israel-linked-to-a-disruptive-cyberattack-on-iranian-port-facility/2020/05/18/9d1da866-9942-11ea-89fd-28fb313d1886_story.html
CR  - Wohlin, C. (2014). Guidelines for snowballing in systematic literature studies and a replication in software engineering. Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering - EASE ’14, 1–10. https://doi.org/10.1145/2601248.2601268
UR  - https://doi.org/10.47512/meujmaf.1370274
L1  - https://dergipark.org.tr/en/download/article-file/3450151
ER  -