A Comprehensive Analysis of Maritime Cyber Security Incidents: Trends, Impacts, and Countermeasures

Year 2024, , 51 - 61, 03.10.2024

Emre Düzenli , Gizem Kayisoglu , Tayfun Acarer , Pelin Bolat , Ayşe Nak

https://doi.org/10.52998/trjmms.1531187

Abstract

The maritime industry is currently experiencing a process of digital transformation, which involves a significant level of automation and enhanced communication with external networks. As a result, various facilities in the maritime sector such as commercial and navy vessels, shipping companies, ports, and shipbuilders, are becoming more susceptible to cyber threats. In addition to the potential economic and reputational harm to shipping companies, a cyber-attack on maritime systems could result in significant incidents such as the release of hazardous substances, collisions, grounding, and fires. This poses significant risks to both ship crew, ship, cargo, and environment. This study examines cyber security events in the maritime sector. The main objective is to cultivate a thorough comprehension of cyber-attacks that specifically target systems in maritime facilities, by analyzing insights derived from incidents in the Maritime Cyber-Attack Database. The work involves the construction and examination of a number of cyber security incidents. An inquiry is carried out to determine the time patterns, geographical spread, sector-specific consequences, and attributes of these cyber-attacks, including the identity of the perpetrator, intention (whether deliberate or unintentional), and the affected systems inside the maritime domain. The paper examines particular instances to identify the main stages of a cyber-attack on maritime facilities' systems, the fundamental strategies employed by attackers, and proposes standard cyber security solutions to reduce these risks. The study's contribution entails the methodical delineation of the cyber security terrain that is unique to the maritime industry.

Keywords

Maritime cyber security incident, Maritime cyber security, Cyber incident analysis

Supporting Institution

İstanbul Technical University

Project Number

44740

Denizcilik Sektöründe Siber Güvenlik Olaylarının Kapsamlı Analizi: Trendler, Etkiler ve Karşı Önlemler

Abstract

Denizcilik endüstrisi, kapsamlı otomasyon ve harici ağlarla artan bağlantı ile karakterize edilen dijital bir dönüşümden geçmektedir. Bu durum, deniz tesislerini siber tehditlere karşı savunmasız hale getirmektedir. Nakliye şirketleri için potansiyel ekonomik ve itibar zararının ötesinde, deniz sistemlerine yönelik bir siber saldırı, tehlikeli maddelerin boşaltılması, çarpışmalar, karaya oturma, yangınlar gibi ciddi olaylara yol açabilir ve dolayısıyla hem deniz personeli hem de çevre için önemli tehlikeler yaratabilir. Bu çalışma, denizcilik endüstrisindeki siber güvenlik olaylarını araştırmaktadır. Birincil amaç, geçmiş olaylardan içgörüler çıkararak deniz tesislerindeki sistemleri hedef alan siber saldırılar hakkında kapsamlı bir anlayış geliştirmektir. Çalışma, NHL Stenden Uygulamalı Bilimler Üniversitesi'ne ait Deniz Siber Saldırı Veritabanı'ndan (MCAD) toplanan 146 siber güvenlik olayını analiz etmektedir. Saldırganın kimliği, niyet (kasıtlı veya kazara) ve denizcilik alanı kapsamında etkilenen sistemler dahil olmak üzere bu siber saldırıların zamansal kalıplarını, mekansal dağılımını, sektörel etkilerini ve özelliklerini ayırt etmek için bir araştırma yürütülmüştür. Belirli olayları inceleyerek, çalışma deniz tesislerindeki sistemlere yönelik bir siber saldırının temel aşamalarını, saldırganlar tarafından kullanılan birincil taktikleri belirler ve bu tür tehditleri azaltmak için tipik siber güvenlik önlemlerini önerir. Çalışmanın katkısı, denizcilik sektörüne özgü siber güvenlik manzarasının sistematik haritalanmasını sağlar.

Keywords

Denizel alanda siber güvenlik olayları, Denizel alanda siber güvenlik, Siber güvenlik olay analizi

Supporting Institution

İstanbul Teknik Üniversitesi

Project Number

44740

References

• Androjna, A., Perkovič, M. (2021). Impact of spoofing of navigation systems on maritime situational awareness. Transactions on Maritime Science, 10(2): 361–373. doi:10.7225/toms.v10.n02.w08. Ben Farah, M.A., Ukwandu, E., Hindy, H., Brosset, D., Bures, M., Andonovic, I., Bellekens, X. (2022). Cyber Security in the Maritime Industry: A Systematic Survey of Recent Advances and Future Trends. Information (Switzerland), 13(1). doi: 10.3390/info13010022.
• Bernsmed, K., Frøystad, C., Meland, P.H., Nesheim, D.A., Rødseth, Ø.J. (2017). Visualizing Cyber Security Risks with Bow-Tie Diagrams. International Workshop on Graphical Models for Security, p. 38–56.
• Bolat, P., Yuksel, G., Uygur, S. (2016). A Study for Understanding Cyber Security Awareness Among Turkish Seafarers. GMC2016 - II.Global Conference On Innovation In Marine Technology And The Future Of Maritime Transportation, p. 278–289.
• Capano, D.E., Throwback Attack: How NotPetya accidentally took down global shipping giant Maersk Industrial Cyber Security Pulse, (2021). Accessed Date: 08.05.2024, https://www.industrialcybersecuritypulse.com/threats-vulnerabilities/throwback-attack-how-notpetya-accidentally-took-down-global-shipping-giant-maersk/ is retrieved. Davis, G., Garcia, A., Zhang, W. (2009). Empirical Analysis of the Effects of Cyber Security Incidents. Risk Analysis, 29(9): 1304–1316. doi: 10.1111/j.1539-6924.2009.01245.x.
• Iaiani, M., Tugnoli, A., Bonvicini, S., Cozzani, V. (2021). Analysis of Cybersecurity-related Incidents in the Process Industry. Reliability Engineering & System Safety, 209: 107485. doi: 10.1016/j.ress.2021.107485.
• Kaneko, T., Yoshioka, N., Sasaki, R. (2021). Cyber-Security Incident Analysis by Causal Analysis using System Theory (CAST). 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp. 806–815. doi: 10.1109/QRS-C55045.2021.00123.
• Karas, A. (2023). Maritime Industry Cybersecurity: A Review of Contemporary Threats. European Research Studies Journal, 26(4): 921–930. doi: 10.35808/ersj/3336.
• Kyriakides, H. Marine cyberattacks: Analysis of liability and IMO 2021, (2021). Accessed Date: 17.05.2024, https://www.legal500.com/developments/thought-leadership/marine-cyberattacks-analysis-of-liability-and-imo-2021/ is retrieved.
• Mednikarov, B., Tsonev, Y., Lazarov, A. (2020). Analysis of Cybersecurity Issues in the Maritime Industry. Information & Security: An International Journal, 47(1): 27–43. doi: 10.11610/isij.4702.
• Meland, P.H., Bernsmed, K., Wille, E., Rødseth, J., Nesheim, D.A. (2021). A retrospective analysis of maritime cyber security incidents. TransNav, 15(3): 519–530. doi:10.12716/1001.15.03.04.
• Mraković, I., Vojinović, R. (2019). Maritime cyber security analysis – How to reduce threats? Transactions on Maritime Science, 8(1): 132–139. doi: 10.7225/toms.v08.n01.013
• NHL STENDEN University of Applied Science, (2001). Maritime Cyber Attack Database (MCAD), NHL Stenden University of Applied Science.
• Patterson, C.M., Nurse, J.R.C., Franqueira, V.N.L. (2023). Learning from cyber security incidents: A systematic review and future research agenda. Computers & Security, 132: 103309. doi: 10.1016/j.cose.2023.103309.
• Schwarz, M., Marx, M., Federrath, H. (2021). A Structured Analysis of Information Security Incidents in the Maritime Sector. ArXiv Preprint ArXiv:2112.06545. Silverajan, B., Vistiaho, P. (2019). Enabling Cybersecurity Incident Reporting and Coordinated Handling for Maritime Sector. 2019 14th Asia Joint Conference on Information Security (AsiaJCIS), pp. 88–95. doi: 10.1109/AsiaJCIS.2019.000-1
• Söner, Ö., Kayisoglu, G., Bolat, P., Tam, K. (2023). Cybersecurity risk assessment of VDR. Journal of Navigation, 1–18. doi: 10.1017/S0373463322000595.
• Tam, K., Jones, K.D. (2019). Situational Awareness: Examining Factors that Affect Cyber-Risks in the Maritime Sector. International Journal on Cyber Situational Awareness, 4(1): 40–68. doi: 10.22619/ijcsa.2019.100125.