Maritime Cybersecurity Research Articles

Cybersecurity at Sea: A Literature Review of Cyber-Attack Impacts and Defenses in Maritime Supply Chains

The maritime industry is constantly evolving and posing new challenges, especially with increasing digitalization, which has raised concerns about cyber-attacks on maritime supply chain agents. Although scholars have proposed various methods and classification models to counter these cyber threats, a comprehensive cyber-attack taxonomy for maritime supply chain actors based on a systematic literature review is still lacking. This review aims to provide a clear picture of common cyber-attacks and develop a taxonomy for their categorization. In addition, it outlines best practices derived from academic research in maritime cybersecurity using PRISMA principles for a systematic literature review, which identified 110 relevant journal papers. This study highlights that distributed denial of service (DDoS) attacks and malware are top concerns for all maritime supply chain stakeholders. In particular, shipping companies are urged to prioritize defenses against hijacking, spoofing, and jamming. The report identifies 18 practices to combat cyber-attacks, categorized into information security management solutions, information security policies, and cybersecurity awareness and training. Finally, this paper explores how emerging technologies can address cyber-attacks in the maritime supply chain network (MSCN). While Industry 4.0 technologies are highlighted as significant trends in the literature, this study aims to equip MSCN stakeholders with the knowledge to effectively leverage a broader range of emerging technologies. In doing so, it provides forward-looking solutions to prevent and mitigate cyber-attacks, emphasizing that Industry 4.0 is part of a larger landscape of technological innovation.

Maritime Cybersecurity Leveraging Artificial Intelligence Mechanisms Unveiling Recent Innovations and Projecting Future Trends

Maritime Cybersecurity Leveraging Artificial Intelligence Mechanisms Unveiling Recent Innovations and Projecting Future Trends

Mitigating Maritime Cybersecurity Risks Using AI-Based Intrusion Detection Systems and Network Automation During Extreme Environmental Conditions

The maritime industry is increasingly confronted with a myriad of cybersecurity challenges exacerbated by extreme environmental conditions, technological advancements, and heightened reliance on automation. This review paper discusses the intersection of these factors, focusing on the adoption of artificial intelligence (AI)-based intrusion detection systems (IDS) and network automation as vital strategies for mitigating cybersecurity risks. The paper begins by outlining the unique cybersecurity threats faced by the maritime sector, which include data breaches, phishing attacks, and malware threats, all amplified by adverse weather and geographical isolation. In light of these challenges, the rationale for integrating AI-driven solutions into maritime operations is discussed. AI-based IDS can enhance threat detection capabilities through advanced machine learning algorithms that adapt to evolving cyber threats while minimizing false positives. Additionally, network automation can improve connectivity and data security, facilitating real-time monitoring and response to incidents. The review also addresses the critical need for collaboration between maritime and technology industries, emphasizing how partnerships can foster innovation and provide tailored solutions to the sector’s specific needs. Furthermore, the paper examines current implementations and case studies that illustrate successful applications of AI and automation in adverse maritime conditions. While recognizing the potential benefits, the review highlights the technical and operational challenges inherent in these implementations, including data integration, regulatory compliance, and cultural differences between sectors. Ultimately, this paper aims to provide a comprehensive overview of the state of maritime cybersecurity and the pivotal role of AI and automation in shaping a resilient, secure maritime future. The findings underscore the importance of ongoing research and development, collaborative efforts, and the necessity of adaptable strategies to safeguard maritime operations against the evolving landscape of cyber threats.

Challenges in Maritime Cybersecurity Training and Compliance

The implementation of cybersecurity standards and directives in the maritime sector plays a crucial role in protecting critical maritime infrastructures from cyber threats. The level of protection depends heavily on humans. However, the effectiveness of cybersecurity training and compliance programmes, an essential component of these standards, is often hindered by challenges related to the sector’s environment, including the established technologies, practices, and norms. This paper aims to identify these challenges through a literature review and set the basis for more effective human risk minimization, responses, and training. We identify 17 challenges and validate them with an online survey (N = 205) capturing real-world perspectives from maritime-related stakeholders. Our findings contribute to enhancing the effectiveness of maritime cybersecurity training and compliance programmes, ultimately strengthening the maritime cybersecurity posture.

Literature review of maritime cyber security: The first decade

Literature review of maritime cyber security: The first decade

Maritime Cyber Security: Adopting a Checklist Based on IACS UR E26 Standard

The efficient operation of ship systems that control navigation, communications, sensors, and power and machinery is dependent on the increasing digitization of the maritime sector and the intense use of information and operational technologies. The goal of issuing and enforcing global regulations and standards is to lessen the impact of potential dangers that could jeopardize on-board systems, network and data integrity, and operation, functionality and safety. At this point, "Cyber Resilience of Ships" (UR E26) is recently released by the International Association of Classification Societies (IACS) to address the need to improve ships' cyber resilience. This regulation will be applicable to new ships built on and after 1 July 2024. This study aims to create a check list for ship cyber security based on IACS UR E26 standard. A ship cyber security checklist was developed by first analyzing ship operational technologies, identifying potential cyber risks and vulnerabilities, and then creating a checklist in accordance with the IACS UR E26 standard to ensure cyber security on board. With a focus on clean seas and safe ships, the IACS provides technical assistance, verifies compliance, and conducts research and development to enhance maritime safety, security and regulation. This study provides practical tool to ships for ship cyber security management under the safety management system besides IACS standard benefits. Creating a checklist in accordance with the IACS UR E26 standard also allows ship owners and operators to comply with the standards and facilitate inspection processes. This reduces the effort spent to comply with international regulations. It helps to proactively manage cyber risks by providing a systematic approach to ship cyber security management.

A Comprehensive Analysis of Maritime Cyber Security Incidents: Trends, Impacts, and Countermeasures

The maritime industry is currently experiencing a process of digital transformation, which involves a significant level of automation and enhanced communication with external networks. As a result, various facilities in the maritime sector such as commercial and navy vessels, shipping companies, ports, and shipbuilders, are becoming more susceptible to cyber threats. In addition to the potential economic and reputational harm to shipping companies, a cyber-attack on maritime systems could result in significant incidents such as the release of hazardous substances, collisions, grounding, and fires. This poses significant risks to both ship crew, ship, cargo, and environment. This study examines cyber security events in the maritime sector. The main objective is to cultivate a thorough comprehension of cyber-attacks that specifically target systems in maritime facilities, by analyzing insights derived from incidents in the Maritime Cyber-Attack Database. The work involves the construction and examination of a number of cyber security incidents. An inquiry is carried out to determine the time patterns, geographical spread, sector-specific consequences, and attributes of these cyber-attacks, including the identity of the perpetrator, intention (whether deliberate or unintentional), and the affected systems inside the maritime domain. The paper examines particular instances to identify the main stages of a cyber-attack on maritime facilities' systems, the fundamental strategies employed by attackers, and proposes standard cyber security solutions to reduce these risks. The study's contribution entails the methodical delineation of the cyber security terrain that is unique to the maritime industry.

Increasing maritime cybersecurity awareness through game-based learning

Abstract Increased connectivity, digitalization and emerging autonomous operations within the maritime sector are paving the road for new cybersecurity risks. Such risks are not just a technical concern, as effective awareness and training programs play an important role in increasing the knowledge of relevant cyberattacks and defences, thereby improving security practices among stakeholders. Serious games have emerged as an engaging method to train individuals, effectively communicate an understanding of emerging cybersecurity threats and promote cybersecurity culture and hygiene. This paper delves into the development process of an asymmetrical strategy game for the maritime sector. The game uses a red versus blue paradigm to educate players about critical assets of maritime operations and how they can be exploited. The novelty of this work has been to design a gameplay based on actual incidents that for instance shipping companies have been facing up until today and likely future events. We employ a design science research methodology to ensure problem relevance and utility for practitioners. The game has been designed towards a demography of students from maritime education and training institutions and professionals working in the maritime sector but should be appealing to others looking to expand their comprehension of the maritime cybersecurity intricacies as well. The game serves as a pedagogical learning tool for elevating cybersecurity awareness, preparedness and response in the maritime digitalization sphere.

An Approach to Maritime Cyber Security Risks: Nature and Countermeasures

An Approach to Maritime Cyber Security Risks: Nature and Countermeasures

Maritime Cybersecurity: Protecting Critical Infrastructure in The Digital Age

Maritime Cybersecurity: Protecting Critical Infrastructure in The Digital Age

Decoding dependencies among the risk factors influencing maritime cybersecurity: Lessons learned from historical incidents in the past two decades

The distinctive features of maritime infrastructures present significant challenges in terms of security. Disruptions to the normal functioning of any part of maritime transportation can have wide-ranging consequences at both national and international levels, making it an attractive target for malicious attacks. Within this context, the integration of digitalization and technological advancements in seaports, vessels and other maritime elements exposes them to cyber threats. In response to this critical challenge, this paper aims to formulate a novel cybersecurity risk analysis method for ensuring maritime security. This approach is based on a data-driven Bayesian network, utilizing recorded cyber incidents spanning the past two decades. The findings contribute to the identification of highly significant contributing factors, a meticulous examination of their nature, the revelation of their interdependencies, and the estimation of their probabilities of occurrence. Rigorous validation of the developed model ensures its robustness for both diagnostic and prognostic purposes. The implications drawn from this study offer valuable insights for stakeholders and governmental bodies, enhancing their understanding of how to address cyber threats affecting the maritime industry. This knowledge aids in the implementation of necessary preventive measures.

A Comparative Legal Study on the of Maritime Cyber Security Framework

A Comparative Legal Study on the of Maritime Cyber Security Framework

Survey-based analysis of cybersecurity awareness of Turkish seafarers

In recent years, vessels have become increasingly digitized, reflecting broader societal trends. As a result, maritime operations have become an attractive target for cyber threat actors. Despite the limited cybersecurity training seafarers receive, they are expected to operate within technologically advanced environments. The importance of cybersecurity awareness is evident, but the extent of seafarers’ knowledge in this area remains uncertain. This article investigates three primary aspects: (1) the current state of cybersecurity onboard cargo vessels, (2) seafarers’ cybersecurity awareness, and (3) potential improvements in seafarers’ cybersecurity awareness. To accomplish this, a literature review is conducted to collect and analyze current research, supplemented by a questionnaire survey targeting Turkish seafarers. Our findings support increased investment in awareness and training programs, including organizational-wide cybersecurity awareness efforts, more frequent training, mandatory training for all seafarers through the Standards of Training Certification and Watchkeeping (STCW), and the appointment of a cybersecurity Officer (CySO) to ensure satisfactory cybersecurity levels onboard. Since this article focuses on high-level topics by assessing the general state of maritime cybersecurity and seafarers’ cybersecurity awareness, it does not delve into detailed considerations of awareness and training programs. Nevertheless, it lays the foundation for future research in this area.

Advancing coordination in critical maritime infrastructure protection: Lessons from maritime piracy and cybersecurity

Critical maritime infrastructure protection has become a priority in ocean governance, particularly in Europe. Increased geopolitical tensions, regional conflicts, and the Nord Stream pipeline attacks in the Baltic Sea of September 2022 have been the main catalysts for this development. Calls for enhancing critical maritime infrastructure protection have multiplied, yet, what this implies in practice is less clear. This is partially a question of engineering and risk analysis. It also concerns how the multitude of actors involved can act concertedly. Dialogue, information sharing, and coordination are required, but there is a lack of discussion about which institutional set ups would lend themselves. In this article, we argue that the maritime counter-piracy operations off Somalia, as well as maritime cybersecurity governance hold valuable lessons to provide new answers for the institutional question in the critical maritime infrastructure protection agenda. We start by clarifying what is at stake in the CMIP agenda and why it is a major contemporary governance challenge. We then examine and assess the instruments found in maritime counter-piracy and maritime cybersecurity governance, including why and how they provide effective solutions for enhancing critical maritime infrastructure protection. Finally, we assess the ongoing institution building for CMIP in Europe. While we focus on the European experience, our discussion on designing institutions carries forward lessons for CMIP in other regions, too.

Comprehensive Analysis of Maritime Cybersecurity Landscape Based on the NIST CSF v2.0

As technology advances and digitalization becomes more prevalent in the industry, the cyber threats to maritime systems and operations have significantly increased. The maritime sector relies heavily on interconnected networks, communication systems, and sophisticated technologies for its operations, making it an attractive target for cybercriminals, nation-states, and other threat actors. Safeguarding the maritime sector against cyber threats is crucial to ensuring the safety, integrity, and efficiency of maritime operations as well as for protecting sensitive information and global trade. The International Maritime Organization (IMO) has played a significant role in addressing cybersecurity issues, leading to the implementation of regulations aimed at risk reduction. This paper delves into the realm of cybersecurity within the maritime industry, offering an in-depth analysis of its various aspects through an extensive literature review based on the latest Version 2.0 of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) functional areas. The primary objective is to establish a connection between research and NIST’s functions and categories, thereby presenting a nascent perspective and identifying existing security research gaps. Through the adoption of this strategic approach, the present paper aims to cultivate a forward-looking and proactive state of maturity in anticipation of future developments within the maritime industry. The outcomes of this research can provide valuable reference points in academic discourse, potentially leading to new hypotheses, and fuel innovation in developing advanced cybersecurity measures within the maritime industry.

Enhancing Maritime Cybersecurity through Operational Technology Sensor Data Fusion: A Comprehensive Survey and Analysis.

Cybersecurity is becoming an increasingly important aspect in ensuring maritime data protection and operational continuity. Ships, ports, surveillance and navigation systems, industrial technology, cargo, and logistics systems all contribute to a complex maritime environment with a significant cyberattack surface. To that aim, a wide range of cyberattacks in the maritime domain are possible, with the potential to infect vulnerable information and communication systems, compromising safety and security. The use of navigation and surveillance systems, which are considered as part of the maritime OT sensors, can improve maritime cyber situational awareness. This survey critically investigates whether the fusion of OT data, which are used to provide maritime situational awareness, may also improve the ability to detect cyberincidents in real time or near-real time. It includes a thorough analysis of the relevant literature, emphasizing RF but also other sensors, and data fusion approaches that can help improve maritime cybersecurity.

Maritime cybersecurity in the Indo-Pacific: envisioning a role for the Quad

ABSTRACT Digitalization in the maritime industry has exposed offshore vessels and onshore maritime assets to increasing cyberattacks by malicious actors. The problem is particularly acute in the geopolitically fraught Indo-Pacific, a region through which 60 per cent of global maritime trade passes. The inadequacy of the international regulatory ecosystem centered around the International Maritime Organization (IMO) and other challenges have only compounded the problem. This paper argues that the Quad is most suited to address the issue of maritime cybersecurity in the Indo-Pacific. It proposes the creation of a hybrid body composed of the Quad, like-minded littoral states and maritime industry bodies from the Indo-Pacific for thwarting, responding to, and recovering from cyberattacks in the region. It argues that a localized regional response by the Quad would be preferable over unilateral measures by states or waiting for the IMO’s regulation in the form of a code or convention.

Proposing the future skill requirements for maritime cyber security

Proposing the future skill requirements for maritime cyber security

Preventing Catastrophic Cyber–Physical Attacks on the Global Maritime Transportation System: A Case Study of Hybrid Maritime Security in the Straits of Malacca and Singapore

This paper examines hybrid threats to maritime transportation systems and their governance responses; focusing on the congested Straits of Malacca and Singapore (SOMS) as an illustrative case study. The methodology combines secondary sources with primary data from 42 expert interviews, a 28 respondent survey, and two maritime security roundtables. Key findings were that ships’ critical systems are increasingly interconnected, yet aging IT infrastructure and minimal cybersecurity awareness among crews heighten risks. Meanwhile, regional terrorist groups have previously targeted shipping and shown considerable skill in exploiting online tools, aligning with broader calls for jihadist violence. Furthermore, opportunistic piracy persists in the SOMS with the potential to disrupt shipping. Experts confirmed that maritime cybersecurity lags behind other critical infrastructure sectors and needs updated governance. Initial International Maritime Organization (IMO) guidelines lack specificity but revisions and updated IMO guidance are in process, while Port state implementation of maritime cybersecurity standards varies. Crucially, information sharing remains inadequate, even as recorded attacks increase. Findings underscore that although major hybrid incidents have not occurred, simulations and threat actors’ capabilities demonstrate potential for catastrophic collisions or cascading disruption in congested waterways. Mitigating factors like redundancy and crew training are deficient currently. Some alignment between SOMS states on maritime security cooperation exists, but not on cyber threats specifically. Key recommendations include an anonymous cyber attack reporting system, reinforced training and shipboard systems, and consolidated regional frameworks. Until these priorities are addressed, the analysis concludes that hybrid vulnerabilities in this vital global chokepoint remain a serious concern.

Maritime decision-makers and cyber security: deck officers’ perception of cyber risks towards IT and OT systems

Through a quantitative study of deck officers’ cyber risk perceptions towards information (IT) and operational (OT) systems, this paper contributes to substantiate the importance of considering human behaviour within maritime cyber security. Using survey data from 293 deck officers working on offshore vessels, statistical analyses were conducted to measure and predict the participants cyber risk perceptions towards IT and OT systems. Performing a Wilcoxon signed-rank test revealed a significant discrepancy in the levels of cyber risk perception between the system categories. Hierarchical regression analyses were conducted to develop statistical models, considering multiple independent variables, including perceived benefit, cyber security training, experience with cyber-attacks, and trust towards various stakeholders. Key findings revealed distinct results for IT and OT systems, and the regression models varied in both predictive power and significance of the independent variables. Perceived benefit positively predicts deck officers cyber risk perception for both IT and OT systems, while trust, which included measures of social trust and confidence, was not found to be significant. Cyber security training and experience with cyber-attacks only influence deck officers’ perception of cyber risks related to operational technology. Practical implications of this work provide actionable recommendations for the maritime industry, including tailored risk communication tools, training programs, reporting systems, and holistic policies.