Challenges in providing cybersecurity to port and maritime infrastructure facilities

Syta, Jakub

doi:10.57599/gisoj.2024.4.1.131

Artykuł - szczegóły

Tytuł artykułu

Challenges in providing cybersecurity to port and maritime infrastructure facilities

Autorzy

Syta Jakub

Treść / Zawartość

Pełne teksty:

_4_1_10_Syta+Jakub_131-144_accepted_1.10.2024.pdf

Pobierz

Identyfikatory

DOI

10.57599/gisoj.2024.4.1.131

Warianty tytułu

Języki publikacji

Abstrakty

The following article focuses on the cybersecurity challenges within ‘heavy’ industries such as civilian ports and maritime infrastructure. Very often, such traditional sectors do not consider cybersecurity to be a priority. With the growing adaptation of modern technologies, the 5th generation of ports is approaching, where the exposition to cybersecurity threats will be huge. Additionally, the losses will not only be visible in ‘cyberspace’ but can cause significant infrastructure damage, injuries or even mass causalities. Or can impact the global supply chain. These threats are new, and often, port management never even had a chance to go through them. By discussing several real-life and imaginary examples, the author wants to highlight the reality of the impact of cybersecurity incidents. In his opinion, such examples should be widely distributed and shared not only with the CEO. The article ends with several recommendations to be implemented by port and maritime infrastructure executives.

Słowa kluczowe

cybersecurity cyberthreats maritime industry port infrastructure

cyberbezpieczeństwo cyberzagrożenia przemysł morski infrastruktura portowa

Wydawca

SILGIS Association
Croatian-Polish Scientific Network

Czasopismo

GIS Odyssey Journal

Rocznik

2024

Tom

Vol. 4, no. 1

Strony

131--144

Opis fizyczny

Bibliogr. 40 poz.

Twórcy

autor

Syta Jakub

j.syta@amw.gdynia.pl

Maritime Cybersecurity Center, Polish Naval Academy, Gdynia, Poland

https://orcid.org/0000-0002-0115-6432

Bibliografia

1. Abrams L. (2021). Computer giant Acer hit by $50 million ransomware attack. https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack/ [access: 01.06.2024].
2. BadCyber (2023). Dieselgate, but for trains – some heavyweight hardware hacking. https://badcyber.com/dieselgate-but-for-trains-some-heavyweight-hardware- hacking/ [access: 01.06.2024].
3. Canepa M., Ballini F., Dalaklis D. Vakili S. (2021). Assessing the effectiveness of cybersecurity training and rising awareness within the maritime domain. 10.21125/inted.2021.0726. 2021.
4. Chirgwin R. (2018). IT 'heroes' saved Maersk from NotPetya with ten-day reinstallation blitz. https://www.theregister.com/2018/01/25/after_notpetya_maersk_replaced_every thing/ [access: 01.06.2024].
5. Christian A. (2021). The untold story of the big boat that broke the world. https://www.wired.co.uk/article/ever-given-global-supply-chain [access: 01.06.2024].
6. Dark Reading Staff (2024). Iran Warship Aiding Houthi Pirates Hacked by US. https://www.darkreading.com/cyberattacks-data-breaches/iranian-ship-aiding- houthi [access: 01.06.2024].
7. Deep Trekker (2020). Top 3 Risks at our Ports. https://www.deeptrekker.com/resources/maritime-port-security-risks [access: 01.06.2024].
8. Drougkas A., Sarri S., Kyranoudi P., Zisi A. (2019). Good practices for cybersecurity in the maritime sector, ENISA 2019. https://www.enisa.europa.eu/publications/port- cybersecurity-good-practices-for-cybersecurity-in-the-maritime-sector [access: 01.06.2024].
9. DW (2015). Robot kills worker at Volkswagen plant in Germany. https://www.dw.com/en/robot-kills-worker-at-volkswagen-plant-in-germany/a- 18556982 [access: 01.06.2024].
10. Esage A. (2018). Hacking attack in port of Barcelona. https://www.securitynewspaper.com/2018/09/26/hacking-attack-in-port-of- barcelona/ [access: 01.06.2024].
11. Euromaidan Press (2023). Maritime security in the Black Sea is an international problem. https://channel16.dryadglobal.com/maritime-security-in-the-black-sea- is-an-international-problem [access: 01.06.2024].
12. Gartner (2023). Gartner Unveils Top Eight Cybersecurity Predictions for 2023-2024. https://www.gartner.com/en/newsroom/press-releases/2023-03-28-gartner- unveils-top-8-cybersecurity-predictions-for-2023-2024 [access: 01.06.2024].
13. Goward D. (2018). GPS disrupted for maritime in Mediterranean, Red Sea. https://www.gpsworld.com/gps-disrupted-for-maritime-in-mediterranean-red- sea/ [access: 01.06.2024].
14. IoT Security Foundation (2024). https://www.iotsecurityfoundation.org/ [access: 01.06.2024].
15. ISO/IEC (2023), ISO/IEC 27001:2023 Information technology – Security techniques – Information security management systems – Requirements, ISO 2023.
16. Kaliszewski A. (2017). Fifth and sixth generation ports (5GP, 6GP) – the evolution of the economic and social role of ports, Studies and Materials of the Institute of Transport and Maritime Trade.
17. Kapadia S. (2020). 3 years, 3 cyberattacks on major ocean carriers. How can shippers protect themselves? https://www.supplychaindive.com/news/ocean-carrier- cybersecurity-maersk-msc-cosco/576754/ [access: 01.06.2024].
18. Kemme, N. (2013). Design and Operation of Automated Container Storage Systems, Physica-Verlag Heidelberg.
19. Kiev Post (2024). Recent GPS Failures in Poland and Baltic States Blamed on Russian Electronic Warfare Trials. https://www.kyivpost.com/post/26945 [access: 01.06.2024].
20. Knit 360 (2021). Collaboration in the Shipping Industry: Innovation and Technology https://knect365.com/maritime/article/91705d00-6d9d-4ba3-98a4- 9b10c92ad520/epaper-collaboration-in-the-shipping-industry-innovation-and- technology [access: 01.06.2024].
21. Kuźmicz K., Glinko M., Kondraciuk S., Kowalczuk Ł. (2020). Analysis of the automation potential of the container terminal in Gdansk. Academy of Management 4(3), Faculty of Management Engineering, Bialystok University of Technology 2020.
22. Langley D., van Doorn J., Ng I. Stieglitz S., Lazovik A., Boonstra A. (2021). The Internet of Everything: Smart things and their impact on business models. Journal of Business Research, vol. 122.
23. Mu L., Zhao E., Wang Y., Zomaya A. (2020). Buoy Sensor Cyberattack Detection in Offshore Petroleum Cyber-Physical Systems. https://www.researchgate.net/publication/338440318_Buoy_Sensor_Cyberattack_ Detection_in_Offshore_Petroleum_Cyber-Physical_Systems [access: 01.06.2024].
24. Nassi B., Nassi D., Ben-Netanel R., Mirsky Y., Drokin O., Elovici Y. (2020). Phantom of the ADAS: Phantom Attacks on Driver-Assistance Systems, Ben-Gurion University, Negev, Israel. https://eprint.iacr.org/2020/085.pdf [access: 01.06.2024].
25. NIK (2018). Information on the results of the audit, Seaport Access Infrastructure, KIN.430.003.2017 Record No. 37/2018/P/17/033/KIN. https://www.nik.gov.pl/plik/id,17942,vp,20530.pdf [access: 01.06.2024].
26. NIS (2022). EU Directive on Security of Network and Information Systems (NIS2 Directive) – proposal for a new directive available at https://digital- strategy.ec.europa.eu/en/library/proposal-directive-measures-high-common-level- cybersecurity-across-union [access: 01.06.2024].
27. NIS2 (2022). Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union.
28. OpenAI (2021). Multimodal Neurons in Artificial Neural Networks. https://openai.com/blog/multimodal-neurons/ [access: 01.06.2024].
29. Powell O. (2023). Largest DDoS attacks ever reported by Google, Cloudflare and AWS. https://www.cshub.com/attacks/news/record-breaking-ddos-attack [access: 01.06.2024].
30. Roberts J. (2017). Exclusive: Facebook and Google Were Victims of $100M Payment Scam. https://fortune.com/2017/04/27/facebook-google-rimasauskas/ [access: 01.06.2024].
31. Roth A. (2022). Cyberpartisans’ hack Belarusian railway to disrupt Russian buildup, https://www.theguardian.com/world/2022/jan/25/cyberpartisans-hack- belarusian-railway-to-disrupt-russian-buildup [access: 01.06.2024].
32. Rüßmann M., Lozenz M., Gerbert P., Waldner M., Engel P., Harnish M. (2015). Industry 4.0: the Future of Productivity and Growth in Manufacturing Industries. Technical Report. Boston Consulting Group. https://image-src.bcg.com/Images/Industry_40_Future_of_Productivity_April_2015_tcm9-61694.pdf [access: 01.06.2024].
33. The Navigation Center of Excellence (2024). GPS Problem Reports Status https://navcen.uscg.gov/?Do=GPSReportStatus. [access: 01.06.2024].
34. The Telegraph (2022). Inside the Dutch ‘torture chamber’. https://www.telegraph.co.uk/news/2022/04/02/inside-dutch-torture-chamber/ [access: 01.06.2024].
35. Tsonchew A. (2018). Troubled waters: cyber-attacks on San Diego and Barcelona's ports. https://www.darktrace.com/en/blog/troubled-waters-cyber-attacks-on-san-diego-and-barcelonas-ports/ [access: 01.06.2024].
36. Tubielewicz A. (2015). Logistical management in maritime transport. Oficyna Wydawnicza Polskie Towarzystwa Zarządzania Produkcją, Gdańsk.
37. TVN24 (2013). Zapłacili oszustowi. Lecą głowy w Metrze Warszawskim (They paid the scammer. Heads are flying in the Warsaw Metro). https://tvn24.pl/tvnwarszawa/najnowsze/zaplacili-oszustowi-leca-glowy-w- metrze-warszawskim-241057 [access: 01.06.2024].
38. Ubmemea (2013). Antwerp incident highlights maritime IT security risk. https://www.seatrade-maritime.com/europe/antwerp-incident-highlights- maritime-it-security-risk [access: 01.06.2024].
39. Williams D. (2022). Nearly a Third of Cybersecurity Leaders Considering Quitting. https://www.blackfog.com/cybersecurity-leaders-consider-quitting/ [access: 01.06.2024].
40. Zawadzki J. (2019). Integrated port security post factoring in the optimal use of the potential of security forces and measures. Maritime Security Yearbook, Polish Naval Academy.

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-28519681-7519-4b36-9c51-0d98d2ba581e