PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

A retrospective analysis of maritime cyber security incidents

Treść / Zawartość
Identyfikatory
Warianty tytułu
Języki publikacji
EN
Abstrakty
EN
The maritime industry is undergoing a rapid evolution through the introduction of new technology and the digitization of existing services. At the same time, the digital attack surface is increasing, and incidents can lead to severe consequences. This study analyses and gives an overview of 46 maritime cyber security incidents from the last decade (2010-2020). We have collected information from open publications and reports, as well as anonymized data from insurance claims. Each incident is linked to a taxonomy of attack points related to onboard or off-ship systems, and the characteristics have been used to create a Top-10 list of maritime cyber threats. The results show that the maritime sector typically has incidents with low frequency and high impact, which makes them hard to predict and prepare for. We also infer that different types of attackers use a variety of attack points and techniques, hence there is no single solution to this problem.
Twórcy
autor
  • SINTEF Digital, Trondheim, Norway
autor
  • SINTEF Digital, Trondheim, Norway
autor
  • SINTEF Digital, Trondheim, Norway
  • SINTEF Ocean, Trondheim, Norway
  • SINTEF Ocean, Trondheim, Norway
Bibliografia
  • 1. Agius, M.: TM mum on whether cyber-attack affected ship, air registries, https://newsbook.com.mt/en/tm-mum-on-whether-cyber-attack-affected-ship-air-registries/, last accessed 2021/04/25.
  • 2. Alcaide, J.I., Llave, R.G.: Critical infrastructures cybersecurity and the maritime sector. Transportation Research Procedia. 45, 547–554 (2020). https://doi.org/10.1016/j.trpro.2020.03.058.
  • 3. ASCStaff: Cyberattack on Clarkson’s shipbroker reaffirms industry’s vulnerability, https://www.logisticsmiddleeast.com/article-13696-cyberattack-on-clarksons-shipbroker-reaffirms-industrys-vulnerability, last accessed 2020/08/11.
  • 4. Asplem, A.: Norwegian Maritime Cyber Resilience Centre (NORMA Cyber), (2021).
  • 5. Athens Group: Cybersecurity – There Is No Silver Bullet, https://athensgroup.com/cybersecurity-there-is-no-silver-bullet/, last accessed 2020/08/11.
  • 6. Aven, T.: On the meaning of a black swan in a risk context. Safety Science. 57, 44–51 (2013). https://doi.org/10.1016/j.ssci.2013.01.016.
  • 7. Azzopardi, K.: Transport Malta cyber attack investigation has not yet determined whether data was stolen, http://www.maltatoday.com.mt/news/national/105593/watch_transport_malta_cyber_attack_investigation_has_not_yet_determined_whether_data_was_stolen, last accessed 2021/04/25.
  • 8. Bartlett, P.: Cyber security – more focus required, says expert, https://www.seatrade-maritime.com/technology/cyber-security-more-focus-required-says-expert, last accessed 2021/04/25.
  • 9. BBC: Red Funnel ferry firm’s IT system hit by “malicious attack,” https://www.bbc.com/news/uk-england-hampshire-54368110, (2020).
  • 10. Bøe, E., Jordheim, H.: Politiet etterforsker dataangrepet mot Hurtigruten, https://e24.no/i/7KPeEK, last accessed 2021/04/25.
  • 11. Boyes, H., Isbell, R.: Code of Practice: Cyber Security for Ships. IET Standard, Department for Transport (UK) (2017).
  • 12. Buurma, C., Sebenius, A.: Ransomware Shuts U.S. Natural Gas Compressor Facility for Two Days, https://www.carriermanagement.com/news/2020/02/20/203485.htm, last accessed 2021/04/25.
  • 13. Caprolu, M., Pietro, R.D., Raponi, S., Sciancalepore, S., Tedeschi, P.: Vessels Cybersecurity: Issues, Challenges, and the Road Ahead. IEEE Communications Magazine. 58, 6, 90–96 (2020). https://doi.org/10.1109/MCOM.001.1900632.
  • 14. Cary, A.: Update: Hacker demands $200K ransom from Tri-Cities port to unlock computer data, https://www.tri-cityherald.com/news/local/crime/article247251569.html, last accessed 2021/04/25.
  • 15. Cimpanu, C.: Ransomware Infection Cripples Shipping Giant COSCO’s American Network, https://www.bleepingcomputer.com/news/security/ransomware-infection-cripples-shipping-giant-coscos-american-network/, last accessed 2021/04/25.
  • 16. Cimpanu, C.: Shipping Firm Avoids Customer Data Dump in Last Year’s Hack & Ransom Incident, https://www.bleepingcomputer.com/news/security/shipping-firm-avoids-customer-data-dump-in-last-years-hack-and-ransom-incident/, last accessed 2021/04/25.
  • 17. Cimpanu, C.: US Coast Guard discloses Ryuk ransomware infection at maritime facility, https://www.zdnet.com/article/us-coast-guard-discloses-ryuk-ransomware-infection-at-maritime-facility/, last accessed 2021/04/25.
  • 18. Cimpean, D., Meire, J., Bouckaert, V., Casteele, S.V., Pelle, A., Hellebooge, L.: Analysis of Cyber Security Aspects in the Maritime Sector. (2011).
  • 19. Coble, S.: Ransomware Attack on Shipping Giant, https://www.infosecurity-magazine.com:443/news/ransomware-attack-on-shipping-giant/, last accessed 2021/04/25.
  • 20. CyberKeel: Maritime Cyber-Risks, https://maritimecyprus.files.wordpress.com/2015/06/maritime-cyber-risks.pdf, last accessed 2021/04/25.
  • 21. Dragos, Inc.: Assessment of Ransomware Event at U.S. Pipeline Operator | Dragos, https://www.dragos.com/blog/industry-news/assessment-of-ransomware-event-at-u-s-pipeline-operator/, last accessed 2020/08/14.
  • 22. Drougkas, A., Sarri, A., Kyranoudi, P., Zisi, A.: Port Cybersecurity: Good practices for cybersecurity in the maritime sector. (2019).
  • 23. Dryad Global: Maritime Cyber Security & Threats March 2020 Week Three, https://dryadglobal.com/maritime-cyber-security-threats-2-2/, last accessed 2020/08/10.
  • 24. ENISA: COVID19, https://www.enisa.europa.eu/topics/wfh-covid19, last accessed 2020/08/17.
  • 25. Goud, N.: Cyber Attack on James Fisher and Sons, https://www.cybersecurity-insiders.com/cyber-attack-on-james-fisher-and-sons/, last accessed 2020/08/14.
  • 26. Goud, N.: Ransomware attack on Norwegian Ship yard results in job loss to many, https://www.cybersecurity-insiders.com/ransomware-attack-on-norwegian-ship-yard-results-in-job-loss-to-many/, last accessed 2021/03/16.
  • 27. GREAT: The Icefog APT: A Tale of Cloak and Three Daggers, https://securelist.com/the-icefog-apt-a-tale-of-cloak-and-three-daggers/57331/, last accessed 2020/08/10.
  • 28. Greenberg, A.: The Untold Story of NotPetya, the Most Devastating Cyberattack in History, https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/, last accessed 2020/08/10.
  • 29. Greenberg, M.D., Chalk, P., Willis, H.H., Khilko, I., Ortiz, D.S.: Maritime Terrorism. RAND Corporation (2006).
  • 30. Grinter, M.: Maritime cyber-attacks up 900% in three years, http://www.hongkongmaritimehub.com/maritime-cyber-attacks-up-900-in-three-years/, last accessed 2020/08/10.
  • 31. Hoo, K.J.S.: How Much Is Enough? A Risk-Management Approach to Computer Security. CISAC, Stanford University, UK (2000).
  • 32. INTERPOL: Cybercrime: COVID-19 IMPACT, https://www.interpol.int/en/content/download/15526/file/COVID-19%20Cybercrime%20Analysis%20Report-%20August%202020.pdf?inLanguage=eng-GB, last accessed 2021/03/16.
  • 33. ISO/IEC 27000:2018: Information technology - Security techniques - Information security management systems - Overview and vocabulary. ISO/IEC (2018).
  • 34. Jones, K.D., Tam, K., Papadaki, M.: Threats and Impacts in Maritime Cyber Security. Engineering & Technology Reference. 1, 1, (2016). https://doi.org/10.1049/etr.2015.0123.
  • 35. Knox, J.: Coast Guard Commandant on Cyber in the maritime domain, https://mariners.coastguard.dodlive.mil/2015/06/15/6152015-coast-guard-commandant-on-cyber-in-the-maritime-domain/, last accessed 2020/08/11.
  • 36. Kovacs, E.: UN Maritime Agency Hit by “Sophisticated Cyberattack,” https://www.securityweek.com/un-maritime-agency-hit-sophisticated-cyberattack, last accessed 2021/04/25.
  • 37. Kretschmann, L., Rødseth, Ø., Tjora, Å., Fuller, B.S., Noble, H., Horahan, J.: D9.2: Qualitative assessment. (2015).
  • 38. Kristiansen, T.: DR: Kina hackede sig ind i Søfartsstyrelsen, https://shippingwatch.dk/Rederier/article7043149.ece, last accessed 2021/04/25.
  • 39. Kristoffersen, P.B., Hartvigsen, T., Myrvang, P., Torjusen, A.: Digitale Sårbarheter Maritim Sektor. DNV-GL, Lysneutvalget (2015).
  • 40. Lejon, J.: Kryptera.se Ransomware lista, https://kryptera.se/assets/uploads/2020/10/Ransomware-lista.pdf, last accessed 2021/03/23.
  • 41. Lemos, R.: Coast Guard Warns Shipping Firms of Maritime Cyberattacks, https://www.darkreading.com/vulnerabilities---threats/coast-guard-warns-shipping-firms-of-maritime-cyberattacks/d/d-id/1335198, last accessed 2020/04/10.
  • 42. Lloyd’s List: Maritime Intelligence, https://lloydslist.maritimeintelligence.informa.com/, last accessed 2021/03/16.
  • 43. Lubold, G., Volz, D.: Chinese Hackers Breach U.S. Navy Contractors - WSJ, https://www.wsj.com/articles/u-s-navy-is-struggling-to-fend-off-chinese-hackers-officials-say-11544783401, last accessed 2021/04/25.
  • 44. Maritime Executive: Carnival Corporation Reports Ransomware Attack Accessed Data, https://www.maritime-executive.com/article/carnival-corporation-reports-ransomware-attack-accessed-data, last accessed 2021/04/25.
  • 45. Maritime Executive: Hurtigruten Reports Passenger Data Exposed in Cyberattack, https://www.maritime-executive.com/article/hurtigruten-reports-passenger-data-exposed-in-cyberattack, last accessed 2021/04/25.
  • 46. Maritime Executive: Naval Dome: Cyberattacks on OT Systems on the Rise, https://www.maritime-executive.com/article/naval-dome-cyberattacks-on-ot-systems-on-the-rise, last accessed 2021/04/25.
  • 47. Maritime Executive: Ransomware Cripples IT Systems of Inland Port in Washington State, https://www.maritime-executive.com/article/ransomware-attack-cripples-systems-of-inland-port-in-washington-state, last accessed 2021/04/25.
  • 48. Maritime Executive: Saipem’s Servers Hit by Cyberattack, https://www.maritime-executive.com/article/saipem-s-servers-hit-by-cyberattack, last accessed 2021/03/16.
  • 49. Matson: Matson Reports Cyber Attack, https://www.omnitrans.com/matson-reports-cyber-attack/, last accessed 2021/04/25.
  • 50. Nesheim, D.A., Rødseth, Ø., Bernsmed, K., Frøystad, C., Meland, P.H.: D1.1 Risk Model and Analysis. (2017).
  • 52. NSM: Helhetlig digitalt risikobilde 2019. (2019).
  • 53. NSM: RISIKO 2020. (2020).
  • 54. O’Dwyer, R.: IMO latest to fall victim to cyber attack, https://smartmaritimenetwork.com/2020/10/01/imo-latest-to-fall-victim-to-cyber-attack/, last accessed 2021/04/25.
  • 55. Polychronis, K.: Cybersecurity at Sea. In: Otto, L. (ed.) Global Challenges in Maritime Security. p. 243 Springer International Publishing (2020).
  • 56. PST: Nasjonal trusselvurdering 2020, https://www.pst.no/alle-artikler/trusselvurderinger/nasjonal-trusselvurdering-2020/, last accessed 2021/04/25.
  • 57. Redden, J.: Covid-19 has increased the chances of marine industry cyberassaults,https://www.workboat.com/offshore/covid-19-has-increased-the-chances-of-marine-industry-cyberassaults, last accessed 2021/04/25.
  • 58. Reynolds, Z.: Australian defence shipbuilder Austral victim of Iranian cyber attack, https://safetyatsea.net/news/news-safety/2018/australian-defence-shipbuilder-austral-victim-of-iranian-cyber-attack/.
  • 59. Safety4Sea: 2018 Highlights: Major cyber attacks reported in maritime industry, https://safety4sea.com/cm-2018-highlights-major-cyber-attacks-reported-in-maritime-industry/, last accessed 2021/04/25.
  • 60. Safety4Sea: Hurtigruten hit by cyber-attack, https://safety4sea.com/hurtigruten-hit-by-cyber-attack/, last accessed 2021/04/25.
  • 61. Safety4Sea: Vard shipbuilder experiences ransomware attack, https://safety4sea.com/vard-shipbuilder-experiences-ransomware-attack/, last accessed 2021/04/25.
  • 62. Schnelle, S.: Kartlegging av maritime hybride trusler. Kan bruk av stordata og sosial nettverksanalyse bidra til økt maritim situasjonsbevissthet? Forsvarets Høgskole (2018).
  • 63. Secureworks: GOLD GALLEON: How a Nigerian Cyber Crew Plunders the Shipping Industry, https://www.secureworks.com/research/gold-galleon-how-a-nigerian-cyber-crew-plunders-the-shipping-industry, last accessed 2020/08/11.
  • 64. Security: Maritime Industry Sees 400% Increase in Attempted Cyberattacks Since February 2020, https://www.securitymagazine.com/articles/92541-maritime-industry-sees-400-increase-in-attempted-cyberattacks-since-february-2020?v=preview, last accessed 2020/08/10.
  • 65. Sfakianakis, A., Drougkas, A., Douligeris, C., Marinos, L., Lourenço, M., Raghimi, O.: ENISA threat landscape report 2018 - 15 top cyberthreats and trends. (2019).
  • 66. Shauk, Z.: Malware on the offshore rig: Danger lurks where the chips fail, https://www.houstonchronicle.com/business/energy/article/Malware-on-the-offshore-rig-Danger-lurks-where-4470723.php, last accessed 2021/04/25.
  • 67. Shen, C., Baker, J.: CMA CGM confirms ransomware attack, https://lloydslist.maritimeintelligence.informa.com/LL1134044/CMA-CGM-confirms-ransomware-attack, last accessed 2021/03/16.
  • 68. Singh, H.: Cyber Security in Maritime Industry. University of Oslo (2019).
  • 69. Taleb, N.N.N.: The Black Swan: The Impact of the Highly Improbable. Random House Publishing Group, New York (2010).
  • 70. Tam, K., Jones, K.: Cyber-Risk Assessment for Autonomous Ships. In: 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). pp. 1–8 (2018). https://doi.org/10.1109/CyberSecPODS.2018.8560690.
  • 71. Tam, K., Moara-Nkwe, K., Jones, K.: A Conceptual Cyber-Risk Assessment of Port Infastructure. Presented at the 2021 World of Shipping Portugal. An International Research Conference on Maritime Affairs , Parede, Portugal January 29 (2021).
  • 72. Toogood, D.: Red Funnel siffers “malicious attack” on IT systems causing major disruption, https://www.islandecho.co.uk/red-funnel-suffers-malicious-attack-on-it-systems-causing-major-disruption/, last accessed 2021/04/25.
  • 73. Torbati, J., Saul, Y.: Iran’s top cargo shipping line says sanctions damage mounting, https://www.reuters.com/article/us-iran-sanctions-shipping-idUSBRE89L10X20121022, (2012).
  • 74. UNCTAD: Review of Maritime Transport 2020, https://unctad.org/webflyer/review-maritime-transport-2020, last accessed 2021/04/25.
  • 75. Vold, L.B.: Den Norske Krigsforsikring for Skib, https://www.warrisk.no/, last accessed 2021/04/25.
  • 76. Volz, D.: Chinese Hackers Target Universities in Pursuit of Maritime Military Secrets, https://www.wsj.com/articles/chinese-hackers-target-universities-in-pursuit-of-maritime-military-secrets-11551781800, (2019).
  • 77. Walker, J.: AIDA Cruise Ships Under Cyber Attack - Are Costa Ships Also Affected?, https://www.cruiselawnews.com/2020/12/articles/cyber-attacks/aida-cruise-ships-under-cyber-attack-are-costa-ships-also-affected/, last accessed 2021/04/25.
  • 78. Walker, J., Spencer, J.: Cyber Marine: Risks & Loss Scenarios, http://www.marineclaimsconference.com/imcc-docs/docs/Cyber%20workshop.pdf.
  • 79. Wallace, T., Mesko, F.: The Odessa Network Mapping Facilitators of Russian and Ukrainian Arms Transfers, https://globalinitiative.net/analysis/the-odessa-network-mapping-facilitators-of-russian-and-ukrainian-arms-transfers/, last accessed 2021/04/25.
  • 80. Warrick, J., Nakashima, E.: Officials: Israel linked to a disruptive cyberattack on Iranian port facility, https://www.washingtonpost.com/national-security/officials-israel-linked-to-a-disruptive-cyberattack-on-iranian-port-facility/2020/05/18/9d1da866-9942-11ea-89fd-28fb313d1886_story.html, (2020).
  • 81. Weldemichael, A.T., Schneider, P., Winner, A.C.: Maritime Terrorism and Piracy in the Indian Ocean Region. Routledge (2017).
  • 82. Windward: AIS Data on the High Seas: An Analysis of the Magnitude and Implications of Growing Data Manipulation at Sea. (2014).
  • 83. Wohlin, C.: Guidelines for Snowballing in Systematic Literature Studies and a Replication in Software Engineering. In: Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering. Association for Computing Machinery, New York, NY, USA (2014). https://doi.org/10.1145/2601248.2601268.
Uwagi
Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2021).
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-3dd150d9-d324-4174-ab54-7ad8622af212
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.