Wyniki wyszukiwania - BazTech

1

State-sponsored and organized crime threats to maritime transportationsystems in the context of the attack on Ukraine

Cichocki R.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2023

|

Vol. 17 No. 3

717--721

EN

Due to its strategic importance and vast impact on the world economy, maritime transport has become a cyber battlefield. Cybersecurity organizations across the world notice and analyze adversaries such as Bear from Russia, Panda from China, Buffalo from Vietnam, Chollima from North Korea (DPRK), and others from Columbia, India, Turkey, and Iran, as well as hacktivist and E-Crime. In 2014 - 2023, Ukraine became the object of massive cyberattacks aimed at its political, social, and economic destabilization. This situation changes the perception of cyberspace and its importance for ensuring the security of the global economy, in particular, the maritime economy. Reports published by the US Coast Guard show that. In this publication, the author reviews the cybersecurity threat landscape targeting the maritime industry and transportation systems and analyzes the technics, tactics, and procedures (TTPs) used by threat actors.

2

Cyber threats for present and future commercial shipping

Pawelski J.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2023

|

Vol. 17 No. 2

261--267

EN

Cyber-attacks are extremely dangerous for all operations relaying upon it-technologies. Today shipping businesses cannot operated without processing large amounts of information. Four biggest shipping companies suffered break-down in their operations after they were struck by malware. International Maritime Organization also was struck by cyber-attack which took its website down. Maritime community noticed rise in cyber-attacks on virtually all computer-based systems on board of vessels. For manned vessels risks to safety of navigation are mitigated by presence of crew on board but remain financial and reputational losses. Introduction of remotely controlled and fully autonomous unmanned vessels will increase seriousness of threats. Cyber-attack may severely hamper ship’s operability or even lead to complete loss of control. International community is developing several countermeasures to protect commercial shipping presently and in future.

3

CERP: a maritime cyber risk decision making tool

Erstad E., Hopcraft R., Palbar J. D., Tam K.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2023

|

Vol. 17 No. 2

269--279

EN

An increase in the complexity of systems onboard ships in the last decade has seen a rise in the number of reported maritime cyber-attacks. To tackle this rising risk the International Maritime Organization published high-level requirements for cyber risk management in 2017. These requirements obligate organisations to establish procedures, like incident response plans, to manage cyber-incidents. However, there is currently no standardised framework for this implementation. This paper proposes a Cyber Emergency Response Procedure (CERP), that provides a framework for organisations to better facilitate their crew’s response to a cyber-incident that is considerate of their operational environment. Based on an operations flowchart, the CERP provides a step-by-step procedure that guides a crew’s decision-making process in the face of a cyber-incident. This high-level framework provides a blueprint for organisations to develop their own cyber-incident response procedures that are considerate of operational constraints, existing incident procedures and the complexity of modern maritime systems.

4

Software solutions for GMDSS network and equipment

Ilcev S.D.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2022

|

Vol. 16 No. 3

463--472

EN

This paper introduces software solutions for communication, equipment control, and management of oceangoing ships for enhanced Global Maritime Distress and Safety System (GMDSS) network and equipment. This software controls all maritime transmission systems and integrates communications software at level of server and workstations. Equipment control software is used to control and maintained locally or remotely transceivers, transmitters, receivers and other hardware. Special management software is included to process, analyze and exploit the various types of information generated by GMDSS networks and equipment. This papers are also includes the concept of software solutions on radio and satellite GMDSS ship terminals, on radio and satellite GMDSS coast terminals, and as well as in GMDSS Cospas-Sarsat ground terminals. In addition, the cybersecurity system in GMDSS security management is also described in this paper.

5

Ethical considerations in maritime cybersecurity research

Oruc A.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2022

|

Vol. 16 No. 2

309--318

EN

Maritime transportation, an essential component of world trade, is performed by contemporary vessels. Despite the improvements that rapid advances in technology have brought to vessels’ operational efficiency and capability for safe navigation, the cyber risks associated with modern systems have increased apace. Widespread publicity regarding cyber incidents onboard ships has sparked extensive research on the part of universities, industry, and governmental organisations seeking to understand cyber risks. Consequently, researchers have discovered and disclosed an increasing number of threats and vulnerabilities in this context, providing information that in itself may pose a threat when accessed by the wrong parties. Thus, this paper aims to raise researchers’ awareness of ethical concerns and provide guidance for sound decision-making in areas where the research process must be handled carefully to avoid harm. To this end, this paper presents a literature review that explores the ethical issues involved in maritime cybersecurity research and provides specific examples to promote further understanding. Six ethical principles and four categories of ethical dilemmas are discussed. Finally, the paper offers recommendations that can guide researchers in dealing with any ethical conflicts that may arise while studying maritime cybersecurity.

6

A multiple case study of METI cybersecurity education and training: A basis for the development of a guiding framework for educational approaches

Bacasdoon J., Bolmsten J.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2022

|

Vol. 16 No. 2

319--334

EN

Cyberattacks have become a serious global concern, effecting enormous losses to different sectors. In the shipping business, major companies report violations to their operations’ integrity and security, and losing great amounts of money. While the International Maritime Organization (IMO), through the International Convention on Standards of Training, Certification and Watchkeeping for Seafarers (STCW) 1978, as amended, is yet to release a standard for the cybersecurity education and training of seafarers, some maritime education and training institutions (METIs) have acted proactively and included cybersecurity knowledge and skills in their curricular offerings. This study looked into the cybersecurity course offerings of four METIs that served as the case studies of the researchers. In particular, the following objectives were addressed: the cybersecurity knowledge and skills included in their curriculum; the importance of the cybersecurity knowledge and skills to seafarers; and the educational approaches of the METIs in delivering their topics on cybersecurity. The first and third objectives were answered using different sources of qualitative data, including document analysis, interview and direct observation. The quantitative approach, in the form of a survey questionnaire, was used to address the second objective. The METIs, though not the same in content, were found to have included cybersecurity knowledge and skills in their curriculum. These knowledge and skills were perceived to be very important by seafarers. Similar to the content of their courses, the METIs delivered their cybersecurity courses by employing varied educational approaches. To address the gap on the lack of cybersecurity course design and delivery minimum standards, a framework in the shape of a lantern is developed and proposed to guide maritime courses designers, in particular, and other course designers, in general.

7

An operational approach to maritime cyber resilience

Erstad E., Ostnes R., Lund M. S.

TransNav : International Journal on Marine Navigation and Safety of Sea Transportation

|

2021

|

Vol. 15 No. 1

27--34

EN

As a result of the last decades development of technology and increased connectivity of maritime vessels, the need for maritime cyber security is undoubtedly present. In 2017, IMO officially recognized “… the urgent need to raise awareness on cyber threats and vulnerabilities to support safe and secure shipping, which is operationally resilient to cyber risks”. Thus, Maritime Cyber Resilience is seen as key by IMO in the improvement of the maritime cyber security. It is assumed that human error is the cause of more than half successful cyber-attacks. If technology somehow fails, in example because of a cyber threat, the human is expected to handle the problem and provide a solution. It is therefore necessary to focus on the human aspect when considering maritime cyber threats. This paper aims to provide a working definition of “Maritime Cyber Resilience”. Further, the paper argues why the human should be a focus of study, as the human is at the sharp edge in a potential maritime cyber emergency.