A Retrospective Analysis of Maritime Cyber Security Incidents
Peer reviewed, Journal article
Published version
View/ Open
Date
2021Metadata
Show full item recordCollections
- Publikasjoner fra CRIStin - SINTEF Ocean [1412]
- SINTEF Digital [2550]
- SINTEF Konsernstab [49]
- SINTEF Ocean [1489]
Original version
TransNav, International Journal on Marine Navigation and Safety of Sea Transportation. 2021, 15 (3), 519-530. 10.12716/1001.15.03.04Abstract
The maritime industry is undergoing a rapid evolution through the introduction of new technology and the digitization of existing services. At the same time, the digital attack surface is increasing, and incidents can lead to severe consequences. This study analyses and gives an overview of 46 maritime cyber security incidents from the last decade (2010-2020). We have collected information from open publications and reports, as well as anonymized data from insurance claims. Each incident is linked to a taxonomy of attack points related to onboard or off-ship systems, and the characteristics have been used to create a Top-10 list of maritime cyber threats. The results show that the maritime sector typically has incidents with low frequency and high impact, which makes them hard to predict and prepare for. We also infer that different types of attackers use a variety of attack points and techniques, hence there is no single solution to this problem.
Publisher
Faculty of Navigation, Gdynia Maritime University, PolandJournal
TransNav, International Journal on Marine Navigation and Safety of Sea TransportationCopyright
The Transnav - International Journal on Marine Navigation and Safety of Sea Transportation articles are distributed under the terms of the Creative Commons Attribution License (CC BY-NC), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. For licence details please see http://creativecommons.org/licenses/by-nc/3.0/
Except where otherwise noted, this item's license is described as Navngivelse-Ikkekommersiell 4.0 Internasjonal
Related items
Showing items related by title, author, creator and subject.
-
D2.2 Updated cyber risk assessment for the maritime industry
Meland, Per Håkon; Bernsmed, Karin; Wille, Egil; Rødseth, Ørnulf Jan; Nesheim, Dag Atle (SINTEF Rapport;2021:00341, Research report, 2021)This report presents an updated assessment of the cyberthreat landscape in the context of CySiMS-SE. It is based on the previous work from CySiMS “D1.1 Risk Model and Analysis” and the methodology from CySiMS-SE “D2.1 ... -
When to Treat Security Risks with Cyber Insurance
Meland, Per Håkon; Seehusen, Fredrik (Journal article; Peer reviewed, 2018)Transferring security risk to a third party through cyber insurance is an unfamiliar playing field for a lot of organisations, and therefore many hesitate to make such investments. Indeed, there is a general need for ... -
"CyberWiseKids": Gamifying Education of Kids on Online Opportunities and Security Risks
Omerovic, Aida; Karahasanovic, Amela (SINTEF Rapport;2019:00385, Report, 2019)This report summarizes the motivation and the goals of the "CyberWiseKids" project proposal. The proposal was designed by SINTEF in 2015 and revised in 2016, with the aim of developing a research and innovation project ...