A Retrospective Analysis of Maritime Cyber Security Incidents
Peer reviewed, Journal article
Published version
Permanent lenke
https://hdl.handle.net/11250/3026870Utgivelsesdato
2021Metadata
Vis full innførselSamlinger
- Publikasjoner fra CRIStin - SINTEF Ocean [1345]
- SINTEF Digital [2415]
- SINTEF Konsernstab [46]
- SINTEF Ocean [1417]
Originalversjon
TransNav, International Journal on Marine Navigation and Safety of Sea Transportation. 2021, 15 (3), 519-530. 10.12716/1001.15.03.04Sammendrag
The maritime industry is undergoing a rapid evolution through the introduction of new technology and the digitization of existing services. At the same time, the digital attack surface is increasing, and incidents can lead to severe consequences. This study analyses and gives an overview of 46 maritime cyber security incidents from the last decade (2010-2020). We have collected information from open publications and reports, as well as anonymized data from insurance claims. Each incident is linked to a taxonomy of attack points related to onboard or off-ship systems, and the characteristics have been used to create a Top-10 list of maritime cyber threats. The results show that the maritime sector typically has incidents with low frequency and high impact, which makes them hard to predict and prepare for. We also infer that different types of attackers use a variety of attack points and techniques, hence there is no single solution to this problem.
Utgiver
Faculty of Navigation, Gdynia Maritime University, PolandTidsskrift
TransNav, International Journal on Marine Navigation and Safety of Sea TransportationOpphavsrett
The Transnav - International Journal on Marine Navigation and Safety of Sea Transportation articles are distributed under the terms of the Creative Commons Attribution License (CC BY-NC), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. For licence details please see http://creativecommons.org/licenses/by-nc/3.0/
Med mindre annet er angitt, så er denne innførselen lisensiert som Navngivelse-Ikkekommersiell 4.0 Internasjonal
Beslektede innførsler
Viser innførsler beslektet ved tittel, forfatter og emneord.
-
D2.2 Updated cyber risk assessment for the maritime industry
Meland, Per Håkon; Bernsmed, Karin; Wille, Egil; Rødseth, Ørnulf Jan; Nesheim, Dag Atle (SINTEF Rapport;2021:00341, Research report, 2021)This report presents an updated assessment of the cyberthreat landscape in the context of CySiMS-SE. It is based on the previous work from CySiMS “D1.1 Risk Model and Analysis” and the methodology from CySiMS-SE “D2.1 ... -
When to Treat Security Risks with Cyber Insurance
Meland, Per Håkon; Seehusen, Fredrik (Journal article; Peer reviewed, 2018)Transferring security risk to a third party through cyber insurance is an unfamiliar playing field for a lot of organisations, and therefore many hesitate to make such investments. Indeed, there is a general need for ... -
"CyberWiseKids": Gamifying Education of Kids on Online Opportunities and Security Risks
Omerovic, Aida; Karahasanovic, Amela (SINTEF Rapport;2019:00385, Report, 2019)This report summarizes the motivation and the goals of the "CyberWiseKids" project proposal. The proposal was designed by SINTEF in 2015 and revised in 2016, with the aim of developing a research and innovation project ...