By Siddharth Addy & Sagarnil Ghosh
1. Introduction
Maritime components are not only limited to remote assets (vessels, auxiliary platforms), infrastructure (inward platforms, safety and security equipment), economic activities (financial transactions, vendors, insurance agencies, reserve agencies) but also include computer based technology (“IT”) and (“OT”) component-based system. The sub part inside the vessel also requires to be protected from threats of cyber breach which are not only extends to the ships IT and OT system, but also in its spectrum it includes but not limited to people but also includes Cargo transport units and Ship’s stores. Therein, all the members who are part of vessel should receive cyber security training at least at a basic level.
Very little progress was made towards welfare measures and enhanced maritime security measures before the international community went to war on maritime security after the 9/11 attacks and Al-Qaeda’s declarations that shipping was its main target area. This resulted to some of the key legislations that deal proactively with cyber security threats looming around the maritime sector which is the International Ship and Port Facility Security Code (ISPS Code), ISPS Code might not be the best practice adopted so far, but it provides effective counter measures, as the results so far indicate. We can further argue that an IMO interim guideline in Maritime Cyber Risk Management is a proactive act by a prominent international maritime organization.
In this article, we identify the looming cyber security threats over the maritime sector by analyzing the certain established set cases, and further, we would argue over the next course that regionally there are two main reasons for cyber security threats i.e, one is the possibility of an attack passing through a certain part of the world and the other, if such an attack occurs, is related to the response mechanism in place. We advocate strongly through this article that international maritime community advisory guidelines (although not mandatory) have identified the potential threats of cyber breach that are real and could be chaotic for the target industry. Thus, securing the maritime environment should become a priority for marine personnel’s.
2. Maritime Sector a High-stake Cyber Target
Cyber breaches are becoming more frequent and sophisticated in the maritime transportation sector; this is because of well-funded hackers,organized cartels, nation states and other target shipping companies etc. This industry is constantly adapting to new technologies, systems, and platforms to ramp up their existing capabilities and efficiency but the same is increasing the risk to their activities.
System risks are not limited to email and other applications widely used in administrative work environments, but to almost all modern OT systems, which affect the seaworthiness of the ships themselves, which ensures the safety of navigation and propulsion as well as the protection of human life and the environment in general.
3. Contemporary Cyber Attacks on the Stakeholders of the Maritime Industry
3.1. Attacks on Ship Automated System
Modern vessels make great use of automated systems, which gives hackers and other aggressors opportunities to launch a variety of cyberattacks that have the potential to cause fatal events and causing significant damage to safety.The research community has worked hard to find areas of weakness in the contemporary marine sector, and in recent years, there have been numerous successful cybercrime incidents published.According to them, the primary goals of these attacks are to grab remote control of ships and other vessels, pilfer sensitive information that could be used to launch additional attacks, or disrupt the ship’s operations by corrupting essential components and rendering automated systems inoperable.[1]
Without any authentication or integrity checks, AIS transponders communicate over the air, which enables the cyberpunks to use them to spread fraudulent messages. As mentioned, attackers employ software-defined radio to send phone “man-in-the-water” signals, conceal the ship, and communicate false weather forecasts. Trusting data that may be erroneous might result in bad decisions and disastrous outcomes. Additionally, public websites like Marine Traffic and Vessel Finder Limited provide free ingress to AIS data. The IMO criticized the disclosure of information about ships and their itineraries in this context because this information can be particularly useful in the event of a targeted assault. [2]
3.2. Attacks on the Maritime Transport Sector
As a result of increased automation and artificial intelligence, the maritime industry, which has recently been the target of significant cybersecurity incidents, appears to be opening up new entry points for attacks.It is becoming simpler to find and download the technology required to “spoof” a ship online.Several ships reported irregularities in their GPS-based locations and appeared to arrive at a Black Sea airport where cases of spoofing had already been documented.
A malware was recently discovered on an American ship’s onboard control system network. This network is typically used to communicate with services on the shore, manage cargo data, and update electronic charts. The attack, which resulted in significant credential mining of the ship’s control systems, was primarily brought about by a lack of security measures on board, according to the FBI. Like this, a U.S. Navy contractor’s onboard computers were remote-controlled by hackers, who stole a lot of sensitive data.
Due to the lack of investment in cyber security and the possibility of major failures, the shipping industry has recently become an attractive target for ransom. The marine infrastructure was impacted by several connected cyber breaches that targeted IT systems. The most prevalent types of attacks are phishing, malware, social engineering, brute force, and denial of service attacks. Marseilles’ port was attacked by the “Mespinoza/Pysa” ransom ware in March 2020. All these cases show that contemporary hacks can disrupt local and international supply chains and even endanger the lives of the ship’s crew or passengers. They can also interfere with navigation or tamper with cargo.[3]
4. Safety and Security Counter Measures
Modern, autonomous ships have become prime targets for well-known hacks because of the increasing use of digital technologies. A variety of countermeasures and comprehensive defense strategies ought to be employed to increase resistance to threats to internal and external security. Here, are some of the favored countermeasures discussed herein.[4]
- The first step is to develop a continuous monitoring system that can provide real-time situational awareness of the safety and health of the ship. Many studies have proposed the use of blockchain technology to improve the driving safety of autonomous ships in this situation. Using this strategy mitigates a number of significant threats to the security of shipboard communications, including data theft, data modification by malicious parties, and data loss.
- Only one compromised system can permit assaults to access all other systems, including the engine management system and the water treatment system, because all ship systems are interconnected. As a consequence of this, the architecture of the IT and OT systems in and of itself might function as a useful instrument for defending against some threats. One strategy that has the potential to enhance navigational safety is the Navigation Message Authentication (NMA)[5] system, which is designed to provide enhanced safety and prevent spoofing. An NMA system would include authentication messages in the navigation message stream to guarantee the cryptographic integrity of the navigation data and authenticate the source.
For an electronic trust system to work, the maritime community must establish a Public Key Infrastructure (PKI). This is because PKI enables safe information transmission between the users and systems which enables the users and systems to confirm the legitimacy of the entities
Additionally, it can be challenging to analyze these organizations’ security posture, and their networks are not frequently considered in security assessments, making third-party access to systems, such as that provided by remote access solution providers, troublesome. This should be done in a way that is verified by an entity that is on the vessel.
Finally, various stakeholder collaborative defense systems are being utilized/options are being explored. These defense systems can take part in various layers of potential cyber threat identification and mitigation. Other autonomous vessels in the fleet can be informed of a detected attack and the countermeasures that have been taken.[6]
5. CONCLUSION
Despite the fact that the maritime industry has many of the same cyber security issues as other industries, it is increasingly clear that cybercriminals are targeting this key infrastructure. It also faces threats that can be considered unique to this industry. For example, a successful hack can capsize a ship, leak sensitive data, disable a ship’s AIS, or create false or misleading AIS reports that support cyber hacking and the activities of criminals, terrorists, or even government agencies. The subject of this study was the current security threats and vulnerabilities of modern shipping. Various cyber threats that these ships might encounter were described alongside actual events in this setting.
Modern vessels computer based systems should be shielded from cyber threats with enhanced security measures because of their high vulnerability. The adoption of an enhanced security standard, for example, that reduces the number and scope of cyber threats, was one of the potential solutions we looked at in this article to restrict potential cyber threats and make the marine industry a difficult target. However, numerous cyber breach issues remain unresolved despite the increased deployment of automated & semi-automated vessels.
[1] By Frank Alpan, GueltoumBendiab and others, CyberSecurity Challenges in the Maritime Sector, MDPI, Accessed on 13th February, 2023 at 22:10 PMhttps://www.mdpi.com/2673-8732/2/1/9
[2] By Frank Alpan, GueltoumBendiab and others, CyberSecurity Challenges in the Maritime Sector, MDPI, Accessed on 13th February, 2023 at 22:10 PMhttps://www.mdpi.com/2673-8732/2/1/9
[3] By Frank Alpan, GueltoumBendiab and others, CyberSecurity Challenges in the Maritime Sector, MDPI, Accessed on 14th February, 2023 at 12:10 PMhttps://www.mdpi.com/2673-8732/2/1/9
[4] By Frank Alpan, GueltoumBendiab and others, CyberSecurity Challenges in the Maritime Sector, MDPI, Accessed on 14th February, 2023 at 12:44 PMhttps://www.mdpi.com/2673-8732/2/1/9
[5] By Frank Alpan, GueltoumBendiab and others, CyberSecurity Challenges in the Maritime Sector, MDPI, Accessed on 14th February, 2023 at 12:57PMhttps://www.mdpi.com/2673-8732/2/1/9
[6]By Frank Alpan, GueltoumBendiab and others, CyberSecurity Challenges in the Maritime Sector, MDPI, Accessed on 14th February, 2023 at 1:37 PMhttps://www.mdpi.com/2673-8732/2/1/9
Centre for Maritime Law 