Discussing cybersecurity in maritime transportation

Authors

  • Antoni Bielawski Department of Ship Automation, Gdynia Maritime University, 81-225 Gdynia, Poland
  • Agnieszka Lazarowska Department of Ship Automation, Gdynia Maritime University, 81-225 Gdynia, Poland

DOI:

https://doi.org/10.33175/mtr.2022.252151

Keywords:

Automation, Autonomous ships, Maritime cybersecurity, Piracy

Abstract

The increasing expansion of Operational Technology (OT) and the digitalization of Information Technology (IT) in maritime transportation, as well as the equipping of ships with more automation, despite many benefits, introduces numerous cyber risks, especially with unauthorized access to data and ship systems. Due to the above, it becomes important to raise awareness and take measures to ensure adequate security; this is also important at the level of the virtual securing of ships. This article consists of an introduction to the topic. It presents the current trends and directions of development of maritime transportation and the risks related to them. It contains an overview of the current safety systems on ships and the present safety resolutions. Then, it describes issues related to modern piracy and the weaknesses of ship systems most vulnerable to cyber-attacks.

References

Ahmad, M., Farid, M. A., Ahmed, S., Saeed, K., Asharf, M., & Akhtar, U. (2019). Impact and detection of GPS spoofing and countermeasures against spoofing (pp. 1-8). In Proceedings of the 2nd International Conference on Computing, Mathematics and Engineering Technologies. Sukkur, Pakistan. https://doi.org/10.1109/ICOMET.2019.8673518

Allianz Global Corporate & Speciality. (2017). Safety and shipping review 2017. Retrieved from https://www.agcs.allianz.com/content/dam/onemarketing/agcs/agcs/reports/AGCS-Safety-Shipping-Review-2017.pdf

Bermejo, A. G. (2010). Maritime cybersecurity using ISPS and ISM codes. Retrieved from https://www.he-alert.org/filemanager/root/site_assets/standalone_article_pdfs_1220-/he01335.pdf

BIMCO (Baltic and International Maritime Council). (2021). The guidelines on cyber security onboard ships. Retrieved from https://www.bimco.org/about-us-and-our-members/publications/the-guidelines-on-cyber-security-onboard-ships

Chruzik, K. (2020). Integration model of management systems in sea transport. International Journal on Marine Navigation and Safety of Sea Transportation, 14(2), 393-396. https://doi.org/10.12716/1001.14.02.16

DNV GL. (2020). Cyber security to be covered in SMS from 1 January 2021: Aare you prepared? Retrieved from https://www.dnv.com/news/cyber-security-to-be-covered-in-sms-from-1-january-2021-are-you-prepared--176620

Dyryavyy, Y. (2014). Preparing for cyber battleships: Electronic chart display and information system security. Retrieved from https://www.nccgroup.com/ae/our-research/preparing-for-cyber-battleships-electronic-chart-display-and-information-system-security

Fayi, S. (2018). What Petya/NotPetya ransomware is and what its remidiations are (pp. 93-100). Information Technology - New Generations. https://doi.org/10.1007/978-3-319-77028-4_15

Felski, A., & Zwolak, K. (2020). The ocean-going autonomous ship: Challenges and threats. Journal of Marine Science and Engineering, 8, 41. https://doi.org/10.3390/jmse8010041

Gauthier, R., & Seker, R. (2018). Addressing operator privacy in automatic dependent surveillance: Broadcast (ADS‐B) (pp. 52-61). In Proceedings of the 51st Hawaii International Conference on System Sciences. Waikoloa Village, USA. https://doi.org/10.24251/HICSS.2018.693

Ghosh, S., & Abeysiriwardhane, A. (2021). The influence of information technology on the implementation of the International Safety Management (ISM) Code: A shift from paper-based to paperless ships. Maritime Technology and Research, 3(3), 299-311. https://doi.org/10.33175/mtr.2021.249024

Hayes, C. R. (2016). Maritime cybersecurity: The future of national security. Calhoun. Retrieved from https://calhoun.nps.edu/handle/10945/49484

Heering, D. (2020). Ensuring cybersecurity in shipping: Reference to Estonian shipowners. International Journal on Marine Navigation and Safety of Sea Transportation, 14(2), 271-278. https://doi.org/10.12716/1001.14.02.01

Honkaranta, A., Leppänen T., & Costin, A. (2021). Towards practical cybersecurity mapping of STRIDE and CWE: A multi-perspective approach (pp. 150-159). In Proceedings of the 29th Conference of Open Innovations Association. Tampere, Finland. https://doi.org/10.23919/FRUCT52173.2021.9435453

Ilcev, M. (2020). New aspects for modernization global maritime distress and safety system (GMDSS). International Journal on Marine Navigation and Safety of Sea Transportation, 14(4), 991-998. https://doi.org/10.12716/1001.14.04.26

IMB (2021). ICC-IMB piracy and armed robbery against ships report-01 January-31 December 2020. Retrieved from https://www.icc-ccs.org/reports/2020_Annual_Piracy_Report.pdf

IMO (International Maritime Organization). (2021a). Maritime cyber risk. Retrieved from https://www.imo.org/en/OurWork/Security/Pages/Cyber-security.aspx

IMO (International Maritime Organization). (2021b). The International Safety Management (ISM) Code. Retrieved from https://www.imo.org/en/ourwork/humanelement/pages/ISMCode.aspx

IMO (International Maritime Organization). (2021c). International Convention for the Safety of Life at Sea (SOLAS). Retrieved from https://www.imo.org/en/About/Conventions/Pages/ International-Convention-for-the-Safety-of-Life-at-Sea-(SOLAS),-1974.aspx

Jović, M., Tijan, E., Marx, R., & Gebhard, B. (2019). Big data management in maritime transport, Pomorski zbornik. Journal of Maritime and Transportation Science, 57, 123-141.

Kagermann, H., Wahlster, W., & Johannes, H. (2013). Recommendations for implementing the strategic initiative industrie 4.0. acatech - National Academy of Science and Engineering.

Kavallieratos, G., & Katsikas, S. (2020). Managing cyber security risks of the cyber-enabled ship. Journal of Marine Science and Engineering, 8(10), 768. https://doi.org/10.3390/jmse8100768

Kavallieratos, G., Katsikas, S., & Gkioulos, V. (2019). Cyber-attacks against the autonomous ship. Lecture Notes in Computer Science, 11387, 20-36. https://doi.org/10.1007/978-3-030-12786-2_2

Kongsberg Maritime. (2015). K-IMS enhance efficiency and safety. Retrieved from https://www.kongsberg.com/globalassets/maritime/km-products/documents/k-ims.pdf

Kongsberg. (2017). Autonomous ship project, key facts about Yara Birkeland. Retrieved from https://www.kongsberg.com/maritime/support/themes/autonomous-ship-project-key-facts-about-yara-birkeland

Korcz, K. (2017). Some aspects of the modernization plan for the GMDSS. International Journal on Marine Navigation and Safety of Sea Transportation, 11(1), 167-174. https://doi.org/10.12716/1001.11.01.20

Korolov, M. (2021). Supply chain attacks show why you should be wary of third-party providers. Retrieved from https://www.csoonline.com/article/3191947/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html

Lika, R. A., Murugiah, D., Brohi, S. N., & Ramasamy, D. (2018). NotPetya: Cyber attack prevention through awareness via gamification (pp. 1-6). In Proceedings of the 2018 International Conference on Smart Computing and Electronic Enterprise. Shah Alam, Malaysia. https://doi.org/10.1109/ICSCEE.2018.8538431

Line, M. B., Nordland, O., Røstad, L., & Tøndel, I. A. (2006). Safety vs. Security? In Proceedings of the 8th International Conference on Probabilistic Safety Assessment & Management. ASME Press. https://doi.org/10.1115/1.802442.paper151

Lloyd’s Register, QinetiQ and University of Southampton. (2015). Global marine technology trends 2030. Retrieved from https://www.lr.org/en/insights/global-marine-trends-2030/global-marine-technology-trends-2030

Mingyu, K., Tae-Hwan, J., Byongug, J., & Han-Seon, P. (2020). Autonomous shipping and its impact on regulations, technologies, and industries. Journal of International Maritime Safety, Environmental Affairs, and Shipping, 4(2), 17-25. https://doi.org/10.1080/25725084.2020.1779427

MITGAS. (2021). Guide to ship cybersecurity. Retrieved form https://www.mitags.org/guide-ship-cybersecurity

MUNIN. (2015). Maritime unmanned navigation through intelligence in networks. Retrieved from http://www.unmanned-ship.org/munin/about

Ng, A. K. Y. & Vaggelas, G. K. (2012). Port security: The ISPS code (pp. 674-700). In Talley, W. K. (Eds.). The Blackwell companion to Maritime Economics. Wiley-Blackwell. https://doi.org/10.1002/9781444345667.ch33

Özköse, H., Ari, E. S., & Gencer, C. (2015). Yesterday, today and tomorrow of big data. Procedia - Social and Behavioral Sciences, 195, 1042-1050. https://doi.org/10.1016/j.sbspro.2015.06.147

Parker, D. B. (2015). Toward a new framework for information security? In Bosworth, S., Kabay, M. E., & Whyne, E. (Eds.). Computer security handbook. 6th ed. John Wiley & Sons.

Quốc-Tiến, L., & Nguyen, C. (2019). Impact of piracy on maritime transport and technical solutions for prevention. International Journal of Civil Engineering and Technology, 10, 958-969.

Raunek, K. (2016). Technologies to make an ultimate eco-friendly ship. Retrieved from https://www.marineinsight.com/infographics-2/infographics-make-ultimate-eco-friendly-ship

Rider, D. (2018). Cyber security at sea: The real threats. Retrieved from https://www.maritime-executive.com/blog/cyber-security-at-sea-the-real-threats

Saarinen, J. (2013). Students hijack luxury yacht with GPS spoofing. Retrieved from https://www.itnews.com.au/news/students-hijack-luxury-yacht-with-gps-spoofing-351659

Sabillon, R., Cano, J., Cavaller, V., & Serra, J. (2016). Cybercrime and cybercriminals: A comprehensive study. International Journal of Computer Networks and Communications Security, 4(6), 165-176.

Security Magazine. (2020). Maritime industry sees 400% increase in attempted cyberattacks since February 2020. Retrieved from https://www.securitymagazine.com/articles/92541-maritime-industry-sees-400-increase-in-attempted-cyberattacks-since-february-2020

Shishkin, A. V., & Koshevoy, V.M. (2013). Stealthy information transmission in the terrestrial gmdss radiotelephone communication. International Journal on Marine Navigation and Safety of Sea Transportation, 7(4), 541-548. https://doi.org/10.12716/1001.07.04.09

Sivan, A. P., Johns, J., & Venugopal, J. (2014). Big data intelligence in logistics based on hadoop and map reduce. International Journal of Innovative Research in Science, Engineering and Technology, 3(3), 2634-2640.

Strohmeier, M., Lenders, V., & Martinovic, I. (2015). On the security of the automatic dependent surveillance-broadcast protocol. IEEE Communications Surveys & Tutorials, 17(2), 1066-1087. https://doi.org/10.1109/COMST.2014.2365951

Südekum, N., & Bannholzer, E. (2020). Cybersecurity on ships. Retrieved from https://www.wago.com/gb/marine-offshore-solution/cybersecurity-on-ships

Tam, K., & Jones, K. (2018). Cyber-risk assessment for autonomous ships (pp. 1-8). In Proceedings of the 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). https://doi.org/10.1109/CyberSecPODS.2018.8560690

Trelleborg Marine Systems. (2018). Use of big data in the maritime industry. Retrieved from https://www.patersonsimons.com/wp-content/uploads/2018/06/TMS_SmartPort_InsightBee_Report-to-GUIDE_01.02.18.pdf

UNCTAD. (2014). Maritime piracy. Part I - An overview of trends, costs and trade-related implications. Retrieved from https://unctad.org/system/files/official-document/dtltlb2013d1_en.pdf

UNCTAD. (2020). Review of maritime transport 2020. Retrieved from https://unctad.org/topic/transport-and-trade-logistics/review-of-maritime-transport

UNODC. (2013). Comprehensive study on cybercrime. Retrieved from https://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf

Wardani, A. (2021). Maritime security arrangements relating to standard security of ships and port facility based international ship and port facility security code 2002 and implementation in Indonesia. Lampung Journal of International Law, 3(1), 19-28. https://doi.org/10.25041/lajil.v3i1.1985

Warner, J. S., Johnston, R., & Cpp Los Alamos. (2012). A simple demonstration that the global positioning system (GPS) is vulnerable to spoofing. The Journal of Security Administration, 25(10), 19-28.

Witherbys. (2015). 21st Century seamanship. Witherby Publishing Group.

Xingan, L. (2008). Cybercrime and deterrence: Networking legal systems. The Networked Information.

Yoo, Y., & Park, H. S. (2021). Qualitative risk assessment of cybersecurity and development of vulnerability enhancement plans in consideration of digitalized ship. Journal of Marine Science and Engineering, 9(6), 565. https://doi.org/10.3390/jmse9060565

Zhang, L., Guo, L., Zhang , X., & Zhang, P. (2021). Legal issues on wage protection of seafarers held hostage by pirates. Maritime Technology and Research, 3(3), 268-279. https://doi.org/10.33175/mtr.2021.248808

Downloads

Published

2022-01-01

How to Cite

Bielawski, A., & Lazarowska, A. (2022). Discussing cybersecurity in maritime transportation. Maritime Technology and Research, 4(1), 252151. https://doi.org/10.33175/mtr.2022.252151

Issue

Vol. 4 No. 1 (2022): January - March

Section

Article

License

Copyright (c) 2021 Maritime Technology and Research

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Copyright: CC BY-NC-ND 4.0