Plymouth University Research on Maritime Cyber Attacks Alan Williams

cyber 1



According to new research maritime vessels are under significant threat of cyber-attack because many are carrying outdated software and were not designed with cyber security in mind. A study led by Plymouth University’s Maritime Cyber Threats Research Group suggests that operators could easily mitigate such dangers by updating security systems, improving ship design and providing better training for crews.

Traditionally, attacks on marine vessels have included piracy, boarding, theft, and/or destruction, and, while these attacks have often been successful and continue, they are well understood.

In contrast, the study says that cyber-attacks are much more stealthy, and have a range of potential implications, including business disruption, financial loss, damage to reputation, damage to goods and environment, incident response cost, and fines and/or legal issues.

cyuber 2

Kevin Jones, Executive Dean of Science and Engineering, is the lead author of ‘Threats and impacts in maritime security, a paper which also involved Dr Maria Papadaki, a lecturer in Network Security at Plymouth University, and staff from the Security and Management Lab at HP Enterprise in Bristol. Professor Jones writes, ‘In an increasingly connected and technologically dependent world, new areas of vulnerability are emerging. However, this dependency increases the vessel’s presence in the cyber domain, increasing its chances of being targeted and offering new vectors for such attacks. Longer term, there needs to be a fundamentally different approach to security of the entire maritime infrastructure meaning there is great need for specific cyber security research programmes focused on
the maritime sector.’

The article, published in Engineering and Technology Reference, suggests maritime cyber-attacks would most likely target systems responsible for navigation, propulsion, and cargo-related functions. Given that over 90 per cent of world trade occurs via the oceans there are many incentives
for attackers.

The potential severity of the problem is illustrated by providing scenarios to demonstrate possible attacks, and examples of where successful cyber-attacks have been launched.

But the article says there are easy mitigations to help prevent attacks, by increasing awareness and good practice in the industry, enabling the crew and providing them with the necessary tools to prevent and stop some attacks. The paper adds:

‘As things stand, there are fundamental issues with securing the technology used in the maritime industry, and the sector is probably the most vulnerable aspect of critical national infrastructure. Security firms and hackers have both found general flaws and specific, real-world, flaws within the navigation systems of ships, and it seems plausible that similar outdated systems for propulsion and cargo handling may also be compromised and abused by cyber-attackers.’

The Maritime Cyber Threats Research Group at Plymouth University has been formed to bring together leading-edge multidisciplinary research and practical expertise. It includes experts in cyber-security and maritime operations, as well as psychology, maritime law and
policy, to investigate the marine cyber threat at all levels from
theory through to practice.

Leave a Reply

UK Maritime Pilots' Association
European Maritime Pilots' Association
Internation Pilots' Association SITE SPONSORS
Navicom Dynamics
OMC International