Published October 5, 2020
| Version v1
Conference paper
Open
Claims of State-Sponsored Cyberattack in the Maritime Industry
Description
Developments in technology bring inherent risks along with convenience. Undoubtedly, cyberattacks constitute one potentially serious risk. While a stereotypical scenario involves a curious teenager sitting in front of his computer at home, a much more critical threat comes from experienced professionals, supported by states, who are specially trained and who have the necessary technological equipment to do great harm. These cyberattacks exert a negative impact on the maritime industry due to the wide usage area of both information technology (IT) and operational technology (OT) systems. On a related note, opponents of autonomous ship projects can effectively cite the weaknesses detected in navigation systems onboard ships. Examination of cyberattacks in the maritime industry as reflected in the press or in academic studies reveals claims that some of these attacks are state-sponsored. However, no country has to date accepted responsibility for such cyberattacks. Although those targeted by such accusations have neither confirmed nor rejected responsibility, the nature of the attacks – sophisticated or requiring high-cost equipment – raises the possibility that behind the attacks are countries that may have conducted research studies for defensive or offensive purposes. China, Iran, North Korea, Russia and Turkey have been named among the countries carrying out cyberattacks on the maritime industry. It is envisaged that these attacks are based on motivations such as information theft, defence research or sabotage of exploration for underground sources. Among the cyberattacks on vessels that have been assessed as state-sponsored, the most common have involved GPS jamming, rendering GPS useless, and GPS spoofing that causes the GPS to report an incorrect position for a ship at sea. This study examines the cyberattacks on the maritime industry that are asserted as state-sponsored as well as the parties involved in these attacks and the possible objectives of those parties.
Files
INEC_2020_Paper_30.pdf
Files
(4.0 MB)
| Name | Size | Download all |
|---|---|---|
|
md5:0536cc0328685d9fc0d4f2ce63047153
|
4.0 MB | Preview Download |
Additional details
References
- ABS, 2020. IMO 2021 cyber risk management guidelines - What to know and how to comply [PowerPoint presentation].
- Arıdemir, H., and Allı, C., 2019. An analysis of the exclusive economic zone debates in Eastern Mediterranean region. Journal of Economics Business and Political Researches, 4 (10), 188–202. Available from: https://dergipark.org.tr/en/download/article-file/829290 [Accessed 4 May 2020].
- Aselsan, 2017. KORAL mobil radar EH (elektronik harp) sistemi [online]. Available from: https://www.aselsan.com.tr/1a8b7437-1ca0-4652-bd30-d71640c857b2.pdf [Accessed 22 July 2020].
- Bateman, T., 2013. Police warn over drugs cyber-attack [online]. Available from: https://www.bbc.com/news/world-europe-24539417 [Accessed 25 March 2020].
- Belmont, K.B., 2016. Cyber Cases in the Maritime Environment.
- BIMCO, 2018. The guidelines on cyber security onboard ships. 3rd ed.
- Blake, T., 2017. Hackers took 'full control' of container ship's navigation systems for 10 hours - IHS Fairplay | RNTF [online]. Available from: https://rntfnd.org/2017/11/25/hackers-took-full-control-of-container-shipsnavigation- systems-for-10-hours-ihs-fairplay/ [Accessed 25 March 2020].
- Bodeau, D.J., Graubart, R., and Fabius-Greene, J., 2010. Improving cyber security and mission assurance via cyber preparedness (Cyber Prep) levels. International conference on social computing, 20-22 August 2010 Minneapolis.
- Brekke, E.F., et al., 2019. The Autosea project: Developing closed-loop target tracking and collision avoidance systems. Journal of Physics: Conference Series.
- C4ADS, 2019. Above us only stars. Exposing GPS spoofing in Russia and Syria.
- C4Defence, 2019. KORAL'a REDET-II desteği [online]. Available from: https://www.c4defence.com/Arsiv/korala-redetii-destegi/8940/1 [Accessed 22 July 2020].
- Chambers, S., 2020. London Offshore Consultants suffers ransomware attack [online]. Available from: https://splash247.com/london-offshore-consultants-suffers-ransomware-attack/ [Accessed 25 March 2020].
- Coble, S., 2020. Carnival Cruise Lines hacked [online]. Available from: https://www.infosecuritymagazine. com/news/carnival-cruise-lines-hacked/ [Accessed 25 March 2020].
- CORDIS, 2020. ERA Chair in Maritime Cyber Security at Tallinn University of Technology [online]. Available from: https://cordis.europa.eu/project/id/952360 [Accessed 21 August 2020].
- Cozzens, T., 2020. UrsaNav installs eLoran testbed in South Korea [online]. Available from: https://www.gpsworld.com/ursanav-installs-eloran-testbed-in-south-korea/ [Accessed 23 July 2020].
- CRISTIN, 2020. Maritime Cyber Resilience [online]. Available from: https://app.cristin.no/projects/show.jsf?id=2057306 [Accessed 30 July 2020].
- Cyber Keel, 2014. Maritime cyber-risks.
- Cyber-MAR, 2019. About [online]. Available from: https://www.cyber-mar.eu/about/ [Accessed 25 April 2020].
- Danish Maritime Cybersecurity Unit, 2019. Cyber and information strategy for the maritime sector 2019 - 2022 [online]. Available from: https://www.dma.dk/Documents/Publikationer/Cyber%20and%20Information%20Security%20Strategy%20f or%20the%20Maritime%20Sector.pdf [Accessed 4 January 2020].
- Denizcilik Bilgileri, 2018. Türkiye GPS jammer ile Yunan araştırma gemilerini engelliyor mu? [online]. Available from: https://www.denizcilikbilgileri.com/turkiye-gps-jammer-ile-yunan-arastirma-gemileriniengelliyor- mu/ [Accessed 4 February 2020].
- Eastern Mediterranean Sea-GPS Interference, 2018 [online]. U.S. Maritime Administration. Available from: https://www.maritime.dot.gov/content/2018-014-eastern-mediterranean-sea-gps-interference [Accessed 8 April 2020].
- Electronic interferences assesment, 2018 [online]. NATO Shipping Center. Available from: https://shipping.nato.int/nsc/page10303037.aspx [Accessed 8 April 2020].
- Esage, A., 2018. British shipping company Clarksons hacked [online]. Available from: https://www.securitynewspaper.com/2018/08/02/british-shipping-company-clarksons-hacked/ [Accessed 26 March 2020].
- European Cybercrime Centre, 2013. Hackers deployed to facilitate drugs smuggling [online]. EC3. Available from: https://www.europol.europa.eu/sites/default/files/documents/cyberbits_04_ocean13.pdf [Accessed 8 May 2020].
- Fadilpašić, S., 2017. Shipping giant Maersk reveals $300 million cyber-attack loss [online]. Available from: https://www.itproportal.com/news/maersk-lost-300-million-due-to-notpetya/ [Accessed 25 April 2020].
- Faustmann, H., Gurel, A., and Reichberg, G.M., eds., 2012. Cyprus Offshore Hydrocarbons: Regional Politics and Wealth Distribution. Peace Research Institute.
- Goward, D., 2017. Mass GPS Spoofing Attack in Black Sea? [online]. Available from: https://www.maritimeexecutive. com/editorials/mass-gps-spoofing-attack-in-black-sea [Accessed 25 April 2020].
- Graham, L., 2017. Shipping industry vulnerable to cyber attacks and GPS jamming [online]. Available from: https://www.cnbc.com/2017/02/01/shipping-industry-vulnerable-to-cyber-attacks-and-gps-jamming.html [Accessed 23 March 2020].
- Humphreys, T., 2017. Ships fooled in GPS spoofing attack suggest Russian cyberweapon [online]. Available from: https://www.newscientist.com/article/2143499-ships-fooled-in-gps-spoofing-attack-suggest-russiancyberweapon/ [Accessed 23 March 2020].
- Humphreys, T.E., et al., 2008. Assessing the spoofing threat: Development of a portable GPS civilian spoofer. International technical meeting of the satellite division of the institute of navigation, 16-19 September 2008 Savannah.
- IMarEST, 2018. Ports of Barcelona and San Diego hit by cyber attacks [online]. Available from: https://www.imarest.org/themarineprofessional/item/4473-ports-of-barcelona-and-san-diego-hit-by-cyberattacks [Accessed 13 April 2020].
- IMO, 2017. Resolution MSC.428(98).
- ISO, 2018. ISO/IEC 27000:2018(en) Information technology - security techniques - information security management systems.
- Kochetkova, K., 2015. Maritime industry is easy meat for cyber criminals [online]. Available from: https://www.kaspersky.com/blog/maritime-cyber-security/8796/ [Accessed 25 March 2020].
- Leyden, J., 2018. Holy ship! UK shipping biz Clarksons blames megahack on single point of pwnage [online]. Available from: https://www.theregister.co.uk/2018/08/01/clarksons_breach_update/ [Accessed 26 March 2020].
- Lund, M.S., et al., 2018. Integrity of integrated navigation systems. Conference on communications and network security (CNS), 30 May - 1 June 2018 Beijing.
- Maersk, 2017. Cyber attack update.
- Maritime and Port Authority of Singapore, 2019. New 24/7 Maritime Cybersecurity Operations Centre to Boost Cyber Defence Readiness [online]. Available from: https://www.mpa.gov.sg/web/portal/home/mediacentre/ news-releases/mpa-news-releases/detail/8a5114cf-8214-4b46-8999-2c6c42433b1e [Accessed 25 April 2020].
- Maritime Executive, 2017. Ferry builder Austal hit by cyberattack [online]. Available from: https://www.maritime-executive.com/article/ferry-builder-austal-hit-by-cyberattack [Accessed 25 March 2020].
- Mohindru, S.C., 2017. Shipping: BW Group's computer systems hacked; steps up cyber security [online]. Available from: https://www.spglobal.com/platts/en/market-insights/latest-news/shipping/101317-shippingbw- groups-computer-systems-hacked-steps-up-cyber-security [Accessed 25 March 2020].
- MUNIN, 2012. About MUNIN [online]. Available from: http://www.unmanned-ship.org/munin/ [Accessed 24 April 2020].
- Ngai, S., 2017. BW Group steps up cyber security after IT infringement – IHS Markit Safety at Sea [online]. Available from: https://safetyatsea.net/news/2017/bw-group-steps-up-cyber-security-after-it-infringement/ [Accessed 25 March 2020].
- Oruc, A., 2019. Tanker industry is more ready against cyber threats. International conference on marine engineering and technology, 5-7 November 2019 Muscat.
- Ozkaya, S., 2018. Doğu Akdeniz'de ısınan sular ve Kıbrıs denklemi [online]. Anadolu Agency. Available from: https://www.aa.com.tr/tr/analiz-haber/dogu-akdeniz-de-isinan-sular-ve-kibris-denklemi/1278755 [Accessed 8 May 2020].
- Sabah, 2016. KORAL TSK'ya teslim edildi [online]. Available from: https://www.sabah.com.tr/galeri/turkiye/koral-tskya-teslim-edildi [Accessed 22 July 2020].
- Safety4Sea, 2019. UK marine services company hit by cyber attack [online]. Available from: https://safety4sea.com/uk-marine-services-company-hit-by-cyber-attack/ [Accessed 22 March 2020].
- Safety4Sea, 2020. Data breach at UK yachting recruitment agency exposes 17,000 personal data [online]. Available from: https://safety4sea.com/data-breach-at-uk-yachting-recruitment-agency-exposes-17000- personal-data/ [Accessed 22 March 2020].
- Saul, J., 2017. Cyber threats prompt return of radio for ship navigation [online]. Available from: https://www.reuters.com/article/us-shipping-gps-cyber/cyber-threats-prompt-return-of-radio-for-shipnavigation- idUSKBN1AN0HT [Accessed 23 March 2020].
- Senzee, T., 2019. What happened in ransomware attack on Port of San Diego [online]. Available from: https://www.sandiegoreader.com/news/2019/apr/10/city-lights-happened-ransomware-port-san-diego/ [Accessed 13 April 2020].
- Shauk, Z., 2013. Malware on oil rig computers raises security fears [online]. Available from: https://www.houstonchronicle.com/business/energy/article/Malware-on-oil-rig-computers-raises-securityfears- 4301773.php [Accessed 25 March 2020].
- Sophos, 2013. The A-Z of computer and data security threats.
- The Local, 2014. State-sponsored hackers spied on Denmark [online]. Available from: https://www.thelocal.dk/20140922/denmark-was-hacked-by-state-sponsored-spies [Accessed 23 March 2020].
- Torbati, Y., and Saul, J., 2012. Iran's top cargo shipping line says sanctions damage mounting [online]. Available from: https://www.reuters.com/article/us-iran-sanctions-shipping-idUSBRE89L10X20121022 [Accessed 26 March 2020].
- Trend Micro, 2017. Ransomware [online]. Available from: https://www.trendmicro.com/vinfo/us/security/definition/ransomware [Accessed 25 April 2020].
- Tung, L., 2018. Maersk took just 10 days to replace 45,000 PCs wiped by NotPetya attack [online]. Available from: https://www.csoonline.com/article/3514914/maersk-took-just-10-days-to-replace-45-000-pcs-wipedby- notpetya-attack.html [Accessed 26 March 2020].
- U.S. Department of Justice, 2018. Two Iranian men indicted for deploying ransomware to extort hospitals, municipalities, and public institutions, causing over $30 million in losses [online]. Available from: https://www.justice.gov/opa/pr/two-iranian-men-indicted-deploying-ransomware-extort-hospitalsmunicipalities- and-public [Accessed 13 April 2020].
- University of Rijeka, 2019. Cyber Security of Maritime ICT-Based Systems. Available from: https://www.pfri.uniri.hr/web/en/projekti/aktivni/10-2019/2019-Svilicic-eng.pdf [Accessed 30 July 2020].
- USCG NAVCEN, 2020. GPS problem reports status [online]. Available from: https://navcen.uscg.gov/?Do=GPSReportStatus [Accessed 4 April 2020].
- Vistiaho, P., 2017. Maritime cyber security incident data reporting for autonomous ships. Thesis (M.Sc.). Tampere University of Technology.
- WMN, 2018a. COSCO Shipping Lines falls victim to cyber attack [online]. Available from: https://worldmaritimenews.com/archives/257665/cosco-shipping-lines-falls-victim-to-cyber-attack/ [Accessed 25 March 2020].
- WMN, 2018b. Data theft affects hundreds of Svitzer Australia's employees [online]. Available from: https://worldmaritimenews.com/archives/247526/data-theft-affects-hundreds-of-svitzer-australiasemployees/ [Accessed 25 March 2020].
- Yara International, 2018. Yara Birkeland [online]. Available from: https://www.yara.com/knowledgegrows/ game-changer-for-the-environment/ [Accessed 24 April 2020].
- Yilmaz, T., 2019. Doğu Akdeniz'de GKRY için en akılcı seçenek iş birliği [online]. Anadolu Agency. Available from: https://www.aa.com.tr/tr/turkiye/dogu-akdenizde-gkry-icin-en-akilci-secenek-is-birligi-/1488040 [Accessed 4 May 2020].