Maritime Cybersecurity

The digitalization of all areas of activity, including maritime, today is characterized, among other things, by two powerful influencing factors: on the one hand, artificial intelligence (AI) increasingly taking over the most important functions and develops very quickly, and on the other hand, threats and risks related to cybersecurity. The common belief, which is hard to argue against, is that the first factor is positive, because it contributes to developments, and the second is undoubtedly negative, because it hinders developments and can even inhibit them; from here, it is easy to conclude that in order to continue and accelerate progress, the positive aspects of the first factor must be contributed in every way and the fight against the effects of the second factor must be undertaken. But how realistic and consistently achievable are these two goals in interaction? True, in the light of the developments of the last years and even months, it seems that the AI “train” has started its impressive journey at high speed, and nothing can stop it. At the same time, continuing the allegory, there is still a “wagon” of cyber threats attached to this “train,” and getting rid of it or even defeating it to a sufficient extent seems problematic, at least now. The author of this chapter expresses an estimated opinion that as long as people fight against each other on both sides of the “cyber war” (“bad” guys against “good” ones), it is so to say war of attrition, where no glorious victory awaits either side. It seems to the author that it is possible to change the situation and achieve victory over the “bad” guys only if the AI itself takes over its own protection. Whether and to what extent this is possible is one of the main topics of this chapter. In the author’s opinion, there can be any truth behind this only if the AI acquires a large part of the characteristics unique to humans (values, moral principles, emotions, etc.), thanks to which it would be possible to be guided by the specific laws or rules of behavior of the AI. As a classic example, the so-called three laws of robotics, formulated by the American science fiction writer Isaac Asimov about 80 years ago, are based on the principle of avoiding harm to humans (Anderson, Asimov’s “Three Laws of Robotics” and machine metaethics, University of Connecticut, Dept. of Philosophy, Stamford, CT, https://​cdn.​aaai.​org/​Symposia/​Fall/​2005/​FS-05-06/​FS05-06-002.​pdf). In this chapter, we have analyzed whether such AI developments are possible at all and what threats and difficulties this entails in turn.

The field of cybersecurity is evolving, and with the digitalisation of all areas of life, the shortage of skilled professionals poses a critical challenge to the maritime sector as it does to other sectors. In the past decades, the world changed more in technology than the workforce could keep pace with it. This chapter delves into the multifaceted dimensions of the cybersecurity workforce gap, emphasising that the solution cannot rely solely on traditional higher education or upskilling within the existing IT sector. Cybersecurity poses challenges to all aspects of the economy and industry. Drawing insights from industry reports and expert opinions, the narrative underscores the limited pool of cybersecurity professionals, and the risks associated with a transient workforce. A paradigm shift is needed in the foreseeable future, asserting that cybersecurity is a shared responsibility that transcends industry boundaries.

Maritime, as other sectors, will prevail and be resilient if the people working within will reach a desired level of awareness themselves, from pioneering work in seafarers’ cybersecurity education to involving diverse fields will have transformative impact. The solution lies in the role of governing bodies, and businesses in fostering cyber awareness, to reach a holistic strategy encompassing early education, collaboration across sectors, and a collective commitment to cyber hygiene. Ultimately, the vision is that there will be a future where cybersecurity is seamlessly integrated into various professional skill sets, transcending its current status as a distinct specialisation.

As the maritime industry rapidly digitalises, robust cybersecurity measures have become essential. This chapter presents an innovative approach to cybersecurity awareness training for future seafarers, focusing on integrating behaviour change models to enhance cyber resilience. By addressing the cybersecurity challenges inherent in modern maritime operations, it proposes a framework for embedding these models into maritime education, transforming training from purely informational to behaviourally transformative. A key concept introduced is the “level of paranoia,” denoting a heightened state of vigilance that encourages seafarers to be more cautious of cyber threats without causing undue fear. Improving this appropriate level of paranoia enables future maritime officers to better detect and respond to cybersecurity risks. A case study from TalTech Estonian Maritime Academy demonstrates the practical impact of this approach. The academy implemented a compulsory “Introduction to Cybersecurity” course incorporating the COM-B model and Fogg’s behaviour model to foster secure habits among students. This led to increased understanding of cyber threats and the adoption of long-term secure behaviours, evidenced by improved responses to simulated cyber incidents and positive feedback on habit-forming exercises. The chapter offers valuable insights and practical strategies for reshaping maritime cybersecurity education to meet the demands of the digital age. It underscores the necessity of cultivating a security-conscious culture among future maritime officers and demonstrates the effectiveness of behaviour-focused training in enhancing the industry’s overall cyber resilience.

Although the Port of Tallinn is located on the Baltic Sea and the Port of Koper on the Adriatic Sea, these two ports have similar cargo volumes and receive a similar number of cargo ships each year, while the difference is in container and passenger volume. In addition to a comparative analysis of the performances of these two ports, we analyze the level of their preparedness to meet the challenges of cyber threats. In this direction, extensive research was carried out in relevant secondary sources, while in-depth interviews and surveys were conducted with the important cybersecurity officers in the ports of Tallinn and Koper. The aim is to draw attention to the importance of coordinating ports’ defences against cyber risks across different geo-political regions and dynamics.

Cyber-physical systems (CPSs) are digital and mechanical devices that use sensors and actuators to sense and change their state. The CPSs rely on the accuracy and precision of their constituents to achieve a desired state. All components of CPSs are susceptible to malfunction or failure. These systems are also vulnerable to deliberate attacks on both their cyber and physical components. Errors due to malfunctions or intended attacks on CPSs can cause the system to react in an undesirable or potentially dangerous way. As an example, consider a CPS as an unmanned sea-surface vehicle (USV). An adversary who spoofs the Global Positioning System (GPS) signal sent to the USV can fool the autopilot into trusting that the USV is somewhere other than where it is. As a result, the autopilot will detect that the USV is off course, risking a collision or running the USV aground. The adversary can attack the system at any of the components of the control system. This attack can be propagated through the control system, and it can change the value of the control signal in some random way. This effect might be modeled as overwriting the original control signal with a random value. Therefore, the focus of this chapter will be to simulate a disturbance in the control signals (we can assume it is caused by a cyber-attack) and how this affects the rudder behavior of the USV. An alternative solution using a controller aid will be proposed. This specific topic will be situated within the somewhat broader framework of digital transformation in the maritime industry, together with integrated navigation systems, whether on board the vessel or in a remote-control center on shore, as USVs are an inevitable part of this process.

The Automatic Identification System (AIS) is a tracking system used in vessels and vessel traffic control services to identify and locate vessels and is being regarded as the main tool for complementing the navigator’s direct visual/audible information augmented with RADAR data to prevent collisions at sea. Despite its criticality, AIS in its general use, with the corresponding message broadcasting protocol, is not secured from cyberattacks. Its security vulnerabilities have been extensively discussed in the literature, and several real incidents have been reported. To address the security vulnerabilities, several papers have been published proposing security solutions to AIS broadcasts. In this chapter, we categorise all these papers based on the compatibility of the solutions they describe with the AIS protocol standard, and we review all the proposed solutions providing insights on their applicability. We also discuss the main obstacles for their feasibility in practice and propose a possible way forward.

The Automatic Identification System (AIS) is a tracking system used in vessels and vessel traffic control services to identify and locate vessels and is being regarded as the main tool for complementing the navigator’s direct visual/audible information augmented with RADAR data to prevent collisions at sea. Despite its criticality, AIS in its general use, with the corresponding message broadcasting protocol, is not secured from cyberattacks. Its security vulnerabilities have been extensively discussed in the literature, and several real incidents have been reported. To address this issue, several research papers have been published proposing anomaly/attack detection systems based either on machine learning (ML) approaches requiring large datasets or on logic-based rule systems built with the help of maritime experts. In this chapter, we propose an alternative ML approach to develop an attack detection system using Inductive Logic Programming (ILP), a symbolic AI method, to incrementally learn rules that help detect anomalies in AIS data that potentially could indicate spoofing attacks. As a main result, we demonstrate that ILP frameworks that combine relational logic and numerical reasoning stand out for the ability to generalise from a small set of examples and provide explainable evidence of anomaly occurrence, making it suitable for operational use in maritime environments.

Maritime transport is critical to the global economy; however, it is vulnerable to disruptions impacting global trade. Academia, industry, and national and international organisations make serious efforts to enhance the sector’s resilience, focusing on the cyber-aspects as well. With their unique characteristics, marine vehicles and their defence have only recently emerged as a significant area of cybersecurity study. Existing literature touches upon various aspects of intrusion detection systems (IDSs) as a potential defensive measure for Information Technology (IT) infrastructure against cyberattacks along with the special characteristics of the marine vehicles that brings the need for solutions considering the uniqueness of the operational technologies (OT). Despite of the reach literature a comprehensive discussion presenting an overall, conceptional view is needed. Our paper that addresses this need introduces the different technical aspects to be considered during the design and integration of an IDS into a marine vehicle. To find the relevant details, we conducted a comprehensive literature survey and gathered details that could help the integration process.

High level automation of ship technology promises to revolutionize maritime activities with benefits like reduced operational costs and enhanced safety. Yet, this technology also encounters significant challenges in cybersecurity. Cyber-attacks on autonomous or highly automated ships could lead to disastrous outcomes, including environmental damage and threats to safety and security. These attacks might compromise key systems like GPS or communication channels, resulting in loss of control and potential accidents. To mitigate these risks, this paper focuses on employing artificial neural networks for accurately estimating a ship’s position using data from various sensors, such as gyroscopes, propeller speed, propeller pitch, weather and sea states, drafts, and engine load. This method may help in detecting and counteracting any manipulated positional data and make cross-verification of GPS data and other speed measurement technologies like Doppler sensors. Additionally, the effectiveness of artificial neural networks in this context is demonstrated by testing the algorithm with new data sets, manipulating the ship’s position to assess its accuracy. The findings indicate that leveraging propulsion system data within dead reckoning systems to develop an artificial neural network could provide a reliable solution for detecting and mitigating GPS spoofing-related cyber threats in the maritime industry.

Today, the world is fully digitized and interconnected, with the advent of technologies. One of the biggest threats to this digital world is the illegal use of cyberspace by cyber attackers. As technology grows, the emergence of highly skilled cyber attackers against the technology also proliferates. The impact of cyberattacks has been found widespread in all sectors and resulted in socio-economic problems in the world. The maritime industry is also the victim of this jeopardizing issue. The major causes of cyberattacks are vulnerabilities in technology and the intelligence or innocence of humans. This chapter mainly focuses on the intervention of humans in cyberattacks, as a victim as well as an attacker, and reviews the impact of social engineering on maritime cybersecurity. It starts with the discussion of various social engineering attacks and some real-world incidents, to understand the roles and responsibilities of the employers and the employees in an organization to ensure the cybersecurity of the organization. It explains the major challenges in preventing social engineering attacks on an organization and the defense strategies. Finally, it describes the cybersecurity issues in the maritime domain, some cyber incidents over the period, and mitigation strategies.

In the evolving landscape of maritime navigation, the security of marine radar systems is paramount to ensuring safe and reliable operations. This research presents a pioneering approach to detecting and classifying network-based cyberattacks on marine radar systems through advanced deep learning techniques. Leveraging a comprehensive dataset generated from a meticulously designed simulation environment, we employ a 1D Convolutional Neural Network (1D CNN) to identify and mitigate various forms of cyber-threats. The methodology begins with the extraction of robust features from raw network traffic captured in .pcap files, encompassing a wide range of attributes. These features are crucial in characterizing normal versus malicious behaviors in radar communications. By transforming this data into a structured format suitable for machine learning, we facilitate the training of a sophisticated 1D CNN model tailored for binary and multi-class classification. The proposed model demonstrates exceptional performance, achieving near-perfect accuracy, precision, recall, and F1 scores in detecting attacks, including Denial of Service (DoS), scaling, addition, rotation, move, translation, and removal attacks. For binary classification, the model achieved perfect scores across most attack types and a near-perfect score for DoS attacks with a 99.35% F1 score. In multi-class classification, the model achieved an overall accuracy of 1.0000, with perfect precision, recall, and F1 scores for almost all classes except for a marginally lower recall (0.9900) for the DoS class. The results underscore the efficacy of deep learning in enhancing the resilience of marine radar systems against cyber-threats. This research sets a new benchmark in maritime cybersecurity by illustrating the potential of 1D CNNs in safeguarding marine radar operations.

In today’s digital age, where technology is deeply integrated into every aspect of our lives, ensuring the security and privacy of our personal data has become more important than ever before. With the increasing number of cyber threats and data theft, it is crucial to understand the importance of protecting our sensitive data. This chapter aims to shed light on the importance of security and privacy and provide insight into how Raspberry Pi hacks can improve these aspects, if we use Raspberry Pi for our private purposes and small home networks, for instance.

Maritime industry can no longer overlook the reality of cyber risks. Cyber-attacks have multiplied, and their financial implications can be seriously significant comparable to the largest maritime accidents and crises we are already familiar with. In response, regulations are appearing, but they seem far from satisfactory. One must question whether the unification of regulations on this matter is necessary, and in this regard, the Comite Maritime International (CMI) has a role to play.