Maritime Cyber Security Analysis

– How to Reduce Threats?

Ivan Mraković, Ranko Vojinović

Maritime cyber security management requires a holistic 1. INTRODUCTION

approach as there is an increase in complexity, digitalization,
and automation of systems in maritime industry. Numerous Maritime business is rapidly changing. The number of
interconnected systems between ship and shore, which are in integrated and interconnected systems, as well as those where a
need of a special focus in the internet environment, are increasing company can access and operate from shore, is rapidly increasing.
on daily basis. Nowadays one of the major concerns in maritime The term “maritime” refers to ships, yachts, offshore structures,
computing is vulnerability to cyber-attacks. In maritime industry, other floating objects, infrastructure, and anything else that
cyber incidents can lead to loss of life, loss of control over ships or connects and unifies all of the afore mentioned elements in
sensitive data, as well as ship and/or cargo hijacking. This paper business.
therefore covers key problems of maritime industry from cyber Cloud computing is flourishing as well. It brings an
security perspective and proposes solutions on how to eliminate increase in productivity, scalability, and a significant degree of
or minimize them. independence of user location, able to access database from any
location via internet connection. “Many organizations are now
KEY WORDS
migrating towards cloud due to its favorable features” (Balobaid
~~ Maritime cyber security
and Debnath, 2018).
~~ Cyber threat
As an example, the shipping company “UASC” have
~~ Cyber risk
migrated to a system for bunker ordering via cloud computing.
~~ Cyber-attack
The “classic” way of bunker ordering was inexpensive, so the
~~ Maritime industry
representatives of “UASC” moved a step forward, signing the
contract with “Shiptech” in order to create a cloud based bunker
ordering platform. Migrating to the new system enables “UASC”
to track market prices, to have a better communication with
suppliers, to improve the ship’s performance monitoring and to
plan bunkering of their whole fleet (Shiptech, 2015).
There is no company or ship operating totally or partly
online which is immune to cyber threats. Research (Einsig, 2016)
shows that business digitalization is obstructed by many factors.
Mediterranean University, Faculty of Information Technologies, Podgorica, The biggest threat is security vulnerability, especially cyber
Montenegro security. In the end, cyber incidents are ranked as the second
e-mail: iwanmrak@gmail.com most important risk of running a company. In maritime shipping,
31% of respondents have stated that they are frightened of
doi: 10.7225/toms.v08.n01.013
cyber-criminal, data theft, and other similar risks (Allianz Global
This work is licensed under Corporate & Specialty SE, 2018).

132 Ivan Mraković and Ranko Vujinoć: Maritime Cyber Security Analysis – How to Reduce Threats?
 „Maritime cyber risk refers to a measure of the extent systems (hardware, software, and associated infrastructure), the
to which a technology asset is threatened by a potential data on them, and the services they provide, from unauthorized
circumstance or event, which may result in shipping-related access, harm or misuse. This includes harm caused intentionally
operational, safety, or security failures as a consequence of by the operator of the system, or accidentally, as a result of failing
information or systems being corrupted, lost or compromised” to follow security procedures“ (Shaikh, 2017).
(International Maritime Organization, Guidelines on maritime Vulnerable systems onboard include the navigation
cyber risk management, MSC-FAL.1/Circ.3, 2017). bridge, cargo handling equipment, the engine room, the
The increase of cyber risks is a consequence of an increase power management system, and administrative as well as
in connectivity and dependency of global navigational systems. communicational systems. Numerous systems onboard which
Therefore “cyber security refers to the protection of information could be attacked are represented on Figure 1.

Figure 1.
Connectivity between ship’s systems – all of them represent potential targets (Ording, 2019).

Risk management is fundamental for safe and secure taking part and offering different solutions for dealing with cyber
maritime operations and it should adapt to the world of threats in maritime industry.
digitalization, automation, and interconnected businesses The common feature of all analyzed sources is setting risk
(International Maritime Organization, Guidelines on maritime assessment as a first step towards protection from unwanted
cyber risk management, MSC-FAL.1/Circ.3, 2017). consequences.
In the following sections we review the most common The National Institute of Standards and Technology (NIST)
forms of cyber-attacks in maritime industry, the most important brings „NIST Framework“ which is widely used as approach
threats and ways of defending upon them with a focus on ship’s to cyber security assessment, as well as a step towards the
infrastructure and operations. fulfillment of cyber risk management. The advantage of “NIST
framework” lies in its universality and flexibility, which is why it
2. INTERNATIONAL REGULATION AND GUIDELINES can be employed in many industries, including the maritime one
(National Institute of Standards and Technology NIST, 2018).
Upon analyzing literature sources we have arrived at the The International Maritime Organization (IMO) has taken
conclusion that many maritime transport participants, in the decisive steps in order to solve and control maritime cyber risks.
first-place regulatory bodies and international organizations, are

Trans. marit. sci. 2019; 13: 132-139 TRANSACTIONS ON MARITIME SCIENCE 133
 Actually, Maritime Safety Committee (MSC) and The Facilitation security, safety, and environmental protection as well as the
Committee (FAL) have issued “Guidelines on maritime cyber risk influence on personnel both onboard and ashore.
management” (MSC-FAL.1/Circ.3) as an answer to the increased For the same purpose the Baltic and International Maritime
number of cyber-attacks. The Guidelines completely accept NIST Councils (BIMCO) in (BIMCO, 2017) rely on publications of NIST
framework with five key elements: identification, protection, and IMO. The BIMCO’s attitude is published as „Guidelines on
detection, response, and recovery (International Maritime Cyber Security Onboard Ships“. BIMCO approaches to cyber risk
Organization, Guidelines on maritime cyber risk management, problems through the following items: 1-identification of threats
MSC-FAL.1/Circ.3, 2017). and vulnerabilities, 2-assesment of risk exposure, 3-development
There is also a Resolution numbered as MSC.428(98) – of protection and detection measures, 4-establishment of
“Maritime Cyber Risk Management in Safety Management contingency plans to respond and recover upon a cyber security
Systems“. This Resolution encourages flag states to force the incident.
companies to treat cyber security management at company level In “Code of Practice – Cyber Security for Ships” (Boyes, H. and
through “Safety Management System” (SMS) as the requirement Isbell, 2017) cyber risk problems are solved without reliance on
of “International Safety Management Code” (ISM). Such a the afore mentioned NIST framework. Actually the development
requirement should be fulfilled no later than first annual ISM of cyber risk management plan should rely upon cyber risk
verification after 1.1.2021. (International Maritime Organization, security assessment, which remind us of the fundaments of
Maritime cyber risk management in safety management systems, “International Ship and Port Facility Security Code” (ISPS) dealing
MSC.428(98), 2017). If the companies fail to implement the with general security onboard ships and at port facilities.
required measures, their ships could be detained by Port State All that has been stated above is complemented by
Control (PSC), thereby causing additional costs and business numerous classification societies which are publishing guidelines
losses. in order to direct their clients towards the right path. In (DNV-
The IMO have developed a Strategic plan (International GL, 2016), the most important classification society „DNVGL“,
Maritime Organization, Strategic plan for the organization for taking into consideration the IMO’s and BIMCO’s guidelines, as
the six-year period (2018 to 2023), A 30/Res.1110, 2017) for the well as NIST framework, defines three factors as key elements in
period between 2018 and 2023 where the need for an integration order to improve cyber security: 1-assessment, 2-improvement,
between the existing and new technologies in the regulatory 3-verification, followed by validation.
process is recognized, aiming at balancing benefits between

Figure 2.
Flow of adequate approach to cyber security problem onboard (DNV-GL, 2016).

134 Ivan Mraković and Ranko Vujinoć: Maritime Cyber Security Analysis – How to Reduce Threats?
 “DNVGL” relies on Deming circle, namely „PDCA“ cycle, as it 1. Few companies providing security onboard ships sailing
is trying to induce maritime transport participants to continually through “High Risk Area” (HRA) were subject to hacker attacks
asses their current risk using the risk matrix and other methods, back in 2011. Pirates successfully accessed sensitive data on
with a view to creating a productive and proactive system (Figure vessels movement, their cargo and insurance. Using that, they
2). Due to a rapid technology development, cyber security were able to plan their further actions and request ransom. Those
assessment should not rely only upon the well-known risks. On attacks had the same scenario – “key log” malwares were used to
the contrary, it requires a predictive and proactive approach record each keyboard press, and send the logs further to pirates’
which takes into account all systems onboard and ashore, their e-mail addresses (Frodl, 2012).
design, interconnection, and management manner. 2. Port of Antwerp in Belgium was under hacker attacks
In repetitive „PDCA“ cycle, the human factor must be committed by sophisticated drug smugglers in the period
acknowledged as equally important as all other business aspects between 2011. and 2013. Using malwares and, subsequently,
- “the desired behavior and awareness in terms of cyber security on, other methods, the hackers were successfully finding out the
therefore needs to be evaluated just like any other objective” location of cargo containers containing narcotics. Afterwards
(DNV-GL, 2016). they used to send their own drivers to collect the goods before
The latest regulation, which will certainly have a great the real owner could come to pick up the container. The Port
impact on shipping companies, is EU “General Data Protection authorities realized that something was going on just after whole
Regulation” (GDPR) which came into force in May, 2018. GDPR containers had started to disappear (Bateman, 2013).
forces shipping companies to conduct an assessment of impact 3. Despite the fact that the main purpose of Automatic
on personal privacy at any time when there is an increased risk Identification System (AIS) is increase in safety, easier
of privacy violation. Companies are obliged to report any system identification and communication at sea, a research (Balduzzi,
violation within 72 hours in order to enable the entire industry to Wilhoit and Pasta, 2014) shows that AIS has many deficiencies,
react quickly upon potential cyber-attacks (EUGDPR.org, 2018). especially in terms of cyber security because it is completely
However, the insurance against the cyber related risks is cyber unprotected. There were tests carried out to confirm such
still unrecognized for the maritime industry sector. The hull and issues, during which false AIS symbols were generated on various
machinery insurance (H&M) policies exclude cyber related risks locations around the world. The consequences which can result
by inserting relevant clauses, such as Cyber Attack Exclusion from a misuse of AIS are enormous.
Clause (CL380), while Protection and Indemnity Insurance (P&I) 4. A group of students successfully proved weaknesses and
offer pools with a limit of $30 million USD per ship in case of imperfections of Global Positioning System (GPS). In 2013 they
cyber-attacks which are not related to war or terrorist attack hacked the GPS signal on a private yacht and distributed false
activities (Lagouvardou, 2018). position data to navigational equipment. As the track-pilot was
active, automatic correction of course had been initiated in order
3. HISTORIC REVIEW OF MARITIME CYBER-ATTACKS to put the yacht back on route (Vaas, 2013).
5. Jamming of the GPS signal can cause a lot of trouble for
The exact number of maritime cyber-attacks is unknown navigation and positioning, both ashore and at sea. As GPS is
and can be considered to be much greater than reported, as under the control of the USA, the representatives of the White
attacks are frequently unnoticed or companies do not want to House issued a diplomatic warning to North Korea, due to a strong
publish such information in order not to endanger their business jamming encountered in Seoul. At that time the propagation of
or frighten their customers. strong radio waves caused a lot of trouble to airplanes flying over
In the recent era a set of attacks has resulted in data, system, the area affected (GPS World, 2016).
and equipment breaches, as well as serious financial losses. 6. In 2014 hackers used malware to shut off an oil platform
Depending on the kind of attack, consequences vary from minor and completely disable it for a period of 19 days (Wagstaff, 2014).
to moderate, such as in the case of data theft, while in the case of 7. In June 2017 the biggest container operator in the world
taking control over the whole system, for instance a vessel, they “Maersk”, suffered an enormous cyber-attack. “NotPetya“
seem to be reaching catastrophic levels. malware triggered a need for reinstallation of more than 4,000
Large cargo shipments usually travel for weeks across the servers and 45,000 PCs. The company was forced to transport,
oceans before reaching their final destination, which makes them load, and discharge containers without the IT support for 10 days
highly vulnerable to cyber-attacks as there is enough time to (Cimpanu, 2018).
remove evidence of the crime (Jones, Tam and Papadaki, 2016). 8. Also, in the summer of 2017,“Svitzer” company was a
The following is a list of the most important maritime victim of data theft – over 5,000 e-mails with personal data
cyber-attacks: were redirected to outside addresses. More than 400 employees

Trans. marit. sci. 2019; 13: 132-139 TRANSACTIONS ON MARITIME SCIENCE 135
 were endangered. The problem arose 10 months before it was authorized, or whole company’s network becomes infected.
discovered and then fixed within 5 hours. The investigation Therefore person „A“ shares login details or passwords thinking
confirmed that messages had been redirected to the outside that he is communicating with the superior.
addresses but, when the mailboxes become full, the e-mails were 4. Identity fraud – cyber-attacks can be aimed exclusively at
returning as non-delivered (Bogle, 2018). stealing identity in order to use it for further crimes. Identity fraud
9. Another gigantic company “COSCO” was a victim is commonly committed by using „Trojan“ malware.
of „NotPetya“ malware in July 2018. During the attack, 5. Ransomware is a kind of malware. A seemingly normal and
communication channels were disabled, first at port of Long harmless e-mail can cause a lot of trouble. Ransomware is usually
Beach and then in the whole USA territory (Cimpanu, 2018). in form of „.pdf“ or „.zip“ files attached to e-mail. By opening these
files the system is brought to danger as the malware initiates
4. ATTACK FORMS denial of access to document or to the system. The solution is in
paying off ransom in order to restore access to files or system.
The Classification society “Lloyd Register” in (Lloyd’s 6. „Man in the middle“ (MITM/MIM) is a kind of malware
Register, 2018) states that the number of cyber-attacks has which relies on SSL/TSL protocol weakness, being correspondent
increased by 27 % per year, while 86 % of companies were victims in communication between two network users (Čekerevac
of cyber-attack during 2017. The same source states that 44 % et al., 2017; Mallik et al., 2019). In such a case, downloading of
of companies believe their IT system requires upgrade in order important data occurs while users can rarely detect it.
to meet cyber security requirements, especially because 39 % of 7. Data theft usually goes unnoticed or is discovered too
those companies suffered attacks during 2017. late. Data is being copied or downloaded without authorization.
According to another research (IHS Markit, 2018), the most Committing criminal activities by using ransomware and
significant maritime cyber problems are manifested in one of the malware, unauthorized access results in data theft and data
following forms: deletion in order to hide the traces or to cause a lot of harm to
1. „Phishing“ is the most common form of cyber incident. business (Borazjani, 2017). This is supported by the fact that over
Attacks can be classified in two groups – the first one known 50,000 e-mails of “Svitzer” company were subject to data theft
as social engineering and the second one based on malwares back in the summer of 2017 (Bogle, 2018).
(Gupta et al., 2017). In the case of social engineering, the attackers
try to cause harm via e-mail which seems harmless at a glance, 5. HOW TO SOLVE A PROBLEM?
or via fake web site. On the other hand, malware phishing uses
malwares installed on client’s PC. Issuing the „Guidelines on Maritime Cyber Risk
This kind of threat is common onboard vessels in the form of Management” the IMO responded to an increase in cyber-attacks
e-mail. Usually e-mail contains a hyperlink to a fake web site by accepting the NIST framework containing of five elements:
where the user will, due to inattention or lack of knowledge, type identification, protection, detection, response, and recovery
personal details, such as username and password, to access their (International Maritime Organization, 2017). Similarly, BIMCO
account. This usually happens when, due to being extremely (BIMCO, 2017) defines the circle process base d on theNIST
busy, crew members do not pay attention to the e-mail content approach (Figure 3).
or the hyperlink. Identification is a process of identification OF internal and
2. Malware is a „computer code written to steal or harm. It external weaknesses or risks. It contains knowledge about:
includes viruses, spyware, and ransomware. Sometimes malware personnel and their abilities to recognize risks; systems; data and
only uses computing resources (e.g. memory), but at other times other elements that can cause a risk due to disruption of normal
it can record your actions or send your personal and sensitive IT process within the company.
information to cyber criminals“ (Paulsen and Toth, 2016). Detection means that it is necessary to conduct activities in
3. “Spear phishing” is a form of “phishing” and represents order to spot the cyber threat as soon as possible. Hence, early
one way of unauthorized collection of personal and sensitive threat detection leads to early detection of malicious intentions
data. Hence the hacker performs a “spear phishing” attack followed by on-time steps which will limit the consequences to
in the following manner: he contacts person „A“ inside the the part of the system, protecting the rest of it.
company, introducing himself as person „B“, who is at the same Protection requires following of contingency plans in case
time superior to person „A“. He uses fake e-mail address, but of threat or incident, as well as procedures and measures to
very similar to the company official’s one, attaching a file or a recover from the attack in good time.
hyperlink to the e-mail. By clicking the file in the attachment or Response to threats depends on the development and
by opening the link, login details are shared, transactions are implementation of plans and activities which will restore the
system upon cyber-attack.

136 Ivan Mraković and Ranko Vujinoć: Maritime Cyber Security Analysis – How to Reduce Threats?
 Figure 3.
Cyber risk management (BIMCO, 2017).

Recovery is the last phase which requires implementation of as well as for creating appropriate conditions for successful
measures to restore the system and the data which were under protection against attacks and threats.
attack. This phase precedes the first one – identification of risks Every single user onboard, as well as ashore at the company
and weaknesses. headquarters, should be limited with user rights with regard to
Notwithstanding the fact that these elements have a some information, data, or parts of the system. The reason which
general character, they provide clear guidelines to companies lies behind limitation of access and user rights is mainly referred
which are free to create their own procedures and solutions in to steps made due to lack of knowledge or unintentionally,
order to satisfy their own needs. causing the system to become vulnerable and exposed to data
We believe that there are three basic considerations upon theft or similar incidents.
which cyber security measures must rely: IT network onboard is the crucial element of defense
1. Human resources – personnel should be aware of risks and against cyber-attacks. However, the real disposition and
have adequate skills and qualifications. Also, employees should protective measures onboard vessels are usually not as
be familiar with the procedures, levels of authorization, physical prescribed by international recommendations. Therefore
security barriers, and they should be well trained in risk response. the network configuration and its protective measures are
2. Technology – adequate system design is a requirement. of utmost importance, which can be achieved by following
Software configuration should satisfy further inspection, recommendations and company procedures. At first, the use of
verification, and testing processes. firewall to separate internal (safe) network from external (unsafe)
3. Processes – include management of systems and networks, network is crucial.
management policies and procedures, audits, contracts with Performing of security assessment will enable the company
third parties etc. to spot its weaknesses and vulnerabilities and to minimize them
It is for these reason that the cyber security battle is not to the maximum extent. Based on the remaining and unsolved
dependent solely on IT. Hence, it should start at the top of the weaknesses and vulnerabilities, it is necessary to develop
company with implementation of cyber security procedures preventive measures, as well as recovery measures, in case of a
through the SMS. That is the most important precondition for the successful cyber-attack.
future plan development, education and training of seafarers,

Trans. marit. sci. 2019; 13: 132-139 TRANSACTIONS ON MARITIME SCIENCE 137
 In order to meet all of the afore mentioned requirements, matter, inadvertently perform some tasks, frequently resulting in
it is necessary to monitor obeying the procedures, tasks and the system being exposed and open to attack.
activities, as well as to monitor personnel behaviour in relation to Awareness is a necessity in all business aspects – if there is
the usage of IT resources. no awareness among employees at the company headquarters,
Since there is an increasing number of systems onboard then all awareness onboard ship will not have a great impact.
which are accessible from the company’s headquarters, such Sooner or later, the difference between successful and
systems should be treated with special attention, protected with unsuccessful business companies will be in their sustainability in
additional procedures which will enable safe and secure access response to cyber-attacks.
whenever it is necessary. Our future work will be aimed at improving the efficiency
Implementation of anti-malware and anti-virus is a must, of seafarers’ education related to minimizing the number of
and there is no need to particularly underline it within this article. successful cyber-attacks onboard vessels. Special attention
It is very common for the whole systems to get infected should be given to various forms of training which will become
onboard ship by using infected USB drives. This can be classified mandatory in the near future. The creation of comparative
as user’s insufficient knowledge. Companies should find a analyzes, assuming that companies abide by the new European
way to overcome such and similar occurrences – usually by Union “General Data Protection Regulation“, should provide
implementation of online trainings provided by renowned answers as to what extent the maritime industry has successfully
companies „VIDEOTEL“ or „SEAGULL“, or even by classification responded to new form of war – cyber threats.
societies. Tanker shipping companies have widely accepted
newly introduced „OCIMF” requirements by using „Tanker REFERENCES
management and self-assessment“ (TMSA) tool (OCIMF, 2018).
Allianz Global Corporate & Specialty SE, 2018. Allianz Risk Barometer 2018:
Employees’ education expenses are negligible in comparison to
Appendix. Available at: https://www.agcs.allianz.com/assets/PDFs/Reports/Allianz_
the costs which may arise in case of a cyber-attack. Risk_Barometer_2018_APPENDIX.pdf, accessed on: 20 November 2018.
There is also a need for introducing “Cyber Security Officer”
Balduzzi, M., Pasta, A. & Wilhoit, K., 2014. A security evaluation of AIS automated
(CySO) (Boyes, H. and Isbell, 2017). CySO should be delegated identification system. Proceedings of the 30th Annual Computer Security
to perform cyber security assessment and to implement actual Applications Conference on - ACSAC ’14. Available at:
security plan, as well as to educate crew to respond to more and http://dx.doi.org/10.1145/2664243.2664257.
more frequent threats. Of course, CySO should be adequately Balobaid, A. and Debnath, D., 2018. Cloud Migration Tools: Overview and
educated and certified to conduct such a demanding task. Comparison, in: Yang, A. et al. (eds), SERVICES 2018, LNCS 10975, pp.93-106.,
Available at:
6. CONCLUSION https://doi.org/10.1007/978-3-319-94472-2

Bateman, T., 2013. Police warning after drug traffickers' cyber-attack, BBC News.
Cyber threats, vessels, port terminals and other maritime Available at: http://www.bbc.co.uk/news/world-europe-24539417, accessed on:
systems evolve simultaneously. Negative effects of cyber-attack December 2nd 2018.

are evident not only onboard the victim vessel, but in a much BIMCO, 2017. The guidelines on cyber security onboard ships, version 3. Available at:
wider sector including shipping companies, port terminals, http://www.ics-shipping.org/docs/default-source/resources/safety-security-and-
interconnection systems etc. operations/guidelines-on-cyber-security-onboard-ships.pdf?sfvrsn=16, accessed
on: November 1st 2018.
GPS signal jam causing the crude oil tanker to ground in
dense fog is much more serious than the grounding itself, by Bogle, A., 2018. Svitzer employee details stolen in data breach affecting almost
far exceeding the average costs. In such a case, the oil spillage half of its Australian employees, ABC News. Available at: https://www.abc.net.
au/news/2018-03-15/sensitive-data-stolen-from-global-shipping-company-
is bound to cause an ecological catastrophe. Apart from GPS
svitzer/9552600, accessed on: November 30th 2018.
imperfections and its misuse, this article has presented other
unpleasant events with, in the majority of cases, serious Borazjani, P.N., 2017. Security Issues in Cloud Computing. Lecture Notes in Computer
Science, pp.800–811. Available at:
consequences.
http://dx.doi.org/10.1007/978-3-319-57186-7_58.
Apart from the great attention which is already being
Boyes, H. and Isbell, R., 2017. Code of Practice Cyber Security for Ships, London:
given to maritime cyber security, much more should be done.
Institution of Engineering and Technology.
Regulation is just one step towards the goal achievement.
However, the personnel seems to present an even bigger Čekerevac, Z. et al., 2017. MAN-IN-THE-MIDDLE ATTACKS AND INTERNET OF THINGS
Z. Čekerevac, ed. FBIM Transactions, 5(2). Available at:
problem than the regulation itself, because it often happens that
http://dx.doi.org/10.12709/fbim.05.05.02.03.
the crew onboard, with minimum or no knowledge about this

138 Ivan Mraković and Ranko Vujinoć: Maritime Cyber Security Analysis – How to Reduce Threats?
Cimpanu, C., 2018. Maersk Reinstalled 45,000 PCs and 4,000 Servers to Recover From Jones, K.D., Tam, K. & Papadaki, M., 2012. Threats and Impacts in Maritime Cyber
NotPetya Attack, Bleeping Computer. Available at: https://www.bleepingcomputer. Security. Engineering & Technology Reference, 1(1). Available at:
com/news/security/maersk-reinstalled-45-000-pcs-and-4-000-servers-to-recover- http://dx.doi.org/10.1049/etr.2015.0123.
from-notpetya-attack/, accessed on: December 7th 2018.
Lagouvardou, S., 2018. Master thesis: Maritime Cyber Security: concepts, problems
Cimpanu, C., 2019. Ransomware Infection Cripples Shipping Giant COSCO's American and models, Technical University of Denmark – DNU. Available at: http://orbit.dtu.
Network, Bleeping Computer. Available at: https://www.bleepingcomputer.com/ dk/files/156025857/Lagouvardou_MScThesis_FINAL.pdf, accessed on: April 14th
news/security/ransomware-infection-cripples-shipping-giant-coscos-american- 2019.
network/, accessed on: January 4th 2019.
Lloyd’s Register, 2018. Building resilience against new risks - cyber security
DNV-GL, 2016. Recommended practice: Cyber security resilience management for for an era of innovation. Available at: https://info.lr.org/l/12702/2018-09-
ships and mobile offshore units in operation, DNVGL-RP-0496. 03/5bl2c4/12702/196667/lr_cyber_security_brochure_digital_201809.pdf,
accessed on: November 1st 2018.
Einsig, B., 2016. Cloud Computing, The Internet of Things and Maritime
Transportation, Cisco. Available at: http://aapa.files.cms-plus.com/SeminarPresen Mallik, A. et al., 2019. Man-in-the-middle-attack: Understanding in simple words.
tations/2016Seminars/2016SecurityIT/Einsig.pdf, accessed on: December 4th 2018. International Journal of Data and Network Science, pp.77–92. Available at:
t.
EUGDPR.org, 2018. GDPR Key Changes. Available at: https://eugdpr.org/the-
regulation/, accessed on: December 14th 2018. National Institute of Standards and Technology NIST, 2018. Framework for Improving
Critical Infrastructure Cybersecurity, 1.1. Available at:
Frodl, G.M., 2012. Pirates Exploiting Cybersecurity Weaknesses in Maritime Industry
https://doi.org/10.6028/NIST.CSWP.04162018
- Wave of cyber-attacks, SAFETY4SEA. Available at: https://safety4sea.com/pirates-
exploiting-cybersecurity-weaknesses-in-maritime-industry, accessed on: February OCIMF, 2018. About TMSA. Available at: https://www.ocimf.org/sire/about-tmsa/,
2nd 2019. accessed on: November 30th 2018.].

GPS World, 2016. State Department issues notice on North Korean jamming. Ording, K., 2019. Ethical Hacking, DNV GL. Available at: https://www.dnvgl.com/
Available at: http://gpsworld.com/state-department-issues-notice-on-north- feature/ethical-hacking.html#start, accessed on: February 1st 2019.
korean-jamming, accessed on: November 1st 2018.
Paulsen, C. and Toth, P., 2016. Small Business Information Security: The Fundamentals,
Gupta, B.B. et al., 2016. Fighting against phishing attacks: state of the art and future NIST Interagency/Internal Report (NISTIR) - 7621 Rev 1. Available at: https://doi.
challenges. Neural Computing and Applications, 28(12), pp.3629–3654. Available at: org/10.6028/NIST.IR.7621r1, accessed on: November 11th 2018.
http://dx.doi.org/10.1007/s00521-016-2275-y.
Shaikh, S.A., 2017. Future of the Sea: Cyber Security - Foresight Evidence Review,
IHS Markit, 2018. Maritime Cyber Survey 2018 - the results. Available at: https:// Government Office for Science, London: Crown. Available at: https://assets.
bi-cd02.bimco.org/-/media/bimco/news-and-trends/news/security/cyber- publishing.service.gov.uk/government/uploads/system/uploads/attachment_
security/2018/fairplay-and-bimco-maritime-cyber-security-survey-2018.ashx, data/file/671824/Future_of_the_Sea_-_Cyber_Security_Final.pdf, accessed on:
accessed on: December 5th 2018. December 15th 2018.

International Maritime Organization, 2017. Guidelines on maritime cyber risk Shiptech, 2015. United Arab Shipping Company (UASC) implements Shiptech to
management, MSC-FAL.1/Circ.3. Available at: http://www.imo.org/en/OurWork/ streamline its fuel purchasing. Available at: http://www.shiptech.com/press-release/
Security/Guide_to_Maritime_Security/Documents/MSC-FAL.1-Circ.3%20 uasc-2015/, accessed on: December 15th 2018.
-%20Guidelines%20On%20Maritime%20Cyber%20Risk%20Management%20
Vaas, L., 2013. $80 million yacht hijacked by students spoofing GPS signals, Naked
(Secretariat).pdf, accessed on: November 15th 2018.
Security. Available at: https://nakedsecurity.sophos.com/2013/07/31/80-million-
International Maritime Organization, 2017. Maritime cyber risk management in yacht-hijacked-by-students-spoofing-gps-signals/, accessed on: December 9th 2018.
safety management systems, MSC.428 (98). Available at: http://www.imo.org/
Wagstaff, J., 2014. All at sea: global shipping fleet exposed to hacking threat, Reuters.
en/OurWork/Security/Guide_to_Maritime_Security/Documents/Resolution%20
Available at: https://www.reuters.com/article/us-cybersecurity-shipping/all-at-
MSC.428(98).pdf, accessed on: November 15th 2018.
sea-global-shipping-fleet-exposed-to-hacking-threat-idUSBREA3M20820140423,
International Maritime Organization, 2017. Strategic plan for the organization for accessed on: December 7th 2018.
the six-year period 2018 to 2023, A 30/Res.1110. Available at: http://www.imo.org/
en/About/strategy/Documents/A%2030-RES.1110.pdf, accessed on: November 15th
2018.

Trans. marit. sci. 2019; 13: 132-139 TRANSACTIONS ON MARITIME SCIENCE 139