In the ever-evolving landscape of maritime operations, cybersecurity has emerged as a critical concern, with digital and automated systems becoming increasingly integral to ship operations. A recent study published in the Journal of Marine Science and Engineering, led by Omer F. Keskin from the Cybersecurity Department at the University at Albany, State University of New York, sheds light on the potential cyber threats facing modern ships. The research, titled “Systematic Cyber Threat Modeling for Maritime Operations: Attack Trees for Shipboard Systems,” provides a comprehensive analysis of how cyberattacks could target navigation, operational, and communication systems onboard vessels.
Keskin and his team identified 20 distinct attack scenarios, categorizing them into three primary objectives: crashing, capsizing, and immobilizing a ship. By employing attack trees—a hierarchical diagram that maps out potential cyberattack pathways—the researchers systematically analyzed these threats, drawing insights from both literature and interviews with 10 maritime experts. The study found that while capsizing was deemed less likely due to robust ship designs, scenarios involving crashing and immobilizing ships were considered highly plausible, particularly in constrained environments like ports and narrow waterways.
The implications of these findings are significant for the maritime industry. As Keskin points out, “The increasing reliance on systems such as ECDIS and autopilot presents significant risks if compromised.” This underscores the need for enhanced cybersecurity measures in navigation systems and operational technologies. The study also highlights the importance of human factors, noting that errors, oversights, and inadequate security awareness can amplify the success of cyberattacks. Strengthening network segmentation, enforcing strict removable media controls, and improving crew training are key measures to mitigate these risks.
For maritime professionals, the study offers a valuable framework for assessing and addressing cyber threats. By integrating expert validation, the research ensures that its scenarios are grounded in operational realities, making the findings directly applicable to industry risk management and cybersecurity planning. Keskin emphasizes the need for closer collaboration between IT professionals, operational staff, and maritime engineers to bolster cyber defenses.
The commercial impacts of cyber threats in the maritime sector are substantial. The 2017 Maersk cyberattack, for instance, resulted in damages amounting to nearly $300 million, demonstrating the far-reaching consequences of cyber incidents. Beyond financial losses, disruptions in maritime operations can have severe humanitarian consequences, particularly in regions where ships serve as the primary means of connectivity. A cyberattack compromising a rescue vessel, for example, could delay emergency response, potentially resulting in loss of life.
The study’s findings present opportunities for the maritime sector to enhance its cybersecurity posture. By adopting structured threat modeling approaches, such as attack trees, ship operators can better identify, analyze, and mitigate potential cyber threats. This proactive approach can help prevent costly disruptions and ensure the safety and efficiency of maritime operations.
In summary, Keskin’s research provides a crucial roadmap for maritime professionals to navigate the complex landscape of cybersecurity threats. By leveraging systematic threat modeling and expert insights, the industry can strengthen its defenses and safeguard critical operations from both traditional and emerging cyber risks. As the maritime sector continues to embrace digital and automated systems, the need for robust cybersecurity measures has never been more pressing. The insights from this study, published in the Journal of Marine Science and Engineering, offer a timely and essential contribution to the ongoing efforts to secure the maritime domain.