Cyber Security

Cyber Security of the Maritime ICTs, threat vectors and implications on Global Sea Lanes of Commerce (SLOC).

Synopsis:

This paper examines the cyber security aspect of the Maritime Transportation System (MTS) to understand the scope of the MTS, the different ways in which a hacker can infiltrate the computer systems of maritime, logistics, and port infrastructures, and the potential consequences and financial impact of a marine cyber disaster on businesses, states, and individuals.

GLOSSARIES: CISA (Cybersecurity and Infrastructure Security Agency), AI (Artificial Intelligence).

1.0 Introduction:

Cybersecurity refers to the protection of information, computer systems, and networks from unauthorized access or attacks. The threat level of cyber-attacks on the Maritime Transportation System (MTS) has increased by 400% in recent months. The CISA identifies 16 essential infrastructures critical to national economic security which can be physical or virtual assets, systems, networks, or assets. This study aims to inform the maritime audience about the threat vectors in the upcoming Artificial Intelligence (AI) era, highlighting the various components of cyber security. This article uses experimental methodology on how data/instruction is passed from LAN to LAN to conceptualize the cyber essentials using conventional equipment, protocols, and configurations. The ship`s LAN is created.

2.0 Maritime Transportation System (MTS) model:The US maritime transportation system (MTS) encompasses approximately 95,000 miles of coastline, 25,000 kilometres of waterways, and 361 ports. It is a complex system of interconnected physical and modern ICT networks (CISA, 2020). The MTS has six interconnected and interdependent sub-systems such as Ships, Shipping Lines, Intermodal Transfer, Inland water, people, and ports, each subsystem has its own distinct lines of business (Atlantic Council,2023).

3.0 Latest Bridge Model:

The key difference between ancient and the latest bridge models is the presence of ICTs. The latter consists of networks of satellites, computers, routers, and servers in the latter. The latter below figure 6 illustrates the underlying network. (Loomis et al., 2021, pp.1–50).

4.0 Ship’s Information Communication Technology (ICT) Systems:The eight systems of the ICTs of a ship are shown in figure 3 below, all these systems are in a central position in the Worldwide Area Network (WWAN). If supply chain disruptions were to occur, the monetary value could reach trillions of dollars within a matter of hours. Therefore, ensuring the security and reliability of these ICT systems in the maritime transportation system is essential. For example, Navigation uses charts, ECDIS, GNSS Radar, and Weather. Communications: AIS, GSM, Satellite Link, ship-to-shore, VoIP, and so on. All these devices are programmed and connected to the satellite and the computer networks with a worldwide range by the internet. (Loomis et al., 2021, pp.1–50).

5.0 Ship’s Network LAN, LAN to LAN, Ship Systems Cyber Security Fundamentals:

Figure 1 illustrates a typical ship network connected to a shore satellite that is invisible to human eyesight. The network has some components connected in series and others in parallel and is interdependent and interconnected. This star network topology is scalable and can easily be extended, or new ICT systems can be accommodated.

However, this topology also has a drawback, where if a computer clicks a malicious link, it can install malware despite firewall security arrangements, which can have cascading impacts on servers` computers and IoT devices, leading to data being stolen, malware replication, and connecting to botnets with malicious intentions. All devices in this network require regular updates and up-to-date security patches to keep the Local Area Network (LAN) safe and secure.

Figure 2 i.e., LAN-to-LAN connection is tested to establish how data is passing through the IPSec VPN tunnel with encryption. However, there are exceptions that some data may not be able to be encrypted due to commercial pressures and business necessities. In the cyber world, all parties take it as a loophole and compete to control assets, infrastructures, and services in the supply chain (ship, port, and logistics), leading to a tug of cyber war.

6.0 Computer Risk Management: (UoB, 2021)The subsequent paragraphs focus on every network administrator`s critical cyber security challenges. These challenges include threat vectors such as hacking, malware, and phishing, among others. Figure 4 above illustrates the 12 points of fundamentals of cyber security.

7.0 Key maritime cyber challenges:

The MTS computer network is a combination of LAN, WAN, and WWAN. Its main cyber security challenges include ensuring the security of networks and hardware, implementing threat monitoring, developing alternative networks, raising user awareness, and managing and configuring interfaces between networks to secure the whole network.

7.1 Viruses, Worms, Malware, and Botnet (Robot Network):Computer Virus = Class of part of software =Malware=Executable Files =Like a Human Virus, that needs to have bearer/host to be viral i.e., means it spreads from host to host, host it cannot spread/replicate. Computer Worm= Class of part of Software=Replicable Files=Like bacteria in the Human body, the worm does need not to have a bearer/host. It can replicate/reproduce by itself. Such as computer network PCs. The malware is used for cyber vandalism, cyber hacktivism, and cyber warfare stealing data to make money illegally. Bot connections invite botnets.

7.2. Attack Model: (IAPH, 2020)

Types of Techniques

How Delivered and Deployed

Social Engineering

Psychological Manipulation, tempting to click on social media posts.

Ransomware

Email phishing, Remote Desktop Protocol (RDP), Downloads, Pirated Software, Removable Media. (Cawthra et al., 2020)

Spoofing

Domain Spoofing, Email Spoofing, geolocation GPS spoofing, TCP/IP Spoofing

Unauthorized Access

Gaining access to a company`s network, endpoint, application, or device without permission.

7.4. Attack on Model: (Loomis et al., 2021, pp.1–50)

Attack on IT System

Attack on creation, processing, storing, securely transmitting, and electronically exchanging data, computers, networking, storage, and other devices.

Attack on OT System

Attack on both hardware and software.

Attack on PNT Systems

Attack on Positioning, Navigation and Timing (PNT) of the ships.

7.5 Navigation System: Modern ships ‘navigation systems have advanced IT interactions, which also increase vulnerability to specific threats as no computer equipment is 100% safe by default.

7.6 ICT Facts (Information Communication Technologies):

The Internet is a complex network made up of millions of other networks. The Maritime Transportation System (MTS) is similar in that it is a system of systems. However, vulnerabilities may surface when various components interact, such as from a ship to a satellite to a base station to a command and control and tracking centre.

Marine Traffic, 2023 suggests that clicking on a vessel allows easy access to shipping details via satellite. Still, malign actors/hackers can alter the data and send false information to the satellite, base station, and vessel tracking centre, leading to inaccurate vessel location data. (Marine Traffic, 2023).

7.7 Spoofing Attack:The spoofing attack on the global navigation satellite system (GNSS) aims to trick a GNSS receiver by transmitting fake signals that mimic real GNSS signals or by rebroadcasting real signals at a different location or time. The spoofing can cause the receiver to estimate its position incorrectly or at a different time, as decided by the attacker. (Ball, 2020), (Marine Traffic, 2023).

8.0 Implications of the Cyber Disaster:

The implication model illustrates the relationship between computer systems and the supply chain and how breakdowns can affect the entire system. The Defra Impact Calculator and methodology can be used to predict and calculate the monetary costs and impact of such breakdowns.

Figure 18 Cyber Disaster Implication Model

Shortages of essential items, price increases, industrial closures, unloaded shipping containers, and other factors can negatively impact a country`s economic health.

9.0 Conclusions:

It is important to remember that computer viruses need hosts to harm a system, service, or infrastructure. Cyber security can be effectively managed by understanding how malicious actors can take control of an organization’s assets and services. The objectives of this article are looked at /conceptualized from various angles. They will help maritime professionals promote their awareness of cyber responsibilities in their workplace to uphold supply chain resilience.

References:

1. Ball, B. (2020). Why GPS spoofing is a problem (and what to do about it). [online] NextNav. Available at: https://nextnav.com/gps-spoofing/ [Accessed 18 Jan. 2023].

2. Brewin, B. (2013). University of Texas Team Hijacks $80 Million Yacht with Cheap GPS Spoofing Gear. [online] Nextgov.com. Available at: https://www.nextgov.com/cxo-briefing/2013/07/university-texas-team-hijacks-80-million-yacht-cheap-gps-spoofing-gear/67625/ [Accessed 18 Jan. 2023].

3. Cawthra, J., Ekstrom, M., Lusty, L., Sexton, J. and Sweetnam, J. (2020). Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events. NIST SPECIAL PUBLICATION 1800-26. [online] doi:10.6028/nist.sp.1800-26.

4. CISA (2020). Critical Infrastructure Sectors | CISA. [online] Cisa.gov. Available at: https://www.cisa.gov/critical-infrastructure-sectors [Accessed 18 Jan. 2023].

5. Editorial Team (2020). Cyber-attacks on maritime OT systems increased by 900% in the last three years. [online] SAFETY4SEA. Available at: https://safety4sea.com/cyber-attacks-on-maritime-ot-systems-increased-900-in-last-three-years/ [Accessed 18 Jan. 2023].

6. Edwards, J. (2019). The Russians are screwing with the GPS system to send bogus navigation data to thousands of ships. [online] Business Insider Nederland. Available at: https://www.businessinsider.nl/gnss-hacking-spoofing-jamming-russians-screwing-with-gps-2019-4?international=truer=US [Accessed 18 Jan. 2023].

7. Government Law Enforcement (2023). The FBI’s Advice on Ransomware. [online] www.cybersecurityintelligence.com. Available at: https://www.cybersecurityintelligence.com/blog/the-fbis-advice-on-ransomware-6723.html [Accessed 18 Jan. 2023].

IAPH (2020). PORT COMMUNITY CYBER SECURITY Courtesy Port of Los Angeles. [online] IAPH, pp.1–15. Available at: https://sustainableworldports.org/wp-content/uploads/IAPH-Port-Community-Cyber-Security-Report-Q2-2020.pdf [Accessed 18 Jan. 2023].

9. Kessler, D.Z., Gary C. (2021). Cyber Threats and Choke Points: How Adversaries are Leveraging Maritime Cyber Vulnerabilities for Advantage in Irregular Warfare. [online] Modern War Institute. Available at: https://mwi.usma.edu/cyber-threats-and-choke-points-how-adversaries-are-leveraging-maritime-cyber-vulnerabilities-for-advantage-in-irregular-warfare/ [Accessed 18 Jan. 2023].

10. Leahy, C. (2013). UT Austin Researchers Successfully Spoof an $80 million Yacht at Sea. [online] UT News. Available at: https://news.utexas.edu/2013/07/29/ut-austin-researchers-successfully-spoof-an-80-million-yacht-at-sea/ [Accessed 18 Jan. 2023].

11. Loomis, W., Singh, V.V., Kessler, G.C. and Bellekens, X. (2021). RAISING THE COLORS: CYBER STATECRAFT Signaling for Cooperation on Maritime Cybersecurity. Atlantic Council, pp.1–50.

12. Reid, A. and Lorenz, J. (2008). Working at a Small-to-Medium Business or ISP: CCNA Discovery Learning Guide. 1st ed. Indianapolis, Indiana, USA: Cisco Press, pp.1–747.

13. Walton, H. (2022). The Maersk cyber-attack - How malware can hit companies of all sizes. [online] www.kordia.co.nz. Available at: https://www.kordia.co.nz/news-and-views/the-maersk-cyber-attack