A Structured Analysis of Information Security Incidents in the Maritime Sector

TL;DR

This paper provides a comprehensive analysis of publicly known cyber incidents in the maritime sector over 20 years, highlighting the prevalence, expert insights, and the need for improved threat information sharing.

Contribution

It offers the first detailed overview of maritime cyber incidents combined with expert interviews, emphasizing unreported threats and sharing practices.

Findings

90 publicly reported attacks identified

15 proof of concepts documented

Experts confirm high underreporting of incidents

Abstract

Cyber attacks in the maritime sector can have a major impact on world economy. However, the severity of this threat can be underestimated because many attacks remain unknown or unnoticed. We present an overview about publicly known cyber incidents in the maritime sector from the past 20 years. In total, we found 90 publicly reported attacks and 15 proof of concepts. Furthermore, we interviewed five IT security experts from the maritime sector. The interviews put the results of our research in perspective and confirm that our view is comprehensive. However, the interviewees highlight that there is a high dark figure of unreported incidents and argue that threat information sharing may potentially be helpful for attack prevention. From these results, we extract threats for players in the maritime sector.