A Sea of Cyber Threats: Maritime Cybersecurity from the Perspective of Mariners

TL;DR

This paper explores maritime cybersecurity challenges through a user study with mariners, revealing systemic issues and proposing targeted improvements to enhance maritime system resilience against cyber threats.

Contribution

It provides the first detailed categorization of maritime cyber threats from mariners' perspectives and offers specific recommendations for training, detection, and regulation improvements.

Findings

Mariners have experienced GPS spoofing and ransomware attacks.

Training and detection tools are inadequate for maritime cybersecurity.

Gaps in mariners' cybersecurity understanding pose risks.

Abstract

Maritime systems, including ships and ports, are critical components of global infrastructure, essential for transporting over 80% of the world's goods and supporting internet connectivity. However, these systems face growing cybersecurity threats, as shown by recent attacks disrupting Maersk, one of the world's largest shipping companies, causing widespread impacts on international trade. The unique challenges of the maritime environment--such as diverse operational conditions, extensive physical access points, fragmented regulatory frameworks, and its deeply interconnected structure--require maritime-specific cybersecurity research. Despite the sector's importance, maritime cybersecurity remains underexplored, leaving significant gaps in understanding its challenges and risks. To address these gaps, we investigate how maritime system operators perceive and navigate cybersecurity challenges within this complex landscape. We conducted a user study comprising surveys and semi-structured interviews with 21 officer-level mariners. Participants reported direct experiences with shipboard cyber-attacks, including GPS spoofing and logistics-disrupting ransomware, demonstrating the real-world impact of these threats. Our findings reveal systemic and human-centric issues, such as training poorly aligned with maritime needs, insufficient detection and response tools, and serious gaps in mariners' cybersecurity understanding. Our contributions include a categorization of threats identified by mariners and recommendations for improving maritime security, including better training, response protocols, and regulation. These insights aim to guide future research and policy to strengthen the resilience of maritime systems.