Threats to Maritime Critical Infrastructure: Maritime Cyber Security

Threats to Maritime Critical Infrastructure: Maritime Cyber Security
Name
Department
Course
Instructor
Due Date
Threats to Maritime Critical Infrastructure: Maritime Cyber Security
Cyber security protects computer systems against unauthorized access and intervention or access while applying technologies, processes, and controls to protect systems, networks, programs, devices, and data from cyber-attacks. Maritime cyber security can potentially affect ships, other maritime vessels, maritime infrastructure shipping companies, port operators, and maritime platforms. The maritime navigation systems are connected to technology to ease communication, navigation, and propulsion. Maritime mainly represents ships, offshore structures, infrastructure, yachts, and other floating vessels at sea and includes everything else that connects the aforementioned things (Mraković &Vojinović, 2019).  Despite the need to improve maritime cyber security, the topic has not been widely researched (DiRenzo et al., 2015). Furthermore, the maritime industry's low or lack of cyber security awareness is a concern because of lax cyber security measures and risk management strategies. 
 Increasingly, port operations are integrated with computer networks, digital and technology systems, and maritime cyber security is affected by different vulnerabilities that an attacker could exploit. The coronavirus pandemic (Covid-19) necessitated changes in the maritime industry where ships have increased remote access and remote inspection. However, this may also increase vulnerability to cyber-attacks. Human beings remain the weakest link to cyber security, and it is essential for crew members seafarers to receive cyber security training to identify and report cyber incidents (DiRenzo et al., 2015).
Preventing, identifying, and documenting unusual and suspicious activities and threats associated with the maritime cyber environment is necessary to improve maritime cyber security. Different attacks target a system or parts of the system. Advanced persistent threats (APT) is one of the most concerning a that are well-coordinated, and attackers gain unauthorized access to a network and remain undetected for a prolonged time. While maritime port operations have long focused on physical safety, the threat of maritime cyber security poses new challenges and risks and can potentially affect maritime operations (Progoulakis et al., 2021). Cyber vulnerabilities in the US maritime infrastructure indicate gaps making it harder to prevent cyber incidents and threats. Ports rely on different networked technologies to communicate and operate facilities, but digitization also leaves facilities vulnerable to cyber attacks. Nonetheless, ports are integral to the networked systems; there has been more focus on securing them physically and n cyber security than other critical maritime infrastructure elements. 
This research aimed to determine the threats to critical maritime infrastructure and maritime cyber security. It was hypothesized that the lack of cyber-security awareness undermines cyber security resilience and increases the risk of attacks on critical maritime infrastructure. Cyber security training awareness is essential to improving system security where there is better awareness and knowledge on risks, threats, and vulnerabilities in maritime cyber security.
My research questions for this paper will be: 
What maritime cyber security threats and vulnerabilities affect the industry?
What strategies and policies can improve maritime cyber security?
Literature Review
Researchers have looked into threats, vulnerabilities, and attacks to the maritime sector, but there is a need for more studies on maritime cyber security to determine the challenges, risks, and areas requiring improvement to enhance maritime cyber resilience. Research on threats to critical maritime infrastructure has been conducted using either primary or secondary sources of information.
Maritime Cyber Security Challenges 
DiRenzo et al. (2015) highlighted challenges to maritime cyber security. However, vulnerabilities in the maritime sector have not been well studied, potentially affecting port operations, shipboard systems, oil rigs, and port operations. Implementing best practices in the maritime sector and improving awareness of maritime cyber risks, threats, and vulnerabilities is necessary to improve maritime cyber resilience (DiRenzo et al., 2015). Ships need to communicate with other ships and require an Automatic Identification System (AIS). Still, AIS is a vulnerable part of a ship's system, and attackers can gather information on ship location and position. 
Vessels are also vulnerable to cyber-attacks where attackers spoof the systems to make false warning alerts and compromise navigation. In the study by Androjna et al., 2020, the researchers focused on the trends and challenges vulnerability to navigation and maritime shipping. They singled out satellite navigation systems, especially for Global Positioning System (GPS), and how these vulnerabilities can be exploited, such as spoofing to alert vessels course. Increased reliance on technology and connectivity increases susceptibility to maritime cyber-attacks. The researchers also identified actual incidents in the maritime sector compromises in the shipping systems that have increased. Stakeholders in the maritime sector are not well prepared in addressing challenges such as vulnerabilities to safe navigation. The Automatic Identification System (AIS) spoofing event at Elba Island in late 2019 is one recent incident where maritime cyber security shows how navigation safety can be compromised (Androjna et al., 2020).
There are different types of threats to maritime cyber security, including those affecting vessels, security systems, and ports. Phishing is a common form of cyberattack where social engineering targets users who can provide their details and onboard vessels (Mraković &Vojinović, 2019). Data theft that can go on for long undetected and unauthorized entities downloading sensitive information and even deletion is also a concern (Mraković &Vojinović, 2019). International regulations and guidelines adopted are helpful in risk assessment; the guidelines lack details in conducting a risk assessment for different types of attacks. Still, the perceptions and attitudes of maritime professionals influence their actions, such as encryption.
Maritime Cyber Security Threats 
The maritime cyber system is vulnerable to different types of cyber-attacks. There is a need to implement effective maritime cyber security attacks unique to the sector and those in other industries. As part of loss prevention, there should be risk assessment and prioritization of high-risk areas with the potential for large losses (Daniel, 2015). Protecting the maritime assets emphasizes preventing unauthorized access from outsiders and allowing access to those authorized, which helps ensure the system is secure. Furthermore, adopting sound security policy and conducting inspections combined with penetration testing software help deal with the vulnerabilities.
Maritime cyber threats can affect one or more navigation system components, but it is easier to identify the threats and vulnerabilities (Svilicic et al., 2019). However, only a small proportion of seafarers have been trained and educated in maritime cyber security and threats. Maritime assets are susceptible to cyber-attacks. Svilicic et al. (2019) proposed conducting cyber risk assessment, including vulnerability analysis on a vessel's system, such as the navigation system at risk of cyberattacks. Analysis of the vulnerability of critical assets and penetration testing of networks also helped assess the risk levels. Cyber risk assessment is necessary to improve maritime cyber resilience. The article is relevant to the research. The researchers highlighted that updating the maritime systems would reduce threats and vulnerabilities on vessels while also making it easier to detect cyber threats.
Maritime Cyber Security Risk Assessment 
Kavallieratos and Katsikas (2020) highlighted that STRIDE and DREAD methodologies are helpful to assess cyber security threats and risks for cyber-enabled ships. STRIDE represents Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of privilege (Kavallieratos and Katsikas, 2020). On the other hand, DREAD represents Damage, Reproducibility, Exploitability, Affected users/systems, and Discoverability (Kavallieratos and Katsikas, 2020). Cyber risk management is essential to improve cyber security and protect vessels against different cyber threats. The STRIDE and DREAD risk analysis of cyber threats improves risk reduction by identifying and mitigating the threats. Identifying the potential threats helps improve system security as there is the identification of threats and vulnerabilities. 
Researchers have evaluated different risk management and control measures to protect maritime cyber systems and assets. Progoulakis et al. (2021) identified the NIST CSF and the MITRE ATT&CK threat models as part of security risk assessment to improve cyber security integrity. The research by Progoulakis et al. (2021) showed that implementing security measures to detect, control, and respond to cyber threats helps improve cyber security. However, improving cyber security resilience requires sensitizing stakeholders on cyber security awareness, and measures adopted should also target improved security of the physical assets. Knowledge and understanding of cyber threats in the maritime sector improve cyber security integrity as there are efforts to maintain high security and deal with vulnerabilities. 
There are low levels of cyber security, and the public's lack of knowledge on malicious activities in the maritime sector potentially affects maritime cyber-resilience. There is a slower response to protect maritime assets and cyber security than many other sectors, such as the financial industry, that are more sensitive to cyber threats (Alcaide & Llave, 2020). In the study by Alcaide & Llave (2020), the researchers surveyed maritime professionals to evaluate their cyber security knowledge and involvement in cyber incidents. The research also focused on cyber threats and maritime infrastructure, and there were gaps in cyber security knowledge, but training would improve cyber security resilience and reduce supply chain gridlock. 
Maritime cyber security regulations and resolutions are essential in enhancing and integrating maritime cyber risk management measures. Regulations also focus on related maritime cyber threats as automation in the maritime sector has increased the risk of cyberattacks, including threats targeting high-value information. Hopcraft & Martin (...