Researchers at NHL Stenden University of Applied Sciences have launched the Maritime Cyber Attack Database (MCAD), a database of incidents involving the worldwide maritime sector.
he database contains over 160 incidents, including the location spoofing of NATO ships visiting Ukraine in the Black Sea in 2021. The incidents in the database demonstrate the relevance of cyber security across the board of today’s maritime industry and the vulnerabilities that exist.
The scope of what is possible today is surprising, so we need to educate governments and companies about these kind of cyber-attacks and help them understand not only how to react to them, but how to be prepared for them.
… said Stephen McCombie, professor of Maritime IT Security at NHL Stenden University of Applied Sciences and leader of the Maritime Cyber Attack Database (MCAD) team
Drawing from open source information, the NHL Stenden’s Maritime IT Security research group collected information on over 160 cyber incidents in the maritime industry for the MCAD. The database not only covers incidents impacting vessels, but also ports and other maritime facilities worldwide.
Now available publicly online, the research group expects the database will help improve cyber security awareness in the sector and provide data for further research and more accurate simulations in this critical area.
In recent years, cyber security has been a key challenge for shipping. Growing connectivity networks and digitalization efforts modernise shipping, but they also pose a severe danger to its integrity when attacked maliciously.
Key recommendations according to DNV:
- Consider cyber security as an enabler
- Treat cyber risks like safety risks in an operational setting
- Champion insight-sharing across the industry
- Reframe regulation as the baseline to improve cyber security posture
- Rethink how to manage supply chain vulnerabilities
- Resource a strategy for more effective training
- Maintain an ‘analogue fallback option’ amid the shift to connected systems.
Call to contribute
The Maritime IT Security research group would like to thank Ernst & Young for their contribution to the realisation of the MCAD project and other research initiatives in this critical area. To provide a complete overview of all cyber security threats worldwide, the research group is asking corporations and other research institutions to contribute to the database.