TY - JOUR
T1 - Vessels Cybersecurity: Issues, Challenges, and the Road Ahead
AU - Caprolu, Maurantonio
AU - Pietro, Roberto DI
AU - Raponi, Simone
AU - Sciancalepore, Savio
AU - Tedeschi, Pietro
N1 - Generated from Scopus record by KAUST IRTS on 2023-09-20
PY - 2020/6/1
Y1 - 2020/6/1
N2 - Vessels cybersecurity is gaining momentum as a result of a few recent attacks on vessels at sea. These recent attacks have shocked the maritime domain, which was thought to be relatively immune to cyber threats. That belief is now over, as proved by recent mandates issued by the International Maritime Organization. According to these regulations, all vessels should be the subject of a cybersecurity risk analysis, and technical controls should be adopted to mitigate the resulting risks. This initiative is laudable since, despite the recent incidents, the vulnerabilities and threats affecting modern vessels are still unclear to operating entities, leaving the potential for dreadful consequences of further attacks just a matter of "when,"not "if."In this contribution, we investigate and systematize the major security weaknesses affecting systems and communication technologies adopted in modern vessels. Specifically, we describe the architecture and main features of the different systems, pointing out their main security issues, and specifying how they were exploited by attackers to cause service disruption and relevant financial losses. We also identify a few countermeasures to the introduced attacks. Finally, we highlight a few research challenges to be addressed by industry and academia to strengthen vessels security.
AB - Vessels cybersecurity is gaining momentum as a result of a few recent attacks on vessels at sea. These recent attacks have shocked the maritime domain, which was thought to be relatively immune to cyber threats. That belief is now over, as proved by recent mandates issued by the International Maritime Organization. According to these regulations, all vessels should be the subject of a cybersecurity risk analysis, and technical controls should be adopted to mitigate the resulting risks. This initiative is laudable since, despite the recent incidents, the vulnerabilities and threats affecting modern vessels are still unclear to operating entities, leaving the potential for dreadful consequences of further attacks just a matter of "when,"not "if."In this contribution, we investigate and systematize the major security weaknesses affecting systems and communication technologies adopted in modern vessels. Specifically, we describe the architecture and main features of the different systems, pointing out their main security issues, and specifying how they were exploited by attackers to cause service disruption and relevant financial losses. We also identify a few countermeasures to the introduced attacks. Finally, we highlight a few research challenges to be addressed by industry and academia to strengthen vessels security.
UR - https://ieeexplore.ieee.org/document/9141222/
UR - http://www.scopus.com/inward/record.url?scp=85088499252&partnerID=8YFLogxK
U2 - 10.1109/MCOM.001.1900632
DO - 10.1109/MCOM.001.1900632
M3 - Article
SN - 1558-1896
VL - 58
SP - 90
EP - 96
JO - IEEE Communications Magazine
JF - IEEE Communications Magazine
IS - 6
ER -