Maritime Cybersecurity -- The Book

Maritime Cybersecurity
A Guide for Leaders and Managers
Second Edition

by Gary C. Kessler & Steven D. Shepard

This Web page is devoted to providing updated or additional information with which to supplement Maritime Cybersecurity: A Guide for Leaders and Managers.

References

Ancillary Material

About the Authors and the Book

Page last updated: 22 March 2023

References

This section contains all references for the book plus additional resources.

Preface

Chapter 1. The Maritime Transportation System (MTS)

Chapter 2. Cybersecurity Basics

Chapter 3. Case Studies: Cyber Attacks on the Maritime Sector

Chapter 4. Ports and Cybersecurity

Chapter 5. Shipboard Communication Systems

Chapter 6. Navigation Systems

Chapter 7. Operational Technology and Autonomous Systems

Chapter 8. Strategies for Maritime Cyberdefense

Chapter 9. Concluding Thoughts

Preface

CEOs and CISOs Disagree on Cyber Strategies. (2020, May 20). Help Net Security. https://www.helpnetsecurity.com/2020/05/20/ceos-cisos-disparities/

Cimpanu, C. (2018, December 12). Ships Infected With Ransomware, USB Malware, Worms. ZDNet. https://www.zdnet.com/article/ships-infected-with-ransomware-usb-malware-worms/

Cook, K.S., & Nichols, D.L. (2017). Cyber Seaworthiness: A Call to Action. In DiRenzo III, J., Drumhiller, N.K., & Roberts, F.S. (Eds.) (2017). Issues in Maritime Cyber Security, pp. 81-85. Washington, D.C.: Westphalia Press.

DiRenzo III, J., Drumhiller, N.K., & Roberts, F.S. (Eds.) (2017). Issues in Maritime Cyber Security. Washington, D.C.: Westphalia Press.

Manyara, S. (2022, January 6). Rising Cyber Exposure in Asia Maritime Shipping. The Asset. https://www.theasset.com/viewpoint/45794/rising-cyber-exposure-in-asia-maritime-shipping

Maritime Cyber Attacks Increase 900%. (2020, July 20). MarineLink. https://www.marinelink.com/news/maritime-cyber-attacks-increase-480311

Marsh & Microsoft. (2019, September). 2019 Global Cyber Risk Perception Survey. https://www.microsoft.com/security/blog/wp-content/uploads/2019/09/Marsh-Microsoft-2019-Global-Cyber-Risk-Perception-Survey.pdf

Rundle, J. (2019, July 26). Coast Guard Details February Cyberattack on Ship. The Wall Street Journal. https://www.wsj.com/articles/coast-guard-details-february-cyberattack-on-ship-11564133401

U.S. Coast Guard (USCG). (n.d.). Maritime Cyber Readiness Branch. https://www.dco.uscg.mil/Our-Organization/CGCYBER/Maritime-Cyber-Readiness-Branch/

Waterman, S. (2019, March 28). Coast Guard 'Cyber Boarding' Shows Online Risks to Maritime Sector. Homeland Security Today. https://www.hstoday.us/federal-pages/dhs/uscg/coast-guard-cyber-boarding-shows-online-risks-to-maritime-sector/

Zheng, T.X. (2022, August 18). Bracing for the Rising Tide of Cyber Threats Against the Maritime Industry. Seatrade Maritime News. https://www.seatrade-maritime.com/opinions-analysis/bracing-rising-tide-cyber-threats-against-maritime-industry

[Top of Section | Top of Page]
Chapter 1. The Maritime Transportation System (MTS)

Akpan, F., Bendiab, G., Shiaeles, S., Karamperidis, S., & Michaloliakos, M. (2022,March 7). Cybersecurity Challenges in the Maritime Sector. Network, 2(1), 123-138. DOI: 10.3390/network2010009

Alderson, D.L., Funk, D., & Gera, R. (2020, December). Analysis of the Global Maritime Transportation System as a Layered Network. Journal of Transportation Security, 13, 291–325. DOI: 10.1007/s12198-019-00204-z

Bebbington, T. (2021, August 6). Cyberattack or Coincidence? Seatrade Maritime News. https://www.seatrade-maritime.com/regulation/less-25-bulkers-and-tankers-will-attain-eexi-compliance

Cohen, J. (2021). Where Zeros and Ones Sink Ships - Cyber Warfare Enters the Naval Battlespace. Naval Forces, 42(5), 49-51.

Cybersecurity and Infrastructure Security Agency (CISA). (2020, March 24). Critical Infrastructure Sectors. Department of Homeland Security (DHS). https://www.cisa.gov/critical-infrastructure-sectors

Daum, O. (2019, January). Cyber Security in the Maritime Sector. Journal of Maritime Law and Commerce, 50(1), 1-19.

Foote, R. (2017) Cybersecurity in the Marine Transportation Sector: Protecting Intellectual Property to Keep Our Ports, Facilities, and Vessels Safe from Cyber Threats. Cybaris, 8(2), article 3. https://open.mitchellhamline.edu/cgi/viewcontent.cgi?article=1073&context=cybaris

Jakobsen, E.W., Haugland, L.M., Abrahamoglu, S., Osman, M.S., Sewraz, D., & Dineshkar, B. (2022, January). The Leading Maritime Cities of the World 2022. Menon Economics and DNV. https://www.menon.no/wp-content/uploads/Leading-Maritime-Cities-of-the-world-2022-Final-report-12-Jan.pdf

Kessler, G.C. (2019, Spring). Cybersecurity in the Maritime Domain. Proceedings of the USCG Marine Safety & Security Council, 76(1), 34-39. https://www.dco.uscg.mil/Portals/9/DCO%20Documents/Proceedings%20Magazine/Archive/2019/Vol76_No1_Spring2019.pdf

Kiln. (n.d.). Ship Map. https://www.shipmap.org/

Mansouri, M., Gorod, A., Wakeman, T.H., & Sauser, B. (2009). A Systems Approach to Governance in Maritime Transportation System of Systems. Proceedings of the IEEE International Conference on System of Systems Engineering (SoSE). May 30 - June 3, Albuquerque, NM.

Oruç, A. (2020, October 5). Claims of State-Sponsored Cyberattack in the Maritime Industry. Proceedings of the International Naval Engineering Conference and Exhibition (INEC 2020). DOI: 10.24868/issn.2515-818X.2020.021

Shipowner.io. (2018). The World's First Distributed Ledger Platform Focused on Maritime Assets & Services. White Paper. https://shipowner.io/whitepaper

United Nations. (2019). Fact Sheet #13: World Seaborne Trade. U.N. Conference on Trade and Development (UNCTAD). https://unctad.org/en/PublicationChapters/tdstat44_FS13_en.pdf

United Nations. (2019). Fact Sheet #14: Merchant Fleet. U.N. Conference on Trade and Development (UNCTAD). https://unctad.org/en/PublicationChapters/tdstat44_FS13_en.pdf

United Nations. (2019). Fact Sheet #15: Maritime Transport Indicators. U.N. Conference on Trade and Development (UNCTAD). https://unctad.org/en/PublicationChapters/tdstat44_FS13_en.pdf

U.S. Coast Guard (USCG). (2018, October). Maritime Commerce Strategic Outlook. https://media.defense.gov/2018/Oct/05/2002049100/-1/-1/1/USCG%20MARITIME%20COMMERCE%20STRATEGIC%20OUTLOOK-RELEASABLE.PDF

Visky, G., Lavrenovs, A., Orye, E., Heering, D., Tam, K., & Maennel, O.M. (2022, March). Multi-Purpose Cyber Environment for Maritime Sector. International Conference on Cyber Warfare and Security, 17(1). DOI: 10.34190/iccws.17.1.26

Weaver, G.A., Feddersen, B., Marla, L., Wei, D., Rose, A., & Van Moera, M. (2022, April). Estimating Economic Losses From Cyber-attacks on Shipping Ports: An Optimization-based Approach. Transportation Research Part C: Emerging Technologies, 137. DOI: 10.1016/j.trc.2021.103423

[Top of Section | Top of Page]
Chapter 2. Cybersecurity Basics

Barker, W.C., Scarfone, K., Fisher, W., & Souppaya, M. (2021, June). Cybersecurity Framework Profile for Ransomware Risk Management. Preliminary Draft National Institute of Standards and Technology Interagency or Internal Report (NISTIR) 8374, U.S. Department of Commerce. https://csrc.nist.gov/CSRC/media/Publications/nistir/draft/documents/NIST.IR.8374-preliminary-draft.pdf

Barsky, N. (2021, August 31). The SEC Exposed Cybersecurity's Fatal Flaw - Executive Resistance To Bad News. Forbes. https://www.forbes.com/sites/noahbarsky/2021/08/31/the-sec-exposed-cybersecuritys-fatal-flaw---executive-resistance-to-bad-news/?sh=37c8b2922339

Biddle, S. (2016, August 19). The NSA Leak is Real, Snowden Documents Confirm. The Intercept. https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/

Bracken, B. (2021, November 30). Lloyd's Carves Out Cyber-Insurance Exclusions for State-Sponsored Attacks. threatpost. https://threatpost.com/lloyds-cyber-insurance-exclusions/176669/

Brenner, B. (2017, May 16). WannaCry: The Ransomware Worm That Didn't Arrive on a Phishing Hook. Naked Security. https://nakedsecurity.sophos.com/2017/05/17/wannacry-the-ransomware-worm-that-didnt-arrive-on-a-phishing-hook/

Caltagirone, S., Pendergast, A., & Betz, C. (2013, May 7). The Diamond Model of Intrusion Analysis. Technical Report, U.S. Department of Defense. https://apps.dtic.mil/sti/pdfs/ADA586960.pdf

Chambers, S. (2020, June 5). Number of Shipping Cyber Attacks Leaps 400% Since February. Splash247.com. https://splash247.com/number-of-shipping-cyber-attacks-leaps-400-since-february/

Cimpanu, C. (2020, August 2). Google: Eleven Zero-Days Detected in the Wild in the First Half of 2020. ZDNet. https://www.zdnet.com/article/google-eleven-zero-days-detected-in-the-wild-in-the-first-half-of-2020/

Cisco Systems. (n.d.). What is an Advanced Persistent Threat (APT)? https://www.cisco.com/c/en/us/products/security/advanced-persistent-threat.html

Cisco Systems. (n.d.). What is Malware? https://www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-malware.html

Coker, J. (2021, August 9). Average Ransomware Demands Surge by 518% in 2021. Information Security Magazine. https://www.infosecurity-magazine.com/news/ransomware-demands-surge-2021/

Collier, K. (2019, May 10). Crippling Ransomware Attacks Targeting US Cities on the Rise. CNN. https://www.cnn.com/2019/05/10/politics/ransomware-attacks-us-cities/index.html

Cook, S. (2020, June 15). 2018-2020 Ransomware Statistics and Facts. Comparitech. https://www.comparitech.com/antivirus/ransomware-statistics/

Cox, J. (2019, September 30). Legit-Looking iPhone Lightning Cables That Hack You Will be Mass Produced and Sold. Motherboard Tech by Vice. https://www.vice.com/en_us/article/3kx5nk/fake-apple-lightning-cable-hacks-your-computer-omg-cable-mass-produced-sold

Crawley, K. (2019, June 24). An Overview on Insider Attacks and Threat Awareness. AT&T Business. https://cybersecurity.att.com/blogs/security-essentials/insider-threats

Cybersecurity and Infrastructure Security Agency (CISA). (2021, December 23). Alert (AA21-356A): Mitigating Log4Shell and Other Log4j-Related Vulnerabilities. U.S. Department of Homeland Security (DHS). https://us-cert.cisa.gov/ncas/alerts/aa21-356a

Ebert, C., Rekik, Y., & Karade, R. (2020, March-April). Security Test. IEEE Software, 37(2), 13-20. DOI: 10.1109/MS.2019.2958354

Epsco-Ra Introduces New Cybersecurity Assessment Method. (2021, April 22). Digital Ship. https://thedigitalship.com/news/maritime-satellite-communications/item/7261-epsco-ra-introduces-new-cybersecurity-assessment-method

Farrell, H. (2017, April 15). Hackers Have Just Dumped a Treasure Trove of NSA Data. Here's What it Means. The Washington Post. https://www.washingtonpost.com/news/monkey-cage/wp/2017/04/15/shadowy-hackers-have-just-dumped-a-treasure-trove-of-nsa-data-heres-what-it-means/

FireEye. (n.d.). What is a Zero-Day Exploit? https://www.fireeye.com/current-threats/what-is-a-zero-day-exploit.html

Gatlan, S. (2021, June 30). CISA Releases New Ransomware Self-Assessment Security Audit Tool. BleepingComputer. https://www.bleepingcomputer.com/news/security/cisa-releases-new-ransomware-self-assessment-security-audit-tool/

Johnston, R.G. (2020, July). Security Maxims. Right Brain Sekurity. http://rbsekurity.com/Papers/Johnston_Security_Maxims.pdf

Kim, D. & Solomon, M.G. (2018). Fundamentals of Information Systems Security, 3rd. ed. Burlington, MA: Jones & Bartlett Learning.

Krebs, B. (2021, October 26). FBI Raids Chinese Point-of-Sale Giant PAX Technology. Krebs on Security. https://krebsonsecurity.com/2021/10/fbi-raids-chinese-point-of-sale-giant-pax-technology/

Křoustek, J. (2017, May 12). WannaCry Ransomware That Infected Telefonica and NHS Hospitals is Spreading Aggressively, With Over 50,000 Attacks So Far Today. Avast Blog. https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today

Kuhn, K. (2017, May-December). Cyber Risk Management in the Maritime Transportation System. Proceedings of the USCG Marine Safety & Security Council, 74(2), 65-69. https://www.dco.uscg.mil/Portals/9/DCO%20Documents/Proceedings%20Magazine/Archive/2017/Vol74_No2_May-Dec2017.pdf?ver=2018-01-23-080144-327

Lakshmanan, R. (2021, December 18). New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability. The Hacker News. https://thehackernews.com/2021/12/new-local-attack-vector-expands-attack.html
Mactavish, A. (2020, August 7). Cyber-Crime — A Continuing Concern. Seatrade Maritime News. https://www.seatrade-maritime.com/opinions-analysis/cyber-crime-continuing-concern

Maloney, S. (2018, January 9). What is an Advanced Persistent Threat (APT)? Cybereason. https://www.cybereason.com/blog/advanced-persistent-threat-apt

Malwarebytes. (n.d.). Malware. https://www.malwarebytes.com/malware/

Mandiant. (2013, February 18). APT1: Exposing One of China's Espionage Units. https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf

Mc Mahon, C. (2020, July 10). In Defence of the Human Factor. Frontiers of Psychology. DOI: 10.3389/fpsyg.2020.01390

Meland, P.H., Nesheim, D.A., Bernsmed, K., & Sindre, G. (2022, February). Assessing Cyber Threats for Storyless Systems. Journal of Information Security and Applications, 64, article 103050. DOI: 10.1016/j.jisa.2021.103050

Meskauskas, T. (2021, November 19). CoinTicker Trojan (Mac). PCrisk. https://www.pcrisk.com/removal-guides/13951-cointicker-trojan-mac

Microsoft. (n.d.). Support for Windows 7 Has Ended. https://www.microsoft.com/en-us/windows/windows-7-end-of-life-support-information

Microsoft. (n.d.). Support for Windows XP Ended. https://www.microsoft.com/en-us/microsoft-365/windows/end-of-windows-xp-support

Multi-State Information Sharing and Analysis Center (MS-ISAC). (2020, September). Ransomware Guide. Cybersecurity & Infrastructure Security Agency (CISA). https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C.pdf

Newman, L.H. (2017, May 12). The Ransomware Meltdown Experts Warned About is Here. WIRED. https://www.wired.com/2017/05/ransomware-meltdown-experts-warned/

Newman, L.H. (2021, December 18). 'The Internet Is on Fire.' WIRED. https://www.wired.com/story/log4j-flaw-hacking-internet/

Norton, Q. (2014, May 20). Everything is Broken. The Message. https://medium.com/message/everything-is-broken-81e5f33a24e1#.sc7pf19g3

Palmer, D. (2021, April 23). Ransomware's Perfect Target: Why One Industry Needs to Improve Cybersecurity, Before It's Too Late. ZDNet. https://www.zdnet.com/article/ransomwares-perfect-target-why-one-industry-needs-to-improve-cybersecurity-before-its-too-late/

Parker, D.B. (2015). Toward a New Framework for Information Security? In S. Bosworth, M.E. Kabay, & E. Whyne (Eds.), Computer Security Handbook, 6th ed., Hoboken, NJ: John Wiley & Sons, Inc.

Petersen, R., Santos, D., Wetzel, K.A., Smith, M.C., & Witte, G. (2020, November). Workforce Framework for Cybersecurity (NICE Framework), Revision 1. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-181, U.S. Department of Commerce. DOI: 10.6028/NIST.SP.800-181r1

Popa, B. (2017, November 7). Chinese Keyboard Maker Caught Tracking Typed Keys on CustomerÕs Computers. Softpedia News. https://news.softpedia.com/news/chinese-keyboard-maker-caught-tracking-types-keys-on-customer-s-computers-518423.shtml

Progoulakis, I., Nikitakos, N., Rohmeyer, P., Bunin, B., Dalaklis, D., & Karamperidis, S. (2021, January 22). Perspectives on Cyber Security for Offshore Oil and Gas Assets. Journal of Marine Science and Engineering, 9(2), 112. DOI: 10.3390/jmse9020112

Radware. (2017, March 13). History of DDoS Attacks. https://security.radware.com/ddos-knowledge-center/ddos-chronicles/ddos-attacks-history/

Ramzan, Z. (2010). Phishing Attacks and Countermeasures. In M. Stamp & P. Stavroulakis (Eds.), Handbook of Information and Communication Security, Berlin: Springer-Verlag.

Ranka, D. (2013, September 5). Inside Dalai Lama Website Attacks: Analyzing the 'Watering Hole Attacks.' Network Intelligence. https://niiconsulting.com/checkmate/2013/09/inside-dalai-lama-website-attacks-analyzing-watering-hole-attacks/

Rose, S. (2021, August 4). Planning for a Zero Trust Architecture: A Starting Guide for Administrators. National Institute of Standards and Technology (NIST) DRAFT White Paper, U.S. Department of Commerce. DOI: 10.6028/NIST.CSWP.08042021-draft

Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020, August). Zero Trust Architecture. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-207, U.S. Department of Commerce. DOI: 10.6028/NIST.SP.800-207

Ross, R., Pillitteri, V., Dempsey, K., Riddle, M., & Guissanie, G. (2020, February). Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, Revision 2. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, U.S. Department of Commerce. DOI: 10.6028/NIST.SP.800-171r2

Stewart, K.C., & Hoover, A. (2020, March 30). An Introduction to the Cybersecurity Maturity Model Certification. Software Engineering Institute blog, Carnegie Mellon University. https://insights.sei.cmu.edu/blog/an-introduction-to-the-cybersecurity-maturity-model-certification-cmmc/

Svilicic, B. , Kamahara, J., Rooks, M., & Yano, Y. (2019, September). Maritime Cyber Risk Management: An Experimental Ship Assessment. The Journal of Navigation, 72(5), 1108-1120. DOI: 10.1017/S0373463318001157

Symantec Security Response. (2012, December 31). Internet Explorer Zero-Day Used in Watering Hole Attack: Q&A. Symantec Official Blog. https://www.symantec.com/connect/blogs/internet-explorer-zero-day-used-watering-hole-attack-qa

Tam, K., Forshaw, K., & Jones, K. (2022, August 18). Method and System for Dynamically Assessing Current Risk Associated With a Maritime Activity. United States Patent Application 20220261483. https://www.freepatentsonline.com/20220261483.pdf

Tam, K., & Jones, K. (2019, January 28). MaCRA: A Model-based Framework for Maritime Cyber-risk Assessment. WMU Journal of Maritime Affairs, 18, 129-163. DOI: 10.1007/s13437-019-00162-2

Tischer, M., Durumeric, Z., Bursztein, E., & Bailey, M. (2017, March/April). The Danger of USB Drives. IEEE Security & Privacy, 15(2), 62-69. DOI: 10.1109/MSP.2017.41

Top 125 Network Security Tools. (n.d.). SecTools.Org. https://sectools.org/

U.S. Department of Justice, Cybersecurity & Infrastructure Security Agency (CISA), National Security Agency (NSA), Australian Cyber Security Centre, & U.K. National Cyber Security Centre. (2022, February 9). 2021 Trends Show Increased Globalized Threat of Ransomware. Joint Cybersecurity Advisory, Prodcut ID: AA22-040A. https://www.cisa.gov/uscert/ncas/alerts/aa22-040a

U.S. Department of Justice, National Security Agency (NSA), and Cybersecurity & Infrastructure Security Agency (CISA). (2022, February 16). Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Technology. Joint Cybersecurity Advisory, Prodcut ID: AA22-047A; TLP:WHITE. https://www.cisa.gov/uscert/ncas/alerts/aa22-047a

Whitman, M.E. & Mattord, H.J. (2018). Principles of Information Security, 6th. ed. Boston: Cengage Learning.

Zetter, K. (2014). Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon. New York: Crown.

[Top of Section | Top of Page]
Chapter 3. Case Studies: Cyber Attacks on the Maritime Sector

Abrams, L. (2018, August 28). Beware of Fake "Shipping Docs" Malspam Pushing the DarkComet RAT. Bleeping Computer. https://www.bleepingcomputer.com/news/security/beware-of-fake-shipping-docs-malspam-pushing-the-darkcomet-rat/

Australian Shipbuilder Austal Hit by Cyber Attack, Extortion Attempt. (2018, November 2). NavalToday.com. https://www.navaltoday.com/2018/11/02/australian-shipbuilder-austal-hit-by-cyber-attack-extortion-attempt/

Bank of England. (2022, January). General Insurance Stress Test 2022: Scenario Specification, Guidelines and Instructions (DRAFT). Prudential Regulation Authority. https://www.bankofengland.co.uk/-/media/boe/files/prudential-regulation/letter/2022/january/general-insurance-stress-test-2022-instructions.pdf

Bankes-Hughes, L. (2015, August 27). Global: Limassol-based Shipping Company Victim of Cyber Fraud. Bunkerspot. https://www.bunkerspot.com/latest-news/40447-global-limassol-based-shipping-company-victim-of-cyber-fraud

Birkett, H. (2015, August 27). Hackers Steal $644,000 From a Cyprus Shipping Company. Splash247.com. https://splash247.com/hackers-steal-644000-from-a-cyprus-shipping-company/

Bogle, A. (2018, March 15). Svitzer Employee Details Stolen in Data Breach Affecting Almost Half of its Australian Employees. ABC News. https://www.abc.net.au/news/2018-03-15/sensitive-data-stolen-from-global-shipping-company-svitzer/9552600

Burgess, J. (2013, April 30). Offshore Drill Rigs at Threat From Computer Viruses. Oilprice.com. https://oilprice.com/Latest-Energy-News/World-News/Offshore-Drill-Rigs-at-Threat-from-Computer-Viruses.html

Chambers, S. (2020, April 10). MSC Website Down, Carrier Admits it Might Have Been Hit by Malware. Splash247.com. https://splash247.com/msc-website-down-carrier-admits-it-might-have-been-hit-by-malware/

Chesney, R. (2021, August 25). SolarWinds and the Holiday Bear Campaign: A Case Study for the Classroom. LAWFARE. https://www.lawfareblog.com/solarwinds-and-holiday-bear-campaign-case-study-classroom
Chevron Says Hit by Stuxnet Virus in 2010. (2012, November 9). Phys.org. https://phys.org/news/2012-11-chevron-stuxnet-virus.html

Chinese hackers target dozens of universities in a bid to steal maritime military secrets. (2019, March 6). Cyware Hacker News. https://cyware.com/news/chinese-hackers-target-dozens-of-universities-in-a-bid-to-steal-maritime-military-secrets-2e8f4fd9

Cimpanu, C. (2018, December 12). Ships Infected with Ransomware, USB Malware, Worms. ZDNet. https://www.zdnet.com/article/ships-infected-with-ransomware-usb-malware-worms/

Court Backs World Fuel Services Following $17M Bunker Theft. (2016, June 9). Ship & Bunker. https://shipandbunker.com/news/world/340232-court-backs-world-fuel-services-following-17-million-bunker-theft

Cybersecurity & Infrastructure Security Agency (CISA). (2020, January 2). Alert (AA19-339A): Dridex Malware. U.S. Department of Homeland Security (DHS). https://www.us-cert.gov/ncas/alerts/ aa19-339a

Cybersecurity & Infrastructure Security Agency (CISA). (2020, January 23). Alert (TA18-201A): Emotet Malware. U.S. Department of Homeland Security (DHS). https://www.us-cert.gov/ncas/alerts/TA18-201A

Dapena, K., & Moriarty, D. (2021, March 31). America's Imports Are Stuck on Ships Floating Just Off Los Angeles. The Wall Street Journal. https://www.wsj.com/articles/americas-imports-are-stuck-on-ships-floating-just-off-los-angeles-11617183002

Egozi, A. (2021, October 5). US Presses Israel On Haifa Port Amid China Espionage Concerns: Sources. Breaking Defense. https://breakingdefense.com/2021/10/us-presses-israel-on-haifa-port-amid-china-espionage-concerns-sources/

Escobar, M.C. (2020, March 4). Carnival Corp. Announces Data Breach Affecting Two of its Cruise Lines. Hospitality Technology. https://hospitalitytech.com/carnival-corp-announces-data-breach-affecting-two-its-cruise-lines

Federal Bureau of Investigation (FBI). (n.d.). Intellectual Property Theft/Piracy. FBI Web site. https://www.fbi.gov/investigate/white-collar-crime/piracy-ip-theft

Field, M. (2018, October 11). WannaCry Cyber Attack Cost the NHS £92M as 19,000 Appointments Cancelled. The Telegraph. https://www.telegraph.co.uk/technology/2018/10/11/wannacry-cyber-attack-cost-nhs-92m-19000-appointments-cancelled/

Garmin-owned Navigation Company Accidently Exposed Data of Thousands of Boat Owners. (2018, October 9). Cyware Hacker News. https://cyware.com/news/garmin-owned-navigation-company-accidentally-exposed-data-of-thousands-of-boat-owners-f4709e17

Ghosh, A. (2017, May 16). WannaCry: List of Major Companies and Networks Hit by Ransomware Around the Globe. International Business Times. https://www.ibtimes.co.uk/wannacry-list-major-companies-networks-hit-by-deadly-ransomware-around-globe-1621587

Greenberg, A. (2018, August 22). The Untold Story of NotPetya, the Most Devastating Cyberattack in History. WIRED. https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/

Greenberg, A. (2019). SANDWORM. New York: Doubleday.

Hamill-Stewart, J., & Sallay, A. (ed.). (2022, December 19). Hackers Have Found a New Incentive to Target Shipping. The Maritime Executive. https://www.maritime-executive.com/editorials/hackers-have-found-a-financial-incentive-to-target-shipping

Harrington, K. (2013, March 7). Malware Infects Gulf of Mexico Offshore Rigs. ChEnected. https://www.aiche.org/chenected/2013/03/malware-infects-gulf-mexico-offshore-rigs

Herr, T., Loomis, W., Schroeder, E., Scott, S., Handler, S., & Zuo, T. (2021, March). Broken Trust: Lessons from Sunburst. Cyber Statecraft Initiative, Scowcroft Center for Strategy and Security, Atlantic Council. https://www.atlanticcouncil.org/wp-content/uploads/2021/03/BROKEN-TRUST.pdf

Hochfelder, B. (2018, April 30). Cyber Pirates: The Latest Treat to Ocean Shipping. Supply Chain Dive. https://www.supplychaindive.com/news/ocean-shipping-carriers-cyber-risk/522417/

Holt, S.M. (2022, November 20). Cyber Pirates. The Maritime Executive. https://www.maritime-executive.com/magazine/cyper-pirates

Hsieh, L. (2015, September 8). Drilling Cybersecurity. Drilling Contractor. https://www.drillingcontractor.org/drilling-cybersecurity-36727

International Maritime Organization (IMO). (n.d.). AIS Transponders. https://www.imo.org/en/OurWork/Safety/Pages/AIS.aspx

INTERTANKO. (2019). Jamming and Spoofing of Global Navigation Satellite Systems (GNSS). https://www.maritimeglobalsecurity.org/media/1043/2019-jamming-spoofing-of-gnss.pdf

Jones, K.D., Tam, K., & Papadaki, M. (2016). Threat and Impacts in Maritime Cyber Security. Engineering & Technology Reference. https://www.researchgate.net/profile/Kevin_Jones62/publication/304263412_Threats_and_Impacts_in_Maritime _Cyber_Security/links/5a38e96caca272a6ec1f10a9/Threats-and-Impacts-in-Maritime-Cyber-Security.pdf

Keller, J. (2019, March 13). U.S. Navy Under Cyber Attack From Chinese Hackers and Hemorrhaging National-Security Secrets. Military & Aerospace Electronics. https://www.militaryaerospace.com/articles/pt/2019/03/cyber-attack-navy-chinese-hackers.html

Kovacs, E. (2018, July 26). Shipping Giant COSCO Hit by Ransomware. SecurityWeek. https://www.securityweek.com/shipping-giant-cosco-hit-ransomware

Krebs, B. (2017, March 8). WikiLeaks Dumps Docs on CIA's Hacking Tools. Krebs on Security. https://krebsonsecurity.com/2017/03/wikileaks-dumps-docs-on-cias-hacking-tools/

Kynge, J., Campbell, C., Kazmin, A., & Bokhari, F. (2017, January 12). How China Rules The Waves. Financial Times. https://ig.ft.com/sites/china-ports/

Lazenby, H. (2015, February 2). Nautilus Minerals Falls Victim to Cyber Scam, Prepays $10M Into Wrong Account. Mining Weekly. http://www.miningweekly.com/article/nautilus-minerals-the-victim-of-a-cyber-scam-prepays-10m-to-wrong-account-2015-02-02

Lillis, K.B., Bertrand, N., & Atwood, K. (2021, November 19). Construction Halted on Secret Project at Chinese Port in UAE After Pressure From US, Officials Say. CNN. https://www.cnn.com/2021/11/19/politics/china-uae-us-construction-port/index.html

Malaysian Bunker Company Loses More Than $1 Million in Email Scam. (2017, June 12). Asia/Pacific News. https://shipandbunker.com/news/apac/509648-malaysian-bunker-company-loses-more-than-1-million-in-email-scam

MalwareTech. (2017, May 13). How to Accidently Stop a Global Cyber Attacks. MalwareTech Blog. https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html

Microsoft. (n.d.). Support for Windows XP Ended. https://www.microsoft.com/en-us/microsoft-365/windows/end-of-windows-xp-support

Microsoft. (2017, March 14). Microsoft Security Bulletin MS17-010 - Critical: Security Update for Microsoft Windows SMB Server (4013389). https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2017/ms17-010

Microsoft. (2018, August 3). Trojan:Win32/EternalBlue. Microsoft Security Intelligence. https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/EternalBlue&ThreatID=-2147239042

Munro, K. (2018, January 9). Hacking Maritime IFTFCC Messaging for Invoice Fraud. Pen Test Partners. https://www.pentestpartners.com/security-blog/hacking-maritime-iftfcc-messaging-for-invoice-fraud/

Newman, N. (2019, April 18). Cyber Pirates Terrorising the High Seas. Engineering and Technology. https://eandt.theiet.org/content/articles/2019/04/cyber-pirates-terrorising-the-high-seas/

Olenick, D. (2018, October 9). Navionics' Misconfigured MongoDB Server Exposes 260,000 Records. SC Magazine. https://www.scmagazine.com/home/news/navionics-misconfigured-mongodb-server-exposes-260000-records/

Palmer, D. (2017, August 16). Petya Ransomware: Cyberattack Costs Cold Hit $300M for Shipping Giant Maersk. ZDNet. http://www.zdnet.com/article/petya-ransomware-cyber-attack-costs-could-hit-300m-for-shipping-giant-maersk/

Pham, S. (2018, March 23). How Much has the US Lost From China's IP Theft? CNN Business. https://money.cnn.com/2018/03/23/technology/china-us-trump-tariffs-ip-theft/index.html

Pickrell, R. (2019, March 13). The US Navy and its Partners are 'Under Cyber Siege' From Chinese Hackers and are Hemorrhaging National-Security Secrets. Business Insider India. https://www.businessinsider.in/The-US-Navy-and-its-partners-are-under-cyber-siege-from-Chinese-hackers-and-are-hemorrhaging-national-security-secrets/articleshow/68383668.cms

Rajamanickam, V. (2018, July 27). COSCO's Cyber Attack and the Importance of Maritime Cybersecurity. American Shipper. https://www.freightwaves.com/news/technology/coscos-cyber-attack-and-the-importance-of-maritime-cybersecurity

Rohan, R. (2023, February 28). Identifying Commonalities of Cyberattacks Against the Maritime Transportation System. Proceedings of the 18th International Conference on Cyber Warfare and Security, 9-10 March 2023. DOI: 10.34190/iccws.18.1.965

Rüegamer, A., & Kowalewski, D. (2015). Jamming and Spoofing of GNSS Signals - An Underestimated Risk?! FIG Working Week 2015: From the Wisdom of the Ages to the Challenges of the Modern World, Sofia, Bulgaria, 17-21 May 2015. https://fig.net/resources/proceedings/fig_proceedings/fig2015/papers/ts05g/TS05G_ruegamer_kowalewski_7486.pdf

Scimia, E. (2019, June 2). China-Operated Ports Raise Security Fears for US, NATO. Asia Times. https://www.asiatimes.com/2019/06/article/are-chinese-operated-ports-a-security-risk-for-us-nato/

Scroxton, A. (2020, August 18). Carnival Cruise Lines Hit by Ransomware, Customer Data Stolen. ComputerWeekly.com. https://www.computerweekly.com/news/252487779/Carnival-cruise-lines-hit-by-ransomware-customer-data-stolen

Shen, C., & Baker, J. (2020, September 28). CMA CGM Confirms Ransomware Attack. Lloyd's List Maritime Intelligence. https://lloydslist.maritimeintelligence.informa.com/LL1134044/CMA-CGM-confirms-ransomware-attack

Simms, R. (2020, March 2). Cruise Line Hack Exposes Personal and Financial Data. Cruiseradio.net. https://cruiseradio.net/cruise-line-hack-exposes-personal-and-financial-data/

Sonnemaker, T. (2020, August 3). Garmin Reportedly Paid Hackers a Multimillion Dollar Ransom to Recover Files After a Cyberattack That Left Their Services Offline for Several Days Last Month. Business Insider. https://www.businessinsider.com/garmin-paid-multimillion-dollar-ransom-to-hackers-report-2020-8

Swinhoe, D. (2019, October 9). Rebuilding After NotPetya: How Maersk Moved Forward. CSO. https://www.csoonline.com/article/3444620/rebuilding-after-notpetya-how-maersk-moved-forward.html

Targett, E. (2018, July 30). COSCO: Shipping Giant's IT Systems Recovered. Computer Business Review. https://www.cbronline.com/news/costco-online

The Theft of Up to $600 Billion of American IP Annually Calls for a Decisive Response, Says IP Commission. (2018, March 8). The IP Commission. https://www.nbr.org/wp-content/uploads/pdfs/press_releases/ip_commission_press_release_030818.pdf

Truong, K. (2020, July 28). The Garmin Ransomware Hack is Horrifying. Vice. https://www.vice.com/en_us/article/5dzkd5/the-garmin-ransomware-hack-is-horrifying

U.S. Coast Guard (USCG). (2020, September 30). Malicious Email Spoofing Incidents. Marine Safety Information Bulletin (MSIB 19-20). https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/MSIB/2020/USCG-MSIB-19-20-CYBER-SPOOFING.pdf

Warren, T. (2017, May 31). Microsoft Issues "Highly Unusual" Windows XP Patch to Prevent Massive Ransomware Attack. The Verge. https://www.theverge.com/2017/5/13/15635006/microsoft-windows-xp-security-patch-wannacry-ransomware-attack

Worthington, B. (2018, November 2). Explainers: Here's What You Need to Know About the Austal Cyber Attack and Extortion Attempt. ABC News. https://www.abc.net.au/news/2018-11-02/austal-ship-cyber-attack-and-extortion-attempt-national-security/10458982

Zetter, K. (2014). Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon. New York: Crown.

Zorabedian, J. (2016, March 7). Pirates Hacked Shipping Company to Steal Infor for Efficient Hijackings. Naked Security. https://nakedsecurity.sophos.com/2016/03/07/pirates-hacked-shipping-company-to-steal-info-for-efficient-hijackings/

[Top of Section | Top of Page]
Chapter 4. Ports and Cybersecurity

Achten, N. (2019, September 30). New U.N. Debate on Cybersecurity in the Context of International Security. Lawfare Blog. https://www.lawfareblog.com/new-un-debate-cybersecurity-context-international-security

Atkinson, H. (2022, July 28). Why Suppliers Must Be Part of Cyber-Risk Strategy. SupplyChainBrain. https://www.supplychainbrain.com/articles/35394-your-suppliers-need-to-be-part-of-your-cyber-risk-strategy

Baker, R. (2020, November 30). Maritime OSINT: Port Analysis. wondersmith_rae blog. https://wondersmithrae.medium.com/maritime-osint-port-analysis-d09b4531728d

Barnes, P., & Oloruntoba, R. (2005). Assurance of Security in Maritime Supply Chains: Conceptual Issues of Vulnerability and Crisis Management. Journal of International Management, 11(4), 519-540. DOI: 10.1016/j.intman.2005.09.008

Barrett, R. (2022, July 13). How America's Ports Defend Against Cyberthreats. StateTech. https://statetechmagazine.com/article/2022/07/how-americas-ports-defend-against-cyberthreats

Boyens, J., Paulsen, C., Moorthy, R., & Bartol, N. (2015, April). Supply Chain Risk Management Practices for Federal Information Systems and Organizations. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-161, U.S. Department of Commerce. DOI: 10.6028/NIST.SP.800-161

Brigham, L. (2021, May). The Suez Canal and Global Trade Routes. Proceedings of the U.S. Naval Institute, 147(5). https://www.usni.org/magazines/proceedings/2021/may/suez-canal-and-global-trade-routes

Chambers, S. (2018, November 29). Iranians Behind San Diego Port Ransomware Attack. Splash247.com. https://splash247.com/iranians-behind-san-diego-port-ransomware-attack/

Cimpanu, C. (2018, September 27). Port of San Diego Suffers Cyber-Attack, Second Port in a Week After Barcelona. ZDNet. https://www.zdnet.com/article/port-of-san-diego-suffers-cyber-attack-second-port-in-a-week-after-barcelona/

Corrigan, J. (2019, February 20). Supply Chain Attacks Spiked 78 Percent in 2018, Cyber Researchers Found. Nextgov. https://www.nextgov.com/cybersecurity/2019/02/supply-chain-attacks-spiked-78-percent-2018-cyber-researchers-found/154996/

Cybersecurity & Infrastructure Security Agency (CISA). (2018, March 16). Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors. National Cyber Awareness System Alert, TA18-074A. U.S. Department of Homeland Security (DHS). https://www.us-cert.gov/ncas/alerts/TA18-074A

Cybersecurity & Infrastructure Security Agency (CISA). (2020, February). Port Facility Cybersecurity Risks. U.S. Department of Homeland Security (DHS). https://www.cisa.gov/sites/default/files/publications/port-facility-cybersecurity-risks-infographic_508.pdf

Daffron, J., Ruffle, S., Coburn, A., Quantrill, K., Strong, K., & Leverett, E. (2019). Shen Attack: Cyber Risk in Asia Pacific Ports. Cambridge Centre for Risk Studies. https://assets.lloyds.com/assets/pdf-cyrim-shen-attack-final-report/1/pdf-cyrim-shen-attack-final-report.pdf

DOT Launches New Marine Highway Module of Port Planning and Investment Toolkit. (2020, October 15). Homeland Security Today. https://www.hstoday.us/subject-matter-areas/transportation/dot-launches-new-marine-highway-module-of-port-planning-and-investment-toolkit/

Drougkas, A., Sarri, A., Kyranoudi, P. (2020, December). CYBER RISK MANAGEMENT FOR PORTS: Guidelines for Cybersecurity in the Maritime Sector. ENISA. https://www.enisa.europa.eu/publications/guidelines-cyber-risk-management-for-ports/at_download/fullReport

Drougkas, A., Sarri, A., Kyranoudi, P., & Zisi, A. (2019, November). Port Cybersecurity. European Union Agency for Cybersecurity (ENISA). https://www.enisa.europa.eu/publications/port-cybersecurity-good-practices-for-cybersecurity-in-the-maritime-sector/at_download/fullReport

Elkins, L. (2019, November 5). The 6th Warfighting Domain. Over The Horizon. https://othjournal.com/2019/11/05/the-6th-warfighting-domain/

Esage, A. (2018, September 26). Hacking Attack in Port of Barcelona. Information Security Newspaper. https://www.securitynewspaper.com/2018/09/26/hacking-attack-in-port-of-barcelona/

Fredrickson, K. (2021, May 9). Marine Transportation System (MTS) Cyber Spotlight: Approaching deadlines for incorporating cyber into Facility Security Assessments (FSA) and Facility Security Plans (FSP). Coast Guard Maritime Commons. https://mariners.coastguard.blog/2021/05/09/marine-transportation-system-mts-cyber-spotlight/

Hale, Z. (2018, March 13). Port of Longview Hit With Major Cyberattack. The Daily News. http://tdn.com/news/local/port-of-longview-hit-with-major-cyberattack/article_25102b63-d897-5cfd-b16b-ffec70545d1d.html

International Association of Ports and Harbors (IAPH). (2021, July 2). Cybersecurity Guidelines for Ports and Port Facilities, v 1.0. https://sustainableworldports.org/wp-content/uploads/IAPH-Cybersecurity-Guidelines-version-1_0.pdf

Holt, S.M. (2021, December 12). Is the Global Supply Chain the Next Big Cyber Target? The Maritime Executive. https://www.maritime-executive.com/magazine/is-the-global-supply-chain-the-next-big-cyber-target

Iran: One of 2 Cyberattack Targets was Country's Ports. (2020, October 16). Asharq Al-Awsat. https://english.aawsat.com/home/article/2567991/iran-one-2-cyberattack-targets-was-countrys-ports

ISRAEL: Water Command and Control Infrastructure Came Under Cyber-Attack. (2020, May 10). SyriacPress. https://syriacpress.com/blog/2020/05/10/israel-israeli-water-infrastructure-came-cyber-attacked/

Joffre, T. (2020, May 11). Cyber Attack Targets Iranian Port Near Strait of Hormuz. The Jerusalem Post. https://www.jpost.com/breaking-news/cyber-attack-targets-iranian-port-near-strait-of-hormuz-627616

Kim, N., Herr, T., & Schneier, B. (2020, June). The Reverse Cascade: Enforcing Security on the Global IoT Supply Chain. Cyber Statecraft Initiative, Scowcroft Center for Strategy and Security, Atlantic Council. https://www.atlanticcouncil.org/wp-content/uploads/2020/06/Reverse-Cascade-Report-web.pdf

Kochetkova, K. (2015, May 22). Maritime Industry is Easy Meat For Cyber Criminals. Kaspersky Daily. https://www.kaspersky.com/blog/maritime-cyber-security/8796/

Konrad, J. (2022, July 24). Port Of LA Calls FBI After Cyber Attacks Double. gCaptain. https://gcaptain.com/port-of-la-calls-fbi-after-cyber-attacks-double/

Kovacs, E. (2018, September 28). Port of San Diego Hit by Ransomware. SecurityWeek. https://www.securityweek.com/port-san-diego-hit-ransomware

Kuhn, K., Kipkech, J., & Shaikh, S. (2021, June). Maritime Ports and Cybersecurity. In M. Fiorini & N. Gupta (eds.), ICT Solutions and Digitalisation in Ports and Shipping, Institution of Engineering and Technology, Chap. 2, pp. 37-68. https://www.researchgate.net/profile/Kristen-Kuhn-3/publication/353218415_Maritime_ports_and_cybersecurity/links/621f73d439529602315b02cd/Maritime-ports-and-cybersecurity.pdf

Lampert, E. (2019, March 14). Port Security is so Much More Than Guns, Gates, and Guards. Riviera. https://www.rivieramm.com/news-content-hub/news-content-hub/port-security-is-so-much-more-than-guns-gates-and-guards-54177

Liu, H., Tian, Z., Huang, A., & Yang, Z. (2018, January). Analysis of Vulnerabilities in Maritime Supply Chains. Reliability Engineering & System Safety, 169, 475-484. DOI: 10.1016/j.ress.2017.09.018

Loock, J. (2019, May 23). Singapore Opens Maritime Cybersecurity Operations Centre (MSOC). Maritime Security Review. http://www.marsecreview.com/2019/05/singapore-opens-maritime-cybersecurity-operations-centre-msoc/

Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO). (2017, September 27). W2 Social Engineering Incident Affecting U.S. Port. Tactical Intelligence Cyber Report TR-127-2017.

Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO). (2018, February 20). Imposter Phone Lure. Warning Report MPS-2018-002.

Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO). (2018, June 8). Successful Phish Leads to Secondary Attacks. Warning Report WR-18-0013.

McNicholas, M.A. (Ed.) (2016). Maritime Security: An Introduction, 2/e. Amsterdam: Elsevier.

Mims, C. (2021). Arriving Today: From Factory to Front Door — Why Everything Has Changed About How and What We Buy. New York: Harper Business.

Moara-Nkwe, K., Tam, K., Hopcraft, R., & Jones, K. (2022, August). Simulation Modelling of Maritime Port Operations: Analysing the Impacts of Disruptions on Ports. Maritime Cyber Threats Research Group, University Of Plymouth. https://www.researchgate.net/publication/362518077_Simulation_Modelling_of_Maritime_Port_Operations_Analysing_the_Impacts_of_Disruptions_on_Ports

Mongelluzzo, B. (2019, April 26). Port of LA Enlists Industry to Fend Off Cyber Threats. Joc.com. https://www.joc.com/port-news/us-ports/port-los-angeles/port-la-enlists-industry-fend-cyber-threats_20190426.html

Munro, K. (2018, September 21). Container Theft, the Legal System, and Poor Maritime Security. Pen Test Partners. https://www.pentestpartners.com/security-blog/container-theft-the-legal-system-and-poor-maritime-security/

Pasternack, A. (2013, October 21). To Move Drugs, Traffickers Are Hacking Shipping Containers. Motherboard. https://motherboard.vice.com/en_us/article/bmjgk8/how-traffickers-hack-shipping-containers-to-move-drugs

Petta, M.C. (2021, September 29). Port Cybersecurity: Incorporating the IAPH's New Guidelines into the ISPS Code. Center for International Maritime Security (CIMSEC. target="x"> https://cimsec.org/incorporating-the-iaphs-new-cybersecurity-guidelines-into-the-international-ship-and-port-facility-security-code/

Polemi, N. (2018). Port Cybersecurity: Securing Critical Information Infrastructures and Supply Chains. Amsterdam: Elsevier.

Port Technology International Team. (2022, January 25). Port of Los Angeles Launches Cyber Resilience Center. Port Technology. https://www.porttechnology.org/news/port-of-los-angeles-launches-cyber-resilience-center/

Rowsell, J. (2021, August 3). Supply Chain Cyber Attacks to 'Quadruple.' Supply Management. https://www.cips.org/supply-management/news/2021/august/supply-chain-cyber-attacks-to-quadruple/

Ross, J.A.J., Walker, D.J., Tam, K., & Jones, K.D. (2022, June 1). Towards a Digital Twin of a Complex Maritime Site for Multi-Objective Optimization. University of Plymouth Pedagogic Research and Development Database. http://hdl.handle.net/10026.1/19279

Scully, B.M., & Chambers, K.F. (2019, Septeber 12). Measuring Port Disruptions with Automatic Identification System Data. In P. Jain & W.S. Stahlman III (eds.), Ports 2019: Port Planning and Development, Reston, VA: American Society of Civil Engineers, pp. 311-321. DOI: 10.1061/9780784482629.030

Tam, K., Hopcraft, R., Moara-Nkwe, K., Misas, J.P., Andrews, W., Harish, A.V., Giménez, P, Crichton, T., & Jones, K. (2021, December 6). Case Study of a Cyber-Physical Attack Affecting Port and Ship Operational Safety. Journal of Transportation Technologies, 12(1), 1-27. DOI: 10.4236/jtts.2022.121001

U.S. Coast Guard (USCG). (n.d.). U.S. Coast Guard Maritime Security (MARSEC) Levels. https://www.uscg.mil/What-Is-MARSEC/

U.S. Coast Guard (USCG). (2023, January). Maritime Cybersecurity Assessment and Annex Guide (MCAAG). USCG Office of Port & Facility Compliance - Cybersecurity and USCG Cyber Command - Maritime Cyber Readiness Branch. https://dco.uscg.mil/Portals/9/CG-FAC/Documents/Maritime%20Cyber%20Assessment%20%20Annex%20Guide%20(MCAAG)_released%2023JAN2023.pdf?ver=NE11YUspj_kNa3xRoMd0TQ%3d%3d

Warrick, J., & Nakashima, E. (2020, May 18). Officials: Israel Linked to a Disruptive Cyberattack on Iranian Port Facility. The Washington Post. https://www.washingtonpost.com/national-security/officials-israel-linked-to-a-disruptive-cyberattack-on-iranian-port-facility/2020/05/18/9d1da866-9942-11ea-89fd-28fb313d1886_story.html

Watkins, E. (2019, April 26). Port of Los Angeles Moves to Counter Maritime Cyber Crime. Lloyd's List. https://lloydslist.maritimeintelligence.informa.com/LL1127221/Port-of-Los-Angeles-moves-to-counter-maritime-cyber-crime

Wingrove, M. (2020, November 23). Cyber Attack Shuts Down US Port Servers. https://www.rivieramm.com/news-content-hub/news-content-hub/cyber-attack-shuts-down-us-port-servers-61955

Young, D.L., Scully, B.M., & Chambers, K.F. (2022, March 16). Resilience-Focused Analysis of the United States Maritime Transportation System Using Automatic Identification System Data. Transportation Research Record: Journal of the Transportation Research Board, 2676(7), 726-742. DOI: 10.1177/03611981221082561

[Top of Section | Top of Page]
Chapter 5. Shipboard Communication Systems

Atlas Obscura. (n.d.). The Zenobia Shipwreck. https://www.atlasobscura.com/places/the-zenobia-shipwreck-larnaca-cyprus

Bacon, J. (2019, September 9.) Four Missing After Ship Capsizes, Burns Near Georgia Coast. USA Today. https://www.usatoday.com/story/news/nation/2019/09/08/four-missing-after-ship-capsizes-burns-near-georgia-coast/2255568001/

CERT Coordination Center (CERT/CC). (2018, October 16). Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App. Vulnerability Note VU#176301. Carnegie Mellon University, Software Engineering Institute. https://www.kb.cert.org/vuls/id/176301/

Chowdhury, S. (2016, January 20). Italian Marines Case: Two Killings at Sea, An International Legal Battle. The Indian Express. https://indianexpress.com/article/explained/simply-put-2-killings-at-sea-an-international-legal-battle/

Clifton, P. (2016, March 17). Hoegh Osaka Ship Was 'Unstable' When it Left Southampton Port. BBC. https://www.bbc.com/news/uk-england-hampshire-35823182

Cyber Pirates Prowling Ship Controls Threaten Another Big Shock. (2022, July 11). SupplyChainBrain. https://www.supplychainbrain.com/articles/35287-cyber-pirates-prowling-ship-controls-threaten-another-big-shock

Degnarain, N. (2020, November 6). Captain's Noon Reports Crucial Missing Evidence For Mauritius Oil Spill Ship. Forbes. https://www.forbes.com/sites/nishandegnarain/2020/11/06/captains-noon-reports-crucial-missing-evidence-for-mauritius-oil-spill-ship/?sh=16f204841a67

Dewey, C.M. (2016, December 19). Pentesting Cruise Ships OR Hacking the High Seas [video]. Hackfest HF. https://www.youtube.com/watch?v=-LmM43dz7vo

Fantasia & Fiesta. (n.d.). Forgotten Sister: The Zenobia Story. http://www.hhvferry.com/zenobia.html

Franceschi-Bicchierai, L. (2015, December 9). Pirate Hackers Can Easily Spy on Ships Through Insecure 'Black Boxes.' Motherboard. https://motherboard.vice.com/en_us/article/53dzn5/pirate-hackers-can-easily-spy-on-ships-through-insecure-black-boxes

Goodin, D. (2020, August 5). Insecure Satellite Internet is Threatening Ship and Plane Safety. Ars Technica. https://arstechnica.com/information-technology/2020/08/insecure-satellite-internet-is-threatening-ship-and-plane-safety/

Hamilton, M.K. (2019). 4 Tips for Cruise Ship Cybersecurity. Critical Insight. https://www.criticalinsight.com/resources/news/article/4-tips-for-cruise-ship-cybersecurity

Harish, A.V., Tam, K., & Jones, K. (2022, November). Investigating the Security and Accessibility of Voyage Data Recorder Data Using a USB Attack. Proceedings of CYBER 2022 : The Seventh International Conference on Cyber-Technologies and Cyber-Systems. https://www.researchgate.net/profile/Kimberly-Tam/publication/365365607_Investigating_the_Security_and_Accessibility_of_Voyage_Data_Recorder_Data_using_a_USB_attack/links/6372430154eb5f547cd13623/Investigating-the-Security-and-Accessibility-of-Voyage-Data-Recorder-Data-using-a-USB-attack.pdf

Iran's Secret Cyber Files On How Cargo Ships and Petrol Stations Could Be Attacked. (2021, July 27). IFMAT. https://www.ifmat.org/07/27/irans-secret-cyber-files-on-how-cargo-ships-and-petrol-stations-could-be-attacked/

Jackson, G. (2019, October 3). Pilot Praised For Decision to Ground Golden Ray. The Brunswick News. https://thebrunswicknews.com/news/local_news/pilot-praised-for-decision-to-ground-golden-ray/article_9bb34ae1-eae5-5dd4-a08d-6feeccc1d05b.html

Jo, Y., Choi, O., You, J., Cha, Y., & Lee, D.H. (2022, February 26). Cyberattack Models for Ship Equipment based on the MITRE ATT&CK Framework. Sensors, 22(5), 1860. DOI: 10.3390/s22051860

Kessler, G.C. (2021, September). The CAN Bus in the Maritime Environment - Technical Overview and Cybersecurity Vulnerabilities. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 15(3), 531-540. DOI: 10.12716/1001.15.03.05

Krile, S., Kezić, D., & Dimc, F. (2013). NMEA Communication Standard for Shipboard Data Architecture. OUR SEA: International Journal of Maritime Science & Technology, 60(3-4), 68–81. https://hrcak.srce.hr/file/162159

Leyden, J. (2017, November 20). Container Ship Loading Plans Are 'Easily Hackable.' The Register. https://www.theregister.co.uk/2017/11/20/container_ship_loading_software_mischief/

Luft, L.A., Anderson, L., & Cassidy, F. (2002). NMEA 2000 A Digital Interface for the 21st Century. Proceedings of the 2002 National Technical Meeting of The Institute of Navigation, San Diego, CA, 28–30 January 2002, pp. 796–807. https://www.nmea.org/Assets/nmea-2000-digital-interface-white-paper.pdf

Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO). (2017, September 29). Vessel Video Camera Hack Update. Tactical Cyber Intelligence Report TR-130-2017.

Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO). (2017, October 20). VSAT and "x0rz." Tactical Intelligence Report TR-131-2017.

Maritime & Port Security Information Sharing & Analysis Organization (MPS-ISAO). (2018, October 12). Social Media Claim — Vessel Camera Hack. Warning Report WR-18-10-07.

McNally, M. (2022, February 23). Cybersecurity for the Increasingly Connected Ship. The Maritime Executive. https://www.maritime-executive.com/editorials/cybersecurity-for-the-increasingly-connected-ship

Mehta, J., Richard, G., Lugosch, L., Yu, D., & Meyer, B.H. (2023, January). DT-DS: CAN Intrusion Detection with Decision Tree Ensembles. ACM Transactions on Cyber-Physical Systems. DOI: 10.1145/3566132

Munro, K. (2017, October 13). OSINT From Ship Satcoms. Pen Test Partners. https://www.pentestpartners.com/security-blog/osint-from-ship-satcoms/

Munro, K. (2017, November 16). Sinking Container Ships by Hacking Load Plan Software. Pen Test Partner. https://www.pentestpartners.com/security-blog/sinking-container-ships-by-hacking-load-plan-software/

Munro, K. (2017, November 17). Making Prawn Espressos, or Hacking Ships by Deciphering BAPLIE EDIFACT Messaging. Pen Test Partners. https://www.pentestpartners.com/security-blog/making-prawn-espressos-or-hacking-ships-by-deciphering-baplie-edifact-messaging/

Munro, K. (2017, December 13). Sinking Bulk Carrier Ships by Hacking HSMS. Pen Test Partners. https://www.pentestpartners.com/security-blog/sinking-bulk-carrier-ships-by-hacking-hsms/

Munro, K. (2018, June 25). Hacking Serial Networks on Ships. Pen Test Partners. https://www.pentestpartners.com/security-blog/hacking-serial-networks-on-ships/

National Institute of Standards and Technology (NIST). (2014, July 14). CVE-2013-6117-Detail. National Vulnerability Database. https://nvd.nist.gov/vuln/detail/CVE-2013-6117

National Institute of Standards and Technology (NIST). (2019, October 2). CVE-2017-6343-Detail. National Vulnerability Database. https://nvd.nist.gov/vuln/detail/CVE-2017-6343

National Security Agency (NSA). (2022, January 25). Protecting VSAT Communications. Cybersecurity Advisory (CSA). https://media.defense.gov/2022/Jan/25/2002927101/-1/-1/0/CSA_PROTECTING_VSAT_COMMUNICATIONS_01252022.PDF

Nichols, S. (2016, April 11). Half of People Plug in USB Drives They Find in the Parking Lot. The Register. https://www.theregister.com/2016/04/11/half_plug_in_found_drives/

Osborne, C. (2017, October 26). Hackers Can Gain Access to Maritime Ship Data Through a Built-In Backdoor. ZDNet. https://www.zdnet.com/article/hackers-gain-full-access-to-maritime-ships/

Pavur, J., Mosery, D., Strohmeiery, M., Lendersy, V., & Martinovic, I. (2020, May). A Tale of Sea and Sky On the Security of Maritime VSAT Communications. In Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP), 18-21 May 2020, San Francisco. DOI: 10.1109/SP40000.2020.00056

Ramsay, S. (2014). Maritime Domain Awareness and Security Imperatives. SP's Naval Forces, 4. http://www.spsnavalforces.com/story/?id=336

Rinner, B. (2019, May). Can We Trust Smart Cameras? IEEE Computer Magazine, 52(5): 67-70. 10.1109/MC.2019.2905171

Robinson, E. (2020, May 29). We Hacked A Ship. The Owner is Liable. Digital Ship. https://thedigitalship.com/news/maritime-satellite-communications/item/6597-we-hacked-a-ship-the-owner-is-liable

Sage-Passant, L. (2022, October 13). How to get on a Watchlist Episode 7: How to Hijack a Ship [Podcast]. Encyclopedia Geopolitica. https://encyclopediageopolitica.com/2022/10/13/how-to-get-on-a-watchlist-episode-7-how-to-hijack-a-ship/

Santamarta, R. (2014). A Wake-Up Call For SATCOM Security. IOActive Technical White Paper. https://ioactive.com/pdfs/IOActive_SATCOM_Security_WhitePaper.pdf

Santamarta, R. (2015, December 9). Maritime Security: Hacking Into a Voyage Data Recorder (VDR). IOActive Research Paper. https://ioactive.com/maritime-security-hacking-into-a-voyage-data-recorder-vdr/

Santamarta, R. (2018, August). Last Call For SATCOM Security. IOActive White Paper. http://i.blackhat.com/us-18/Thu-August-9/us-18-Santamarta-Last-Call-For-Satcom-Security-wp.pdf

Schnelle O. (1995). CAN Networks in Ship Automation Systems. 2nd International CAN Conference (ICC 1995), London. https://www.can-cia.org/fileadmin/resources/documents/proceedings/1995_schnelle.pdf

Seals, T. (2019, October 15). On-Board 'Mystery Boxes' Threaten Global Shipping Vessels. Threatpost. https://threatpost.com/on-board-mystery-boxes-threaten-global-shipping-vessels/149211/

Several Wounded After Cargo Ship Capsizes in Southern Iran. (2019, March 19). Iran Front Page. https://ifpnews.com/several-wounded-after-cargo-ship-capsizes-in-southern-iran

S$ouml;ner, Ö, Kayisoglu, G., Bolat, P., & Tam., K. (2023, January). Cybersecurity Risk Assessment of VDR. The Journal of Navigation. DOI: 10.1017/S0373463322000595

Talamantes, J. (n.d.). USB Drop Attacks: The Danger of "Lost and Found" Thumb Drives. RedTeam. https://www.redteamsecure.com/blog/usb-drop-attacks-the-danger-of-lost-and-found-thumb-drives/

Tests Show Ease of Hacking ECDIS, Radar and Machinery. (2017, December 21). The Maritime Executive. https://maritime-executive.com/article/tests-show-ease-of-hacking-ecdis-radar-and-machinery

Tran, K., Keene, S., Fretheim, E., & Tsikerdekis, M. (2021, April 21). Marine Network Protocols and Security Risks. Journal of Cybersecurity and Privacy, 2021(1), 239-251. DOI: 10.3390/jcp1020013

Tucker, P. (2015, August 6). Hacker Cracks Satellite Communications Network. Defense One. http://www.defenseone.com/technology/2015/08/hacker-cracks-satellite-communications-network/118915/

United Nations Directories for Electronic Data Interchange for Administration, Commerce and Transport (UN/EDIFACT). (2021, November 15). Bayplan/Stowage Plan Occupied and Empty Locations Message (BAPLIE), Version D, Release 21B. https://service.unece.org/trade/untdid/latest/trmd/baplie_c.htm

United Nations Directories for Electronic Data Interchange for Administration, Commerce and Transport (UN/EDIFACT). (2021, November 15). Container Gate-In/Gate-Out Report Message (CODECO), Version D, Release 21B. https://service.unece.org/trade/untdid/latest/trmd/codeco_c.htm

United Nations Directories for Electronic Data Interchange for Administration, Commerce and Transport (UN/EDIFACT). (2021, November 15). Container Discharge/Loading Order Message (COPRAR), Version D, Release 21B. https://service.unece.org/trade/untdid/latest/trmd/coprar_c.htm

United Nations Directories for Electronic Data Interchange for Administration, Commerce and Transport (UN/EDIFACT). (2021, November 15). Verified Gross Mass Message (VERMAS), Version D, Release 21B. https://service.unece.org/trade/untdid/latest/trmd/vermas_c.htm

USB Rubber Ducky. (n.d.). Hak5. http://hakshop.myshopify.com/collections/usb-rubber-ducky

Wee, V. (2017, December 22). Naval Dome Exposes Vessel Vulnerabilities to Cyber Attack. Seatrade Maritime News. https://www.seatrade-maritime.com/asia/naval-dome-exposes-vessel-vulnerabilities-cyber-attack

Wolsing, K., Saillard, A., Bauer, J., Wagner, E., van Sloun, C., Fink, I.B., Schmidt, M., Wehrle, K., & Henze, M. (2022, September). Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset. Proceedings of the IEEE 47th Conference on Local Computer Networks (LCN), Edmonton, Alberta, Canada. DOI: 10.1109/LCN53696.2022.9843801

Zorz, Z. (2017, October 26). Critical Flaws in Maritime Comms System Could Endanger Entire Ships. Help Net Security. https://www.helpnetsecurity.com/2017/10/26/critical-flaws-maritime-comms-system/

Zorz, Z. (2018, June 7). Vulnerable Ship Systems: Many Left Exposed to Hacking. Help Net Security. https://www.helpnetsecurity.com/2018/06/07/vulnerable-ship-systems/

[Top of Section | Top of Page]
Chapter 6. Navigation Systems

AIS BlackToolkit. (2020, May 11). https://github.com/trendmicro/ais

Aitken, P. (2020, August 8). Chinese Fleet Fishing Near Galapagos Protected Waters, Allegedly Falsifying GPS Location. Fox News. https://www.foxnews.com/world/chinese-fleet-fishing-near-galapagos-protected-waters-allegedly-falsifying-gps-location

Akarca, O. (2019, May 24). The World's Top 10 Strategic Straits and Channels. More Than Shipping. https://www.morethanshipping.com/the-worlds-top-10-strategic-straits-and-channels/

Amro, A., & Gkioulos, V. (2022, September). From Click To Sink: Utilizing AIS for Command and Control in Maritime Cyber Attacks. Proceedings of the 27th European Symposium on Research in Computer Security (ESORICS) 2022, Copenhagen, Denmark, pp. 535-553. Lecture Notes in Computer Science (LNCS), 13556. DOI: 10.1007/978-3-031-17143-7_26

Amro, A., Oruç, A., Gkioulos, V., & Katsikas, S. (2022, February 23). Navigation Data Anomaly Analysis and Detection. Information, 13(3), 104. DOI: 10.3390/info13030104

Anderson, J.M., Carroll, K.L., DeVilbiss, N.P., Gillis, J.T., Hinks, J.C., O'Hanlon, B.W., Rushanan, J.J., Scott, L., & Yazdi, R.A. (2017, September). Chips-Message Robust Authentication (Chimera) for GPS Civilian Signals. Proceedings of the 30th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2017), Portland, Oregon, pp. 2388-2416. DOI: 10.33012/2017.15206

Automatic Identification System (AIS), 33 C.F.R. § 164.46 (2020). https://www.govregs.com/regulations/33/164.46

Awan, M.S.K., & Al Ghamdi, M.A. (2019, October 2). Understanding the Vulnerabilities in Digital Components of An Integrated Bridge System (IBS). Journal of Marine Science and Engineering, 7(10), 350. DOI: 10.3390/jmse7100350

Baker, R. (2019, October 2). OSINT on the Ocean: Maritime Intelligence Gathering Techniques. wondersmith_rae blog. https://wondersmithrae.medium.com/osint-on-the-ocean-maritime-intelligence-gathering-techniques-2ee39e554fe1

Baker, R. (2021, April 12). 6 Tips For Investigating Maritime Vessels. wondersmith_rae blog. https://wondersmithrae.medium.com/6-tips-for-investigating-maritime-vessels-77e9c8bf75

Balduzzi, M., Pasta, A., & Wilhoit, K. (2014, December). A Security Evaluation of AIS Automated Identification System. In Proceeding the 30th Annual Computer Security Applications Conference (ACSAC '14), 436-445, New Orleans, Louisiana, 8-12 December 2014. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.694.7968&type=pdf

Balduzzi, M., Wilhoit, K., & Pasta, A. (2014, December). A Security Evaluation of AIS. Trend Micro Research Paper. https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-a-security-evaluation-of-ais.pdf

Bergman, B. (2020, May 26). AIS Ship Tracking Data Shows False Vessel Tracks Circling Above Point Reyes, Near San Francisco. SkyTruth. https://skytruth.org/2020/05/ais-ship-tracking-data-shows-false-vessel-tracks-circling-above-point-reyes-near-san-francisco/

Bhatti, J., & Humphreys, T.E. (2017, May 7. Hostile Control of Ships via False GPS Signals: Demonstration and Detection. NAVIGATION: Journal of the Institute of Navigation, 64(1), 51-66. DOI: 10.1002/navi.183
Bockmann, M.W. (2019, August 16). Seized UK Tanker Likely 'Spoofed' by Iran. Lloyd's List. https://lloydslist.maritimeintelligence.informa.com/LL1128820/Seized-UK-tanker-likely-spoofed-by-Iran

Boling, A., Kuo, L., Snyder, L., & Sung, L. (2021). UNMASKED: Vessel Identity Laundering and North Korea's Maritime Sanctions Evasion. Center for Advanced Defense Studies (C4ADS). https://c4ads.org/s/Unmasked-North-Korea-Vessel-Identity-Laundering-ntbe.pdf

Bransby, M. (2018, November 1). Innovation: An Alternative to GNSS for Maritime Positioning. GPS World. https://www.gpsworld.com/innovation-an-alternative-to-gnss-for-maritime-positioning/

Braw, E. (2018, December 17). The GPS Wars Are Here. Foreign Policy. https://foreignpolicy.com/2018/12/17/the-gps-wars-are-here/

Buesnel, G. (2020, December 2). Thousands of GNSS Jamming and Spoofing Incidents Reported in 2020. https://rntfnd.org/2020/12/24/thousands-of-gnss-jamming-and-spoofing-incidents-reported-in-2020-guy-buesnel/

Burgess, M. (2017, September 21). When a Tanker Vanishes, All the Evidence Points to Russia. WIRED. https://www.wired.co.uk/article/black-sea-ship-hacking-russia

Burgess, M. (2022, December 15). GPS Signals Are Being Disrupted in Russian Cities. WIRED. https://www-wired-com.cdn.ampproject.org/c/s/www.wired.com/story/gps-jamming-interference-russia-ukraine/amp

Bunwaree, P. (2023, January 11). The Illegality of Fishing Vessels 'Going Dark' and Methods of Deterrence. International & Comparative Law Quarterly, 72(1), 179-211. DOI: 10.1017/S0020589322000525

Cameron, A. (2019, April 2). Russia Practices Widespread Spoofing. GPS World. https://www.gpsworld.com/russia-practices-widespread-spoofing

Center for Advanced Defense Studies (C4ADS). (2019). Above Us Only Stars: Exposing GPS Spoofing in Russia and Syria. https://www.c4reports.org/aboveusonlystars

Center for Advanced Defense Studies (C4ADS). (2019, December 2). Shanghai GPS Spoofing. https://drive.google.com/file/d/1dTWu7H9JjRyN0uQPZ9HwiUzCFd7cd5pL

Chow, B.G., & Kelley, B.W. (2021, July 28). Peace in the Era of Weaponized Space. SpaceNews. https://spacenews.com/op-ed-peace-in-the-era-of-weaponized-space/

Clements, Z., Ellis, P., Psiaki, M., & Humphreys, T.E. (2022, September). Geolocation of Terrestrial GNSS Spooﬁng Signals from Low Earth Orbit. Proceedings of the 2022 ION GNSS+ Conference, Denver, CO, Sept. 19-23, 2022. https://radionavlab.ae.utexas.edu/wp-content/uploads/2022/10/clements-spoofer-geolocation.pdf

CockrellSchool. (2013, July 29). Spoofing on the High Seas [video]. Cockrell School's Department of Aerospace Engineering and Engineering Mechanics, The University of Texas at Austin. https://www.youtube.com/watch?v=ctw9ECgJ8L0

Curry, C. (2014, September 8) Detecting GPS Jammers: 'Gone in 20 Seconds.' CGSIC Annual Conference. https://www.gps.gov/cgsic/meetings/2014/curry.pdf

Cutlip, K. (2017, March). AIS for Safety and Tracking: A Brief History. Global Fishing Watch. https://globalfishingwatch.org/data/ais-for-safety-and-tracking-a-brief-history

Czaplewski, K., & Goward, D. (2016, June). Global Navigation Satellite Systems - Perspectives on Development and Threats to System Operation. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 10(2), 183-192. DOI: 10.12716/1001.10.02.01

Danilov, P.B. (2020, June 26). GPS Jamming Still Causing Problems in Finnmark. High North News. https://www.highnorthnews.com/en/gps-jamming-still-causing-problems-finnmark

Dovis, F. (2019, September). Assessment of the Effect of RFI Threats on GNSS-based Downstream Applications. Proceedings of the 32nd International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2019), Miami, Florida, September 16-20, 2019, pp. 2721-2741. DOI: 10.33012/2019.17124

Divis, D.A. (2021, December 8). GPS-Independent Navigation at the Core of Space Development Agency's New LEO Constellation. Navigation Outlook. https://navoutlook.com/gps-independent-navigation-at-the-core-of-space-development-agencys-new-leo-constellation/

Dunn, J.E. (2019, April 1). Russia Accused of Massive GPS Spoofing Campaign. Naked Security by Sophos. https://nakedsecurity.sophos.com/2019/04/01/russia-accused-of-massive-gps-spoofing-campaign/

Dunn, K. (2018, November 21). Insight: Cyber Threats to Shipping Grow in East Mediterranean. S&P Global Platts. https://blogs.platts.com/2018/11/21/insight-cyber-threats-shipping-east-mediterranean/

Dunn, K. (2020, January 22). Mysterious GPS Outages Are Wracking The Shipping Industry. Fortune. https://fortune.com/longform/gps-outages-maritime-shipping-industry/

Dunn, K. (2020, January 24). The Long Ocean Voyage That Helped Find The Flaws in GPS. Fortune. https://fortune.com/2020/01/24/gps-disruption-test-voyage/

Easton, I. (2009, August 10). The Great Game in Space: China's Evolving ASAT Weapons Programs and Their Implications for Future U.S. Strategy. Project 2049 Institute. https://project2049.net/wp-content/uploads/2018/05/china_asat_weapons_the_great_game_in_space.pdf

Erstad, E., Lund, M.S., & Ostnes, R. (2022). Navigating Through Cyber Threats, A Maritime Navigator's Experience. In Tareq Ahram & Waldemar Karwowski (eds.), Human Factors in Cybersecurity, 53, 84–91. DOI: 10.54941/ahfe1002205

European Union Agency for the Space Programme (EUSPA). (2021, November 10). Galileo Open Service Navigation Message Authentication (OSNMA). EUSPA Info Note. https://www.gsc-europa.eu/sites/default/files/sites/all/files/Galileo_OSNMA_Info_Note.pdf

Fischer, J. (2020, September 2). Resilient PNT: How to Detect, Protect and Prevent Disruption of GPS/GNSS/PNT Signals and Sources. Orolia. https://www.orolia.com/resilient-pnt-how-to-detect-protect-and-prevent-disruption-of-gps-gnss-pnt-signals-and-sources-2/

González, R., Lacarra, E., López, M., & Heikonen, K. (2021, September). EGNOS Performance Along Finnish Coast. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 15(3), 551-556. DOI: 10.12716/1001.15.03.07

Goodman, J. (2021, May 28). Tanker's Impossible Voyage Signals New Sanction Evasion Ploy. yahoo!news. https://news.yahoo.com/tanker-impossible-voyage-signals-sanction-040109857.html
Goodman, J. (2022 February 3). Digital Warfare Tech at Sea Helping US Foes Evade Sanctions. AP News. https://apnews.com/article/technology-business-middle-east-iran-shipping-44d5cdc52e589c44a7bb0fc5be59d156
Goudossis, A, & Katsikas, S.K. (2019, June). Towards a Secure Automatic Identification System (AIS). Journal of Marine Science and Technology, 24(2), 410-423. DOI: 10.1007/s00773-018-0561-3

Goudossis, A, & Katsikas, S.K. (2020, June). Secure AIS With Identity-Based Authentication and Encryption. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 14(2). DOI: 10.12716/1001.14.02.03

Goward, D. (2017). GPS Jamming and Spoofing: Maritime's Biggest Cyber Threat. In J. DiRenzo III, N.K. Drumhiller, & F.S. Roberts (Ed.), Issues in Maritime Cyber Security, pp. 407-415. Washington, D.C.: Westphalia Press.

Goward, D. (2017, July 11). Mass GPS Spoofing Attack in Black Sea? Maritime Executive. https://maritime-executive.com/editorials/mass-gps-spoofing-attack-in-black-sea

Goward, D.A. (2018, December). GNSS Spoofing - A Technology Re/evolution. US National PNT Advisory Board. https://www.gps.gov/governance/advisory/meetings/2018-12/goward.pdf

Goward, D. (2019, June 19). The History of GPS Spoofing [video]. https://www.youtube.com/watch?v=L2fZGVVH5lg

Goward, D. (2019, August 13). GPS Jamming and Spoofing Reported at Port of Shanghai. Maritime Executive. https://www.maritime-executive.com/editorials/gps-jamming-and-spoofing-at-port-of-shanghai

Goward, D. (2020, April 21). GPS Circle Spoofing Discovered in Iran. GPS World. https://www.gpsworld.com/gps-circle-spoofing-discovered-in-iran/

Goward, D. (2020, May 26). New GPS 'Circle Spoofing' Moves Ship Locations Thousands of Miles. GPS World. https://www.gpsworld.com/new-gps-circle-spoofing-moves-ship-locations-thousands-of-miles/

Goward, D.A. (2021, April 14). Assured PNT Summit - Opening Remarks. Defense Strategies Institute Assured PNT Summit. https://rntfnd.org/2021/04/16/assured-pnt-summit-opening-remarks/

Goward, D. (2022, January 4). NSC Director: GPS 'Still a Single Point of Failure.' GPS World. https://www.gpsworld.com/nsc-director-gps-still-a-single-point-of-failure/

Goward, D. (2022, January 13. GPS Spoofing — History and Prevention [video]. Association of Old Crows. https://event.on24.com/wcc/r/3393437/A17F616C03AAAEA78105E26B4986E22B

Goward, D.A. (2022, April 19). Op-Ed: Get the Bullseye Off GPS. Space News. https://spacenews.com/op-ed-get-the-bullseye-off-gps/

Goward, D.A. (2022, July 22). Why Isn't Russia jamming GPS harder in Ukraine? C4ISRNET. https://www.c4isrnet.com/opinion/2022/07/22/why-isnt-russia-jamming-gps-harder-in-ukraine/

Goward, D.A. (2023, January 26). GPS could have high accuracy and counter spoofing, if... GPS World. https://www.gpsworld.com/gps-could-have-high-accuracy-and-counter-spoofing-if/

GPS Denied Solutions and Upcoming Technologies. (2021, May 11). Advanced Navigation. https://www.advancednavigation.com/news/gps-denied-solutions-and-upcoming-technologies

GPSPATRON. (2021, September 26). GNSS Spoofing Scenarios with SDRs. https://gpspatron.com/gnss-spoofing-scenarios-with-sdrs/

Grant, A., Williams, P., Ward, N., & Basker, S. (2009, April). GPS Jamming and the Impact on Maritime Navigation. The Journal of Navigation, 62(2). DOI: 10.1017/S0373463308005213

Gross, J.A. (2019, June 28). GPS Jamming Affecting Israel Comes From Russian Base in Syria: US Researcher. The Times of Israel. https://www.timesofisrael.com/gps-jamming-affecting-israel-comes-from-russian-base-in-syria-us-researcher/

Hambling, D. (2017, August 10). Ships Fooled in GPS Spoofing Attack Suggest Russian Cyberweapon. NewScientist. https://www.newscientist.com/article/2143499-ships-fooled-in-gps-spoofing-attack-suggest-russian-cyberweapon/

Hambling, D. (2020, October 4). What Would the World do Without GPS? BBC. https://www.bbc.com/future/article/20201002-would-the-world-cope-without-gps-satellite-navigation

Hamill-Stewart, J., & Sallay, A. (ed.). (2023, March 6). The Cyber Vulnerabilities of Dynamic Positioning Systems. The Maritime Executive. https://maritime-executive.com/editorials/the-cyber-vulnerabilities-of-dynamic-positioning-systems

Hansen, A., Mackey, S., Wassaf, H., Shah, V., Wallischeck, E., Scarpone, C., Barzach, M., & Baskerville, E. (2021, January). Complementary PNT and GPS Backup Technologies Demonstration Report. Cambridge (MA): U.S. Department of Transportation, John A Volpe National Transportation Systems Center, Report DOT-VNTSC-20-07. https://www.transportation.gov/sites/dot.gov/files/2021-01/FY%2718%20NDAA%20Section%201606%20DOT%20Report%20to%20Congress_Combinedv2_January%202021.pdf

Hanyok, R.J. (1998, February 24). Skunks, Bogies, Silent Hounds, and the Flying Fish: The Gulf of Tonkin Mystery, 2-4 August 1964. Cryptologic Quarterly, 19/20, 4-1. https://nsarchive2.gwu.edu/NSAEBB/NSAEBB132/relea00012.pdf

Harris, M. (2019, November 15). Ghost Ships, Crop Circles, and Soft Gold: A GPS Mystery in Shanghai. MIT Technology Review. https://www.technologyreview.com/s/614689/ghost-ships-crop-circles-and-soft-gold-a-gps-mystery-in-shanghai/

Harris, M. (2021, July 29). Phantom Warships Are Courting Chaos in Conflict Zones. WIRED. https://www.wired.com/story/fake-warships-ais-signals-russia-crimea/

Harrison, T., Johnson, K., Roberts, T.G., Way, T., & Young, M. (2020, March). Space Threat Assessment 2020. Center For Strategic And International Studies (CSIS) Aerospace Security Project. https://aerospace.csis.org/wp-content/uploads/2020/03/Harrison_SpaceThreatAssessment20_WEB_FINAL-min.pdf

Hemminghaus, C., Bauer, J., & Padilla, E. (2021, March). BRAT: A BRidge Attack Tool for Cyber Security Assessments of Maritime Systems. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 15(1). DOI: 10.12716/1001.15.01.02

Hoffmann, J. (2021, December 1). The Importance of AIS in Times of a Supply Chain Crisis. MarineTraffic blog. https://www.marinetraffic.com/blog/the-importance-of-ais-in-times-of-a-supply-chain-crisis/?utm_campaign=GH%20Project%20MFB&utm_medium=email&_hsmi=105642400&_hsenc=p2ANqtz-9X_b1v8FrBjSyfcJRl1UzYT_uWgQvkwHm9TNajyw1fsFxyhXXUUYZh8wHBU3sFETWVIW3iACBecwHLFjrYOh7pd3i-WA&utm_content=105642400&utm_source=hs_automation

How SailPlan's Cloud-based Platform is Optimising Navigational Decision-making. (2021, March 5). Vessel Performance Optimisation. https://vpoglobal.com/2021/03/05/how-sailplans-cloud-based-platform-is-optimising-navigational-decision-making/

Hu, H., & Wei, N. (2009). A Study of GPS Jamming and Anti-jamming. In Proceedings of the 2009 2nd International Conference on Power Electronics and Intelligent Transportation System (PEITS), December 19-20, 2009. DOI: 10.1109/PEITS.2009.5406988

Humphreys, T. (2012, August 24). Resilient and Robust PNT. ION Joint Navigation Conference. https://rntfnd.us3.list-manage.com/track/click?u=06a79dfa9d702640cd0cee682&id=40316749a7&e=45ff616045

Iannucci, P.A., & Humphreys, T.E. (2020, September 25). Fused Low-Earth-Orbit GNSS. The University of Texas at Austin Radionavigation Laboratory. https://arxiv.org/pdf/2009.12334.pdf

Industrial Safety and Security (ISS) Source. (2021, March 1). Tool to Protect Against GPS Spoofing. ISSSource.com. https://isssource.com/tool-to-protect-against-gps-spoofing/

International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA). (2016, June). An Overview of AIS, Edition 2. IALA Guideline 1082. https://www.navcen.uscg.gov/sites/default/files/pdf/IALA_Guideline_1082_An_Overview_of_AIS.pdf

International Maritime Organization (IMO). (2021, October 18). Deliberate Interference With the United States' Global Positioning Sytsem (GPS) and Other Global Navigation Staellite Systems (GNSS). MSC.1/Circ.1644. https://rntfnd.org/wp-content/uploads/IMO-Circular-MSC.1-Circ.1644-Deliberate-Interference-With-The-United-States-Global-Positioning-System-Gps-And-Other...-Secretariat.pdf_safe.pdf

International Maritime Organization (IMO). (2002, July 1). International Convention for the Safety of Life at Sea (SOLAS), Chapter V (Safety of Navigation), Regulation 19 (Carriage requirements for shipborne navigational systems and equipment). https://www.navcen.uscg.gov/sites/default/files/pdf/AIS/SOLAS.V.19.2.1-5.pdf

International Telecommunication Union (ITU). (2014, February 18). Technical Characteristics for an Automatic Identification System Using Time-Division Multiple Access in the VHF Maritime Mobile Band. Radiocommunication Sector (ITU-R) Recommendation M.1371. https://www.itu.int/rec/R-REC-M.1371-5-201402-I/en

Jones, M. (2017, octiber 11). Spoofing in the Black Sea: What Really Happened? GPS World. https://www.gpsworld.com/spoofing-in-the-black-sea-what-really-happened/

Kayisoglu, G., Bolat, P., & Tam, K. (2022, October 5). Evaluating SLIM-based Human Error Probability for ECDIS Cybersecurity in Maritime. The Journal of Navigation. DOI: 10.1017/S0373463322000534

Kessler, G.C. (2020, May 1). AIS Replay and Spoofing [video]. https://www.garykessler.net/gck/AIS_replay_and_spoofing.mp4

Kessler, G.C. (2020, June). Protected AIS: A Demonstration of Capability Scheme to Provide Authentication and Message Integrity. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 14(2), 279-286. DOI: 10.12716/1001.14.02.02

Kessler, G.C. (2021, August 22). AIS Spoof of a Warship [video]. https://www.garykessler.net/gck/202108_MOSKVA_spoof.mp4

Kessler, G.C. (2022, December 6). AIS Research Using a Raspberry Pi (2022 Update). https://www.garykessler.net/library/ais_pi.html

Kessler, G.C., Craiger, J.P., & Haass, J. (2018, September). A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 12(3), 429-437. DOI: 10.12716/1001.12.03.01

Khalife, J., Neinavaie, M., & Kassas, Z.M. (2021, September 20). The First Carrier Phase Tracking and Positioning Results with Starlink LEO Satellite Signals. IEEE Transactions on Aerospace and Electronic Systems. DOI: 10.1109/TAES.2021.3113880

Kraetzig, N.M. (2020, July 24). A Complete Guide to Marine Traffic Tracking Technologies and AIS Data. UP42. https://up42.com/blog/tech/a-complete-guide-to-marine-traffic-tracking-tech-and-ais-data

Kristić, M., Žuškin, S., Brčic, D., & Car, M. (2021, June). Overreliance on ECDIS Technology: A Challenge for Safe Navigation. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 15(2), 277-287. DOI: 10.12716/1001.15.02.02

Lambert, N., & Goward, D.A. (2020, November). Solution to GPS Hacking. Sea Technology, 8-10. https://lsc-pagepro.mydigitalpublication.com/publication/?m=60787&i=680110&p=8

Leite Junior, W.C., de Moraes, C.C., de Albuquerque, C.E.P., Machado, R.C.S., & de Sá, A.O. (2021, May 4). A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems. Sensors, 21(9), 3195. DOI: 10.3390/s21093195

Lombardi, M.A. (2021, November). An Evaluation of Dependencies of Critical Infrastructure Timing Systems on the Global Positioning System (GPS). National Institute of Standards and Technology (NIST) Technical Note (TN) 2189, U.S. Department of Commerce. DOI: 10.6028/NIST.TN.2189

Longo, G., Martelli, M., Russo, E., & Zaccone, R. (2022, Sepetember 1). Collision-avoidance Capabilities Reduction After a Cyber-Attack to the Navigation Sensors. Proceedings of the International Ship Control Systems Symposium, 8-10 November 2022. DOI: 10.24868/10729

Longo, G., Russo, E., Armando, A. & Merlo, A. (2022, July 12). Attacking (and Defending) the Maritime Radar System. DOI: 10.48550/ARXIV.2207.05623

Lund, M.S., Hareide, O.S., & Jøsok, Ø. (2018). An Attack on an Integrated Navigation System. Necesse, 3(2), 149-163. http://www.mass-lund.no/publications/Necesse.pdf

Maritime Administration (MARAD). (2017, June 22). Black Sea-GPS Interference. Maritime Security Communications with Industry (MSCI) Advisory 2017-005A. https://www.maritime.dot.gov/content/2017-005a-black-sea-gps-interference

Maritime Administration (MARAD). (2018, May 7). Eastern Mediterranean Sea-GPS Interference, MSCI Advisory 2018-007. https://www.maritime.dot.gov/content/2018-007-eastern-mediterranean-sea-gps-interference

Maritime Administration (MARAD). (2018, November 8). Eastern Mediterranean Sea-GPS Interference, MSCI Advisory 2018-014. https://www.maritime.dot.gov/content/2018-014-eastern-mediterranean-sea-gps-interference

Matyszczyk, C. (2013, August). Truck Driver has GPS Jammer, Accidently Jams Newark Airport. CNET. https://www.cnet.com/news/truck-driver-has-gps-jammer-accidentally-jams-newark-airport/

McCrystal, S. (2018, February 16). Detecting and Defeating GPS Jamming. The Maritime Executive. https://www.maritime-executive.com/blog/detecting-and-defeating-gps-jamming

Milner, G. (2020, August 6). How Vulnerable Is G.P.S.? The New Yorker. https://www.newyorker.com/tech/annals-of-technology/how-vulnerable-is-gps

Misra, P., & Enge, P. (2012). Global Positioning System: Signals, Measurement, and Performance, 2/e revised and updated. Lincoln, MA: Ganga-Jamuna Press.

Mundhra, S. (2022, February 10). China's BeiDou, Russia's Glonass Pact On Satellite Navigation Another Booster For Moscow-Beijing Military Ties. The EurAsian Times. https://eurasiantimes.com/china-russia-cooperation-on-satellite-navigation-systems

Murrian, M.J., Narula, L., Iannucci, P.A., Budzien, S., O'Hanlon, B.W., Psiaki, M.L., & Humphreys, T.E. ((2021, Winter). First Results From Three Years of GNSS Interference Monitoring From Low Earth Orbit. NAVIGATION: Journal of the Institute of Navigation, 68(4), 673-685. DOI: 10.1002/navi.449 [NB: ION Webinar]

National Marine Electronics Association (NMEA). (2020). OneNet Standard for IP Networking of Marine Electronic Devices. https://www.nmea.org/content/STANDARDS/OneNet

NovAtel Inc. (2015). An Introduction to GNSS: GPS, GLONASS, BeiDou, Galileo and other Global Navigation Satellite Systems, 2/e. http://www2.novatel.com/GNSSBook

O'Hanlon, B.W., Psiaki, M.L., Bhatti, J.A., Shepard, D.P., & Humphreys, T.E. (2013, Winter). Real-Time GPS Spoofing Detection Via Correlation Of Encrypted Signals. NAVIGATION: Journal Of The Institute Of Navigation, 60(4), 267-278. DOI: 10.1002/navi.44

Oceana. (2020, September). Oceana Finds 300 Chinese Vessels Pillaging the Galapagos for Squid. https://usa.oceana.org/sites/default/files/galapagos_mini_report_finalupdateddoi.pdf

Oceana. (2021, June). Now You See Me, Now You Don't: Vanishing Vessels Along Argentina’s Waters. https://usa.oceana.org/wp-content/uploads/sites/4/2021/06/oceana_argentina_mini_report_finalupdated.pdf

Oruç, A., Gkioulos, V., & Katsikas, S. (2022, January). Towards a Cyber-Physical Range for the Integrated Navigation System (INS). Journal of Marine Science and Engineering, 10, 107. DOI: 10.3390/jmse10010107

Oruc, A., Amro, A., & Gkioulos, V. (2022, November 12). Assessing Cyber Risks of an INS Using the MITRE ATT&CK Framework. Sensors, 22(22), 8745. DOI: 10.3390/s22228745

Pérez Marcos, E., Konovaltsev, A., Caizzone, S., Cuntz, M., Yinusa, K., Elmarissi, W., & Meurer, M. (2018, September). Interference and Spoofing Detection for GNSS Maritime Applications using Direction of Arrival and Conformal Antenna Array. In Proceedings of the 31st International Technical Meeting of The Satellite Division of the Institute of Navigation (ION GNSS+ 2018), Miami, FL, 24-28 September 2018, pp. 2907-2922. DOI: 10.33012/2018.15901

UPNT Security is Part of Cybersecurity — Pending Advisory Board Recommendation. (2022, November 18). Resilient Navigation and Timing (RNT) Foundation blog. https://rntfnd.org/2022/11/18/pnt-security-is-part-of-cybersecurity-pending-advisory-board-recommendation/

Poling, G.B., Mallory, T.B., & Prétat, H. (2021, November). Pulling Back the Curtain on China's Maritime Militia. A Report of the Center for Strategic and International Studies (CSIS) Asia Maritime Transparency Initiative and the Center for Advanced Defense Studies (C4ADS). https://csis-website-prod.s3.amazonaws.com/s3fs-public/publication/211118_Poling_Maritime_Militia.pdf

Proctor, A. (2021, November). Developing A PNT Architecture Framework. Proceedings of the Royal Institute of Navigation’s (RIN) International Navigation Conference. https://rntfnd.us3.list-manage.com/track/click?u=06a79dfa9d702640cd0cee682&id=57716b5831&e=45ff616045

Psiaki, M.L. (2021, Fall). Navigation Using Carrier Doppler Shift from a LEO Constellation: TRANSIT on Steroids. NAVIGATION: Journal of the Institute of Navigation, 68(3), 621-641. DOI: 10.1002/navi.438

Psiaki, M.L., & Humphreys, T.E. (2016, January 8). GNSS Spoofing and Detection. UT Radionavigation Lab, The University of Texas at Austin. https://radionavlab.ae.utexas.edu/images/stories/files/papers/gnss_spoofing_detection.pdf

Psiaki, M.L., & Humphreys, T.E. (2016, August). Attackers Can Spoof Navigation Signals Without Our Knowledge. Here's How to Fight Back GPS Lies. IEEE Spectrum, 53(8), 26-32, 52-53. DOI: 10.1109/MSPEC.2016.7524168

Psiaki, M.L., O'Hanlon, B.W., Bhatti, J.A., Shepard, D.P., & Humphreys, T.E. (2013, October). GPS Spoofing Detection Via Dual-Receiver Correlation Of Military Signals. IEEE Transactions on Aerospace and Electronic Systems, 49(4), 2250-2267. 10.1109/TAES.2013.6621814

Royal Institute of Navigation. (2020, June 26). When GNSS Fails, What Will You Do? [video]. https://www.youtube.com/watch?v=5T6v1HK-a6s

Russian Electronic Warfare System Is Capable Of Neutralizing GPS, Galileo and BeiDou Systems. (2021, February 1). Sputnik International News. https://rntfnd.org/2021/02/04/russian-electronic-warfare-system-is-capable-of-neutralizing-gps-galileo-and-beidou-systems-sputnik-international/

Schweber, B. (2022, August 3). What? LORAN May be Back? Why? How? Part 1. MICROCONTROLLER TiPS. https://www.microcontrollertips.com/what-loran-may-be-back-why-how-part-1-faq/

Schweber, B. (2022, August 4). What? LORAN May be Back? Why? How? Part 2. MICROCONTROLLER TiPS. https://www.microcontrollertips.com/what-loran-may-be-back-why-how-part-2-faq/

Schweber, B. (2022, August 5). What? LORAN May be Back? Why? How? Part 3. MICROCONTROLLER TiPS. https://www.microcontrollertips.com/what-loran-may-be-back-why-how-part-3-faq/

Schweitzer Engineering Laboratories. (2014, November 3). Mitigating GPS Vulnerabilities. SEL Technical Paper, 6(4). https://selinc.com/solutions/synchrophasors/report/111935/

Sewall, S., Vandenberg, T., & Malden, K. (2023, February). China's BeiDou: New Dimensions of Great Power Competition. Belfer Center for Science and International Affairs, Harvard Kennedy School. https://www.belfercenter.org/sites/default/files/files/publication/Chinas-BeiDou_V10.pdf

Spens, N., Lee, D.-K., Nedelkov, F., & Akos, D. (2022, September). Detecting GNSS Jamming and Spoofing on Android Devices. NAVIGATION, 69(3). https://navi.ion.org/content/69/3/navi.537 [Webinar]

Starr, B., Browne, R., & Fox, K. (2019, July 19). Iran Announces Capture of British-Flagged Oil Tanker; US Officials Say Two Ships Seized. CNN. https://www.cnn.com/2019/07/19/middleeast/british-tanker-seized-iran-intl/

Stenberg, N., Axell, E., Rantakokko, J., & Hendeby, G. (2022, March). Results on GNSS Spoofing Mitigation Using Multiple Receivers. NAVIGATION, Journal of the Institute of Navigation, 69(1). DOI: 10.33012/navi.510

Su, M., Su, X., Zhao, Q., & Liu, J. (2019, January 7). BeiDou Augmented Navigation from Low Earth Orbit Satellites. Sensors, 19(1), 198. DOI: 10.3390/s19010198

Sukheja, B. (2020, August 10). China's Fishing Fleet Near Galapagos Islands Falsifying GPS Location: Reports. RepublicWorld.com. https://www.republicworld.com/world-news/china/chinas-fishing-fleet-near-galapagos-islands-falsifying-gps-location.html

Sutton, H.I. (2021, June 21). Positions of Two NATO Ships Were Falsified Near Russian Black Sea Naval Base. USNI News. https://news.usni.org/2021/06/21/positions-of-two-nato-ships-were-falsified-near-russian-black-sea-naval-base

Sutton, H.I. (2021, December 3). Attacking Open Source Intelligence: The Fake AIS Data Epidemic Explained [video]. Covert Shores. https://www.youtube.com/watch?v=dnuKpd0TNKc

Svilicic, B., Brčić, D., Žuškin, S., & Kalebić, D. (2019, March). Raising Awareness on Cyber Security of ECDIS. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 13(1), 231-236. DOI: 10.12716/1001.13.01.24

Svilicic, B., Kamahara, J., Celic, J., & Bolmsten, J. (2019, Octiber 25). Assessing Ship Cyber Risks: A Framework and Case Study of ECDIS Security. WMU Journal of Maritime Affairs, 18(3), 509–520. DOI: 10.1007/s13437-019-00183-x

Svilicic, B., Kristić, M., Žuškin, S., & Brčić, D. (2020, December). Paperless Ship Navigation:Cyber Security Weaknesses. Journal of Transportation Security , 13(3-4), 203-214. DOI: 10.1007/s12198-020-00222-2

Svilicic, B., Rudan, I., Frančić, V., & Doričić, M. (2019). Shipboard ECDIS Cyber Security: Third-Party Component Threats. Scientific Journal of Maritime Research, 33(2), 176-180. DOI: 10.31217/p.33.2.7

Svilicic, B., Rudan, I., Jugović, A., & Zec, D. (2019). A Study on Cyber Security Threats in a Shipboard Integrated Navigational System. Journal of Marine Science and Engineering, 7(10). https://www.mdpi.com/2077-1312/7/10/364/pdf

The Signal Jammer. (2020, January 3). GPS Jammers. https://www.thesignaljammer.com/categories/GPS-Jammers/

Tippenhauer, N.O., Pöpper, C., Rasmussen, K.B., & Čapkun, S. (2011, October). On the Requirements for Successful GPS Spoofing Attacks. In CCS '11: Proceedings of the 18th ACM conference on Computer and Communications Security, pp. 75-86. https://dl.acm.org/doi/pdf/10.1145/2046707.2046719

Trevithick, J. (2019, November 18). New Type Of GPS Spoofing Attack In China Creates 'Crop Circles' Of False Location Data. The War Zone Wire. https://www.thedrive.com/the-war-zone/31092/new-type-of-gps-spoofing-attack-in-china-creates-crop-circles-of-false-location-data

Tucker, P. (2020, July 31). The Air Force's Latest GPS Alternative: Earth's Magnetic Fields. Defense One. https://www.defenseone.com/technology/2020/07/air-forces-latest-gps-alternative-earths-magnetic-fields/167387/

Tucker, P. (2021, November 02). Quantum Sensor Breakthrough Paves Way For GPS-Free Navigation. Defense One. https://www.defenseone.com/technology/2021/11/quantum-sensor-breakthrough-paves-way-gps-free-navigation/186578/

Under Attack – Receiver Response to Spoofing: Robustness vs. Resilience. (2020, September 30). Inside GNSS. https://insidegnss.com/under-attack-receiver-response-to-spoofing-robustness-vs-resilience/

U.S. Coast Guard (USCG). (2022, Juny 22). AIS Requirements. USCG Navigation Center Web site. https://www.navcen.uscg.gov/ais-requirements

U.S. Coast Guard (USCG). (2021, April 22). Worldwide Navigational Warnings Service. Marine Safety Information Bulletin (MSIB 05-21). https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/MSIB/2021/MSIB_21-05_WorldwideNavigationalWarningsService.pdf

U.S. Department of Transportation. (2020, December 9). Virtual Workshop on GPS Jamming and Spoofing in the Maritime Environment. https://www.transportation.gov/pnt/agenda-virtual-workshop-gps-jamming-and-spoofing-maritime-environment

U.S. Government Accountability Office (GAO). (2021, May). TECHNOLOGY ASSESSMENT: Defense Navigation Capabilities — DOD is Developing Positioning, Navigation, and Timing Technologies to Complement GPS (GAO-21-320SP). https://www.gao.gov/assets/gao-21-320sp.pdf

U.S. Navy Ship Spoofed to Crimea. (2021, June 30). Resilient Navigation and Timing (RNT) Foundation blog. https://rntfnd.org/2021/06/30/u-s-navy-ship-spoofed-to-crimea/

Using AI to Enhance Navigational Safety. (2021, May 21). Vessel Performance Optimisation. https://vpoglobal.com/2021/05/21/using-ai-to-enhance-navigational-safety/

UT Radionavigation Lab. (2014, April 22). Spoofing on the High Seas [video]. The University of Texas at Austin. https://www.youtube.com/watch?v=oPAoys_v6wQ

UTNews. (2013, July 30). Spoofing a Superyacht at Sea. The University of Texas at Austin. https://news.utexas.edu/2013/07/30/spoofing-a-superyacht-at-sea

Vaughn, S., & Minichino, B. (2023, January 11). Encrypting Vessel ID Data Can Thwart Maritime Piracy. The Maritime Executive. https://maritime-executive.com/editorials/encrypting-vessel-id-data-can-thwart-maritime-piracy

Watson, J.R., & Woodill, A. J. (2019, October 15). Anticipating Illegal Maritime Activities from Anomalous Multiscale Fleet Behaviors. https://arxiv.org/pdf/1910.05424.pdf

Weise, E. (2017, October 3). Mysterious GPS Glitch Telling Ships They're Parked at Airport May be Anti-Drone Measure. USA TODAY. https://www.usatoday.com/story/tech/news/2017/09/26/gps-spoofing-makes-ships-russian-waters-think-theyre-land/703476001/

Weiss, M., Diamond, P., & Goward, D.A. (2020, October 16). A Resilient National Timing Architecture. RNT Foundation. https://rntfnd.org/wp-content/uploads/Resilient-National-Timing-Architecture-16-Oct-2020.pdf

Welch, H., Clavelle, T., White, T.D., Cimino1, M.A., Van Osdel, J., Hochberg, T., Kroodsma, D., & Hazen, E.L. (2022, November). Hot Spots of Unseen Fishing Vessels. Science Advances, 8(44). DOI: 10.1126/sciadv.abq2109

Westbrook, T. (2019). The Global Positioning System and Military Jamming: The Geographies of Electronic Warfare. Journal of Strategic Security, 12(2), 1-16. DOI: 10.5038/1944-0472.12.2.1720

Whiting, T. (2020, April 27). GPS Celebrates 25th Year of Operation. U.S. Space Force News. https://www.spaceforce.mil/News/Article/2166101/gps-celebrates-25th-year-of-operation

Wolfe, F. (2022, April 6). NTS-3 Experiment Offers Possibility of Adopting GPS/PNT Protection In Existing Production Lines. Defense Daily. https://www.defensedaily.com/nts-3-experiment-offers-possibility-of-adopting-gps-pnt-protection-in-existing-production-lines/space/

[Top of Section | Top of Page]
Chapter 7. Operational Technology and Autonomous Systems

Advancement for Autonomous Operations on Deep-Sea Ships. (2020, October 2). The Maritime Executive. https://www.maritime-executive.com/article/advancement-for-autonomous-operations-on-deep-sea-ships

Alaba, F.A., Othman, M., Hashem, I.A.T., & Alotaibi, F. (2017, June 15). Internet of Things Security: A Survey. Journal of Network and Computer Applications, 88, 10-28. DOI: 10.1016/j.jnca.2017.04.002

American Bureau of Shipping (ABS). (2021, July). Guide for Autonomous and Remote Control Functions. https://ww2.eagle.org/content/dam/eagle/rules-and-guides/current/other/323_gn_autonomous/autonomous-guide-july21.pdf

American Bureau of Shipping (ABS). (2022, February). Autonomous Vessels. ABS White Paper. Access link: https://absinfo.eagle.org/acton/media/16130/autonomous-vessels

Amirault, A., & Ferreira dos Santos, I. (2021). Securing Industrial Networks: What is ISA/IEC 62443? Cisco. https://www.cisco.com/c/en/us/td/docs/solutions/Verticals/IoT_Security_Lab/IEC62443_WP.pdf

Amro, A., & Gkioulos, V. (2022, Nove,ber). Cyber Risk Management for Autonomous Passenger Ships Using Threat-Informed Defense-in-Depth. International Journal of Information Security. DOI: 10.1007/s10207-022-00638-y

Anderson, M. (2020, January 3). Bon Voyage for the Autonomous Ship Mayflower. IEEE Spectrum. https://spectrum.ieee.org/energy/renewables/bon-voyage-for-the-autonomous-ship-mayflower

Ashcraft, J., Zafra, D.K., & Brubaker, N. (2020, March 23). Monitoring ICS Cyber Operation Tools and Software Exploit Modules to Anticipate Future Threats. FireEye Threat Research. https://www.fireeye.com/blog/threat-research/2020/03/monitoring-ics-cyber-operation-tools-and-software-exploit-modules.html

Ashraf, I., Park, Y., Hur, S., Kim, S.W., Alroobaea, R., Zikria, Y.B., & Nosheen, S. (2022, April 15). A Survey on Cyber Security Threats in IoT-Enabled Maritime Industry. IEEE Transactions on Intelligent Transportation Systems, 1-14. DOI: 10.1109/TITS.2022.3164678

Aslam, S., Michaelides, M.P., & Herodotou, H. (2020, May 8). Internet of Ships: A Survey on Architectures, Emerging Applications, and Challenges. IEEE Internet of Things Journal. DOI: 10.1109/JIOT.2020.2993411

Auto-Maskin. (n.d.). DCU 210E Engine Controller. https://www.auto-maskin.com/prod/dcu-210e

Auto-Maskin. (n.d.). RP 210E Remote Panel. https://www.auto-maskin.com/prod/rp-210e

Auto-Maskin. (2013, November 1). Marine Pro Observer. Similar Play. https://www.similarplay.com/automaskin/marine_pro_observer/apps/se.automaskin

Auto-Maskin. (2019). Marine Pro Observer. Apple App Store. https://apps.apple.com/cz/app/marine-pro-observer/id1462043697

Automatic Ferry Enters Regular Service Following World-First Crossing With Passengers Onboard. (2020, February 13). Kongsberg Maritime. https://www.kongsberg.com/maritime/about-us/news-and-media/news-archive/2020/first-adaptive-transit-on-bastofosen-vi/

Belfkih, A., Duvallet, C., & Sadeg, B. (2017, May). The Internet of Things For Smart Ports Application to the Port of Le Havre. In Proceedings of Intelligent Platform for Smart Port (IPaSPort) 2017, Normandie University, Le Havre, France (3-4 May 2017).

Berns, S., Vonck, I., Dickson, R., & Dragt, J. (2017). Smart Ports: Point of View. Deloitte Port Services. https://www2.deloitte.com/content/dam/Deloitte/nl/Documents/energy-resources/deloitte-nl-er-port-services-smart-ports.pdf

Bertino, E. & Islam, N. (2017, February). Botnets and Internet of Things Security. IEEE Computer Magazine, 50(2), 76-79. DOI: 10.1109/MC.2017.62

Billard, D. (2019). Investigation of an Alleged PLC Hacking on Sea Vessels. Journal of Physics, Conferenece Series, 1297. 5th International Scientific Conference SEA-CONF, 17–18 May 2019, Mircea cel Batran Naval Academy, Constanta, Romania. DOI: 10.1088/1742-6596/1297/1/012035

Blenkey, N. (2019, October 21). ABB, Keppel Cooperate on Autonomous Tug for Singapore Ops. MarineLog. https://www.marinelog.com/coastal/tugs-barges/abb-keppel-cooperate-on-autonomous-tug-for-singapore-ops/

Cable News Network (CNN). (2007, September 27). Staged Cyber Attack Reveals Vulnerability in Power Grid [video]. https://www.youtube.com/watch?v=fJyWngDco3g

Cantelli-Forti, A. (2018, June). Forensic Analysis of Industrial Critical Systems: The Costa Concordia's Voyage Data Recorder Case. In: Proceedings of the 2018 IEEE International Conference on Smart Computing (SMARTCOMP), 18-20 June, pp. 458–463. DOI: 10.1109/SMARTCOMP.2018.00046

Centre for Research in Cyber Security (iTrust). (2022, February 22). Guidelines for Cyber Risk Management in Shipboard Operational Technology Systems. Singapore University of Technology and Design (SUTD). https://itrust.sutd.edu.sg/wp-content/uploads/sites/3/2022/02/Guidelines-for-Cyber-Risk-Management-in-Shipboard-Operational-Technology-Systems-1st-Ed..pdf

CERT Coordination Center (CERT/CC). (2018, October 16). Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App, Vulnerability Note VU#176301. Carnegie Mellon University, Software Engineering Institute. https://www.kb.cert.org/vuls/id/176301

Chambers, S. (2018, May 23). Wilhelmsen Takes Next Step on Rapidly Evolving Digital Voyage. Splash247. https://splash247.com/wilhelmsen-takes-next-step-rapidly-evolving-digital-voyage/

Cimpanu, C. (2020, March 23). FireEye Warns About the Proliferation of Ready-Made ICS Hacking Tools. ZDNet. https://www.zdnet.com/article/fireeye-warns-about-the-proliferation-of-ready-made-ics-hacking-tools/

Cregge, K. (2023, March 2). Every Ship a SAG and the LUSV Imperative. CIMSEC. https://cimsec.org/every-ship-a-sag-and-the-lusv-imperative/

Cruise Ship Piloted Remotely During Sea Trials. (2020, May 21). SAFETY4SEA. https://safety4sea.com/cruise-ship-piloted-remotely-during-sea-trials/

Cusimano, J., Ayala, M., & Villano, G. (2020, November 10). Navigating Cybersecurity Challenges in Maritime Operational Technology. The Maritime Executive. https://maritime-executive.com/editorials/navigating-cybersecurity-challenges-in-maritime-operational-technology

Cybersecurity and Infrastructure Security Agency (CISA). (2020, July 23). Alert (AA20-205A): NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems. U.S. Department of Homeland Security (DHS). https://us-cert.cisa.gov/ncas/alerts/aa20-205a

Davis, R. & Inajima, T. (2021, August 31). First Autonomous Cargo Ship Faces Test With 236-Mile Voyage. gCaptain. https://gcaptain.com/first-autonomous-cargo-ship-faces-test-with-236-mile-voyage/

de Albuquerque, C.E.P., Machado, R.C.S., de Sá, A.O., & de Toledo, C.R.B. (2022, November). Bibliometric Analysis on Cyber-Attacks in Naval Sensors and Systems. In Proceedings of the 2022 IEEE International Workshop on Metrology for the Sea: Learning to Measure Sea Health Parameters (MetroSea), 3-5 October 2022, pp. 474-478. DOI: 10.1109/MetroSea55331.2022.9950939

Dow, M. (2020, August 31). Rise of Ransomware: Why OT is a Prime Target for Cybercriminals. Security. https://www.securitymagazine.com/articles/93197-rise-of-ransomware-why-ot-is-a-prime-target-for-cybercriminals

Dragos. (2017, December 13). TRISIS Malware: Analysis of Safety System Targeted Malware, version 1.20171213. https://dragos.com/wp-content/uploads/TRISIS-01.pdf

Ebert, C., & Dubey, A. (2019, May-June) Convergence of Enterprise IT and Embedded Systems. IEEE Software, 36(3), 92-97. DOI: 10.1109/MS.2019.2896508

Etherington, D. (2019, October 16). Autonomous "Mayflower" Research Ship Will Use IBM AI Tech to Cross the Atlantic in 2020. TechCrunch. https://techcrunch.com/2019/10/16/autonomous-mayflower-research-ship-will-use-ibm-ai-tech-to-cross-the-atlantic-in-2020/

Evans, D. (2011, April). The Internet of Things: How the Next Evolution of the Internet Is Changing Everything. Cisco Systems White Paper. https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf

Falco Makes World's First Autonomous Ferry Crossing. (2018, December 3). The Engineer. https://www.theengineer.co.uk/falco-autonomous-ferry-rolls-royce/

Federal Bureau of Investigation (FBI). (2017, October 17). Common Internet of Things Devices May Expose Consumers to Cyber Exploitation. Public Service Announcement Alert No. I-101717a-PSA. https://www.ic3.gov/media/2017/171017-1.aspx

Fehrm, B. (2018, November 14). Boeing's Automatic Trim for the 737 MAX was Not Disclosed to the Pilots. Leeham News. https://leehamnews.com/2018/11/14/boeings-automatic-trim-for-the-737-max-was-not-disclosed-to-the-pilots/

Felski, A.,& Zwolak, K. (2020, January 15). The Ocean-Going Autonomous Ship—Challenges and Threats. Journal of Marine Science and Engineering, 8(1), 41. DOI: 10.3390/jmse8010041

Feng, Z., Wu, X., Ma, L., & Ren, W. (2013). Toward Cyber-Physical Networks and Smartly Active Sensing IETM for Equipment Maintenance in Marine Ships. In Proceedings of IET International Conference on Information and Communications Technologies (IETICT 2013), 599-603. DOI: 10.1049/cp.2013.0107

Fenton, A.J., & Chapsos, I. (2022, December). Robot Boats: Use of Autonomous 'Ships' in Law Enforcement, Terrorism and Counter-Terrorism. NATO Maritime Interdiction Operational Training Centre (NMIOTC) Journal, (24), 12-17. https://nmiotc.nato.int/wp-content/uploads/2022/12/24-2022.pdf

Fleming, C., Elks, C., Bakirtzis, G., Adams, S.C., Carter, B., Beling, P.A., & Horowitz, B. (2020, November 29). Cyber-Physical Security Through Resiliency: A Systems-centric Approach. eprint arXiv:2011.14469. https://arxiv.org/abs/2011.14469v1

Furness, D. (2019, July 13). Autonomous Ships Are Coming, And We're Not Ready For Them. Digital Trends. https://www.digitaltrends.com/cool-tech/autonomous-ships-are-coming/

Galloway, B., & Hancke, G.P. (2013, Second Quarter). Introduction to Industrial Control Networks. IEEE Communications Surveys & Tutorials, 15(2), 860-880. DOI: 10.1109/SURV.2012.071812.00124

Green Ship of the Future. (2017, January 19). The Opportunity Space of 3D Print in the Maritime Industry. https://greenship.org/wp-content/uploads/2017/01/The-maritime-opportunity-space-of-3D-print.pdf

Greenberg, A. (2017, June 12). 'Crash Override': The Malware That Took Down a Power Grid. WIRED. https://www.wired.com/story/crash-override-malware/

Greenberg, A. (2019, November 28). A Notorious Iranian Hacking Crew is Targeting Industrial Control Systems. WIRED. https://www.wired.com/story/iran-apt33-industrial-control-systems/

Greenberg, A. (2019). Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers. New York: Doubleday.

Greenberg, A. (2022, April 13). Feds Uncover a 'Swiss Army Knife' for Hacking Industrial Control Systems. WIRED. https://www.wired.com/story/pipedream-ics-malware/

Gu, Y., Goez, J.C., Guajardo, M., & Wallace, S.W. (2021, July). Autonomous Vessels: State of the Art and Potential Opportunities in Logistics. International Transactions in Operational Research, 28(4), 1706-1739. DOI: 10.1111/itor.12785

Haun, E. (2020, May 11). Yara Birkeland Project Paused Due to COVID-19. MarineLink. https://www.marinelink.com/news/yara-birkeland-project-paused-due-covid-478386

Heilig, L., Schwarze, S., & Voß, S. (2017, January). An Analysis of Digital Transformation in the History and Future of Modern Ports. In Proceedings of the 50th Hawaii International Conference on System Sciences, pp. 1341-1350. https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1198&context=hicss-50

Hensen, H., de Jong, J., van der Laan, M., & Merkelbach, D. (2019, November 7). The Road Towards Autonomous Ship Handling with Tugs. SWZ Maritime. https://www.swzmaritime.nl/news/2019/07/11/the-road-towards-autonomous-ship-handling-with-tugs/

Horowitz, B.M. (2020, January-February). Cyberattack-Resilient Cyberphysical Systems. IEEE Security & Privacy, 18(1), 55-60. DOI: 10.1109/MSEC.2019.2947123

Humayed, A., Lin, J., Li, F., & Luo, B. (2017, December). Cyber-Physical Systems Security — A Survey. IEEE Internet of Things Journal, 4(6), 1802-1831. DOI: 10.1109/JIOT.2017.2703172

International Maritime Organization (IMO). (2016). International Convention on Standards of Training, Certification and Watchkeeping for Seafarers (STCW). https://www.imo.org/en/OurWork/HumanElement/Pages/STCW-Convention.aspx

Johansen, T.A., & Perez, T. (2016, June). Unmanned Aerial Surveillance System For Hazard Collision Avoidance In Autonomous Shipping. In Proceedings of 2016 International Conference on Unmanned Aircraft Systems (ICUAS), 7-10 June 2016 (Arlington, VA). DOI: 10.1109/ICUAS.2016.7502542

Kamolov, A., & Park, S.H. (2018). An IoT Based Smart Berthing (Parking) System for Vessels and Ports. In K. Kim and H. Kim (Eds.), Mobile and Wireless Technology 2018, ICMWT 2018, Lecture Notes in Electrical Engineering 513 (Singapore: Springer). DOI: 10.1007/978-981-13-1059-1_13

Karaś, A. (2020, March). Smart Port as a Key to the Future Development of Modern Ports. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 14(1), 27-31. DOI: 10.12716/1001.14.01.01

Karlis, T. (2018, January 29). Maritime Law Issues Related to the Operation of Unmanned Autonomous Cargo Ships. WMU Journal of Maritime Affairs, 17, 119–128. DOI: 10.1007/s13437-018-0135-6

Kavallieratos, G., Diamantopoulou, V., & Katsikas, S.K. (2020, October). Shipping 4.0: Security Requirements for the Cyber-Enabled Ship. IEEE Transactions on Industrial Informatics, 16(10), 6617–6625. DOI: 10.1109/TII.2020.2976840

Kavallieratos, G., & Katsikas, S. (2020, September 30). Managing Cyber Security Risks of the Cyber-Enabled Ship. Journal of Marine Science and Engineering, 8(10), 768. DOI: 10.3390/jmse8100768

Kavallieratos, G., Katsikas, S., & Gkioulos, V. (2019, January 31). Cyber-Attacks Against the Autonomous Ship. International Workshop on Security and Privacy Requirements Engineering (SECPRE) 2018, International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems (CyberICPS) 2018, Lecture Notes in Computer Science, 11387, 20-36. 10.1007/978-3-030-12786-2_2

Kehoe, A., & Cecotti, M. (2021, March 23). Multiple Destroyers Were Swarmed By Mysterious 'Drones' Off California Over Numerous Nights. The Ware Zone. https://www.thedrive.com/the-war-zone/39913/multiple-destroyers-were-swarmed-by-mysterious-drones-off-california-over-numerous-nights

Keppel Developing Autonomous Tugboat. (2019, April 10). Offshore. https://www.offshore-mag.com/rigs-vessels/article/16790823/keppel-developing-autonomous-tugboat

Klein, N., Guilfoyle, D., Karim, M.S., & McLaughlin, R. (2020, July 3). Maritime Autonomous Vehicles: New Frontiers in the Law of the Sea. International & Comparative Law Quarterly, 69(3), 719-734. DOI: 10.1017/S0020589320000226

Kobyliński, L. (2018, March). Smart Ships—Autonomous or Remote Controlled? Scientific Journals of the Maritime University of Szczecin, 53(125), 28-34. https://yadda.icm.edu.pl/baztech/element/bwmeta1.element.baztech-f98383e2-a4e3-4786-8c5a-2ad5117234c7/c/kobylinski_Smart_ships_53-2018.pdf

Kouicem, D.E., Bouabdallah, A., & Lakhlef, H. (2018, August 4). Internet of Things Security: A Top-Down Survey. Computer Networks, 141, 199-221. DOI: 10.1016/j.comnet.2018.03.012

Kumar, J.S., & Patel, D.R. (2014, March). A Survey on Internet of Things: Security and Privacy Issues. International Journal of Computer Applications, 90(11), 20-26. DOI: 10.5120/15764-4454

Kushner, D. (2013, March). The Real Story of Stuxnet. IEEE Spectrum, 50(3), 48-53. DOI: 10.1109/MSPEC.2013.6471059

Kuzmanić, I., Kulenović, Z., & Vujović, I. (2016). Contribution to Cross-Platform Programming in Integrated Ship's Systems. In Proceedings of 20th International Research/Expert Conference, Trends in the Development of Machinery and Associated Technology (TMT 2016), 24 September - 1 October, 2016), pp. 269-272. http://www.tmt.unze.ba/zbornik/TMT2016/068.pdf

Kygonahally, M. (2021, November 30). 5G + IoT = Opportunity. Forbes. https://www.forbes.com/sites/cognizant/2021/11/30/5g--iot--opportunity/?sh=69dfe2ed3df2

Latarche, M. (2020, February 13). Automatic Ferry First Claimed by Kongsberg. ShipInsight. https://shipinsight.com/articles/automatic-ferry-first-claimed-by-kongsberg

Lemieszewski, Ł., Radomska-Zalas, A., Perec, A., Dobryakova, L., & Ochin, E. (2021, February 7). GNSS and LNSS Positioning of Unmanned Transport Systems: The Brief Classification of Terrorist Attacks on USVs and UUVs. Electronics, 10(4), 401. DOI: 10.3390/electronics10040401

Levander, O. (2017, February). Autonomous Ships on the High Seas. IEEE Spectrum, 54(2), 26-31. DOI: 10.1109/MSPEC.2017.7833502

Li, Q. (2023, January 30). A Research on Autonomous Collision Avoidance under the Constraint of COLREGs. Sustainability, 15(3), 2446. DOI: 10.3390/su15032446

Marr, B. (2018, September 2). What is Industry 4.0? Here's A Super Easy Explanation For Anyone. Forbes. https://www.forbes.com/sites/bernardmarr/2018/09/02/what-is-industry-4-0-heres-a-super-easy-explanation-for-anyone/

Marr, B. (2019, June 5). The Incredible Autonomous Ships Of The Future: Run By Artificial Intelligence Rather Than A Crew. Forbes. https://www.forbes.com/sites/bernardmarr/2019/06/05/the-incredible-autonomous-ships-of-the-future-run-by-artificial-intelligence-rather-than-a-crew

MASSPorts initiative launched to develop autonomous shipping. (2020, August 6). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/6737-massports-initiative-launched-to-develop-autonomous-shipping

Matczak, M. (2013). Intelligent Container Terminals - ITS Solutions for Seaports. Archives of Transport System Telematics, 6(2), 35-40.

Mayger, J. (2019, October 10). Autonomous Shipping - Cyber Hazards Ahead. MarineLink. https://www.marinelink.com/news/autonomous-shipping-cyber-hazards-ahead-471587

Mayflower Autonomous Ship Completes Historic Atlantic Crossing. (2022, July 1). The Maritime Executive. https://www.maritime-executive.com/article/mayflower-autonomous-ship-completes-historic-atlantic-crossing

Meyers, J. (2022, Spring). COLREGS and Autonomous Surface Vessels. Proceedings of the USCG Marine Safety & Security Council, 79(1), 46-52. https://www.dco.uscg.mil/portals/9/DCO%20Documents/Proceedings%20Magazine/Archive/2022/Vol79_No1_Spr22.pdf?ver=dt8USTcoaX1ac8wzW7Q2ng%3d%3d

Ministry of Transport. (2019, March 10). Aircraft Accident Investigation Preliminary Report, Ethiopian Airlines Group B737-8 (MAX) Registered ET-AVJ, 28 NM South East of Addis Ababa, Bole International Airport, March 10, 2019. Report No. AI-01/19, Federal Democratic Republic of Ethiopia, Aircraft Accident Investigation Bureau. https://flightsafety.org/wp-content/uploads/2019/04/Preliminary-Report-B737-800MAX-ET-AVJ.pdf

Misas, J.P., Hopcraft, R., & Tam, K. (2022, November). Future of Maritime Autonomy: Cybersecurity, Trust and Mariner's Situational Awareness. Proceedings of International Ship Control Systems Symposium (iSCSS 2022), Netherlands. DOI: 10.5281/zenodo.7342111

MOL begins study on collision avoidance of autonomous ships. (2020, October 21). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/6876-mol-begins-study-on-collision-avoidance-of-autonomous-ships

Molavi, A., Lim, G.J., Race, B., & Shi, J. (2019). Smart Ports: The Future of Maritime Transportation. In Proceedings of THC-IT-2019 Conference & Exhibition. http://hurricane.egr.uh.edu/sites/hurricane.egr.uh.edu/files/files/2019/SMART-PORTS-THE-FUTURE-MARITIME.pdf

Müller, H.A. (2017, December). The Rise of Intelligent Cyber-Physical Systems. IEEE Computer Magazine, 50(12), 7-9. DOI: 10.1109/MC.2017.4451221

Munim, Z.H. (2019). Autonomous Ships: A Review, Innovative Applications and Future Maritime Business Models. Supply Chain Forum: An International Journal, 20(4), 266-279. DOI: 10.1080/16258312.2019.1631714

Munim, Z. H., & Haralambides, H. (2022, May). Advances in Maritime Autonomous Surface Ships (MASS) in Merchant Shipping. Maritime Economics & Logistics, 24(2), 181–188. DOI: 10.1057/s41278-022-00232-y

Muthukrishnan, V. (2020, January 14). SCADA System: What is it? (Supervisory Control and Data Acquisition). Electrical 4 U. https://www.electrical4u.com/scada-system/

Norton Rose Fulbright. (2020, July). The Collision Regulations and Autonomous Shipping. Shipping Law Insights blog. https://www.nortonrosefulbright.com/en/knowledge/publications/5fedab67/the-collision-regulations-and-autonomous-shipping

NYK to Participate in Crewless Maritime Autonomous Surface Ship Trial Project. (2020, June 15). NYK Line. https://www.nyk.com/english/news/2020/20200615_01.html

O'Donnell, L. (2020, March 11). More Than Half of IoT Devices Vulnerable to Severe Attack. Threatpost. https://threatpost.com/half-iot-devices-vulnerable-severe-attacks/153609/

O'Dwyer, R. (2019, June 13). Automated Mooring System Chosen for Autonomous Container System. Smart Maritime Network. https://smartmaritimenetwork.com/2019/06/13/automated-mooring-system-chosen-for-autonomous-container-ship/

O'Rourke, R. (2021, October 20). Navy Large Unmanned Surface and Undersea Vehicles: Background and Issues for Congress. Congressional Research Service, Report R45757. https://sgp.fas.org/crs/weapons/R45757.pdf

Ocean of Things (OoT). (n.d.). Defense Advanced Research Projects Agency (DARPA), U.S. Department of Defense (DOD). https://oceanofthings.darpa.mil/

Ong, P. (2021, August 30). Update on the U.S. Navy's MUSV and LUSV Programs. NAVALNEWS. https://www.navalnews.com/naval-news/2021/08/update-on-the-u-s-navys-musv-and-lusv-programs/

Optimising Ship Inspections With Autonomous Drones. (2020, January 24). Vessel Performance Optimisation. https://vpoglobal.com/2020/01/24/optimising-ship-inspections-with-autonomous-drones/

Oruc, A. (2022, January 4). Potential Cyber Threats, Vulnerabilities, and Protections of Unmanned Vehicles. Drone Systems and Applications. DOI: 10.1139/juvs-2021-0022

Ovcina, J. (2020, May 22). De Hoop Conducts Remotely-Operated Sea Trials for Silver Origin. Offshore Energy. https://www.offshore-energy.biz/de-hoop-conducts-remotely-operated-sea-trials-for-silver-origin/

Palmejar, E., & Chubb, N. (2022, May). THE LEARNING CURVE: The State of Artificial Intelligence in Maritime. Thetius/Lloyd's Register. https://www.lr.org/en/mps/digital-transformation-with-ai/

Phaneuf, B. (2019, October 16). Mayflower: How I Came to Build an Autonomous Ship to Cross the Atlantic. IBM. https://www.ibm.com/blogs/think/2019/10/rethinking-the-mayflower/

Phaneuf, B., & Spicer, R.A. (2020, August 23). Meet the 'Mayflower': Sailing Into A New World, All Over Again. Defense One. https://www.defenseone.com/ideas/2020/08/meet-mayflower-sailing-new-world-all-over-again/167905/

Porathe, T. (2019). Safety of Autonomous Shipping: COLREGS and Interaction Between Manned and Unmanned Ships. In M. Beer & E. Zio (Eds.), Proceedings of the 29th European Safety and Reliability Conference, pp. 4146-4153. https://www.sintef.no/globalassets/project/hfc/sarepta/porathe-final2.pdf/

Progoulakis, I., Rohmeyer, P., & Nikitakos, N. (2021, December 5). Cyber Physical Systems Security for Maritime Assets. Journal of Marine Science and Engineering, 9(12), 1384. DOI: 10.3390/jmse9121384

Rivkin, B.S. (2021, January). Unmanned Ships: Navigation and More. Gyroscopy and Navigation, 12(1), 96-108. DOI: 10.1134/S2075108721010090

Roberts, C. (2018, August). Welcome to 2018 Full Speed to the Edge of the Abyss [video]. DEF CON 26 SE Village. https://www.youtube.com/watch?v=YAuRghpZyto [NOTE: "Shipping" starts at 42:52]

Rødseth, Ø.J. (2017). From Concept to Reality: Unmanned Merchant Ship Research in Norway. In Proceedings of 2017 IEEE Underwater Technology (UT), 21-24 February 2017, Busan, S. Korea. DOI: 10.1109/UT.2017.7890328

Russia Moving Forward with Autonomous Navigation on Commercial Vessels. (2020, December 11). The Maritime Executive. https://www.maritime-executive.com/article/russia-moving-forward-with-autonomous-navigation-on-commercial-vessels

SAE International. (2018, June 15). Taxonomy and Definitions for Terms Related to Driving Automation Systems for On-Road Motor Vehicles. SAE Standard J3016_201806. https://www.sae.org/standards/content/j3016_201401/

Saul, J. (2021, July 28). The Pool Of Ship Officers Is Running Dry. https://gcaptain.com/the-pool-of-ship-officers-is-running-dry/

Schuler, M. (2021, July 15). Navy's Second 'Ghost Fleet' Unmanned Ship Makes Long-Range Transit from Gulf to West Coast. gCaptain. https://gcaptain.com/navy-ghost-fleet-unmanned-ship-makes-second-long-range-trip/?subscriber=true&goal=0_f50174ef03-a31fbc4401-170367962&mc_cid=a31fbc4401&mc_eid=f9a51576ea

Schuler, M. (2021, November 19). Yara Debuts Yara Birkeland, the World's First Autonomous and Emission-Free Containership. gCaptain. https://gcaptain.com/yara-birkeland-worlds-first-autonomous-zero-emission-ship/

Schuler, M. (2022, January 18). Japan Tests Autonomous Navigation Using Large Ferry. gCaptain. https://gcaptain.com/japan-tests-autonomous-navigation-using-large-ferry/?subscriber=true&goal=0_f50174ef03-857ce0fa1c-170367962&mc_cid=857ce0fa1c&mc_eid=f9a51576ea

Schuler, M. (2022, August 1). Future 'USNS Apalachicola' Could Become the Navy's First Autonomous Ship. gCaptain. https://gcaptain.com/future-usns-apalachicola-could-become-the-navys-first-autonomous-ship/

Scott, C. (2018, December 27). Why the Maritime Industry Should Embrace 3D Printing for Spare Parts. 3DPrint.com. https://3dprint.com/232678/why-the-maritime-industry-should-embrace-3d-printing/

Scully, P. (2018). The Top 10 IoT Segments in 2018 - Based on 1,600 Real IoT Projects. IoT Analytics. https://iot-analytics.com/top-10-iot-segments-2018-real-iot-projects/

Seals, T. (2021, September 6). IoT Attacks Skyrocket, Doubling in 6 Months. threatpost. https://threatpost.com/iot-attacks-doubling/169224/

Sells, P. (2022, October 4). Digitalization: Maritime's Secret Weapon. The Maritime Executive. https://www.maritime-executive.com/editorials/digitalization-maritime-s-secret-weapon

Serpanos, D. (2018, March). The Cyber-Physical Systems Revolution. IEEE Computer Magazine, 51(3), 70-73. DOI: 10.1109/MC.2018.1731058

Shippipedia. (n.d.). Ship Automation & Control System. http://www.shippipedia.com/ship-automation-control-system/

Singapore Launches First Drone Technology Test Bed. (2021, April 22). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/7259-singapore-launches-first-drone-technology-test-bed

Sivaranjith. (2019, August 20). PLC vs. DCS, Difference Between PLC and DCS. AutomationForum.co. https://automationforum.co/what-are-difference-between-plc-labview-and-dcs/

Skredderberget, A. (2018, March 14). The First Ever Zero Emission, Autonomous Ship. Yara. https://www.yara.com/knowledge-grows/game-changer-for-the-environment/

Smart Cows and Tips for Designing Mission-Critical IoT Products. (2020). Keysight Technologies. https://www.keysight.com/us/en/assets/7018-06276/white-papers/5992-3206.pdf

Statista. (2019, November 14). Internet of Things - Number of Connected Devices Worldwide, 2015-2025. https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/

Stone, M. (2022, July 26). U.S. Navy Seeks to Boost Fleet of Large Unmanned Ships. gCaptain. https://gcaptain.com/u-s-navy-seeks-to-boost-fleet-of-large-unmanned-ships

Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., & Hahn, A. (2015, May). Guide to Industrial Control Systems (ICS) Security, rev. 2. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-82, U.S. Department of Commerce. DOI: 10.6028/NIST.SP.800-82r2

Tam, K., & Jones, K. (2018). Cyber-Risk Assessment for Autonomous Ships. In Proceedings of 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), 11-12 June 2018. DOI: 10.1109/CyberSecPODS.2018.8560690

Taylor, I. (2020, June 15). Asia Pacific: Mitsubishi and Shin Nihonkai Ferry Partnering on Autonomous Ship Project. Bunkerspot. https://www.bunkerspot.com/asia/50718-asia-pacific-mitsubishi-and-shin-nihonkai-ferry-partnering-on-autonomous-ship-project

tpgroup's Autonomous Navigation System Completes Sea Trials. (2020, December 22). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/7018-tpgroup-s-autonomous-navigation-system-completes-sea-trials

Toulas, B. (2021, December 22). Honeypot Experiment Reveals What Hackers Want From IoT Devices. BleepingComputer. https://www.bleepingcomputer.com/news/security/honeypot-experiment-reveals-what-hackers-want-from-iot-devices/

Tusher, H.M., Munim, Z.H., Notteboom, T.E., Kim, T.-E., & Nazir, S. (2022, January 26). Cyber Security Risk Assessment in Autonomous Shipping. Maritime Economics & Logistics, Special Issue - Autonomous Shipping. DOI: 10.1057/s41278-022-00214-0

Urciuoli, L. (2018). An Algorithm for Improved ETAs Estimations and Potential Impacts on Supply Chain Decision Making. Procedia Manufacturing, 25, 185-193. DOI: 10.1016/j.promfg.2018.06.073

US-CERT. (2017, July 25). CRASHOVERRIDE Malware, ICS Alert (ICS-ALERT-17-206-01). Cybersecurity & Infrastructure Security Agency (CISA), U.S, Department of Homeland Security (DHS). https://www.us-cert.gov/ics/alerts/ICS-ALERT-17-206-01

U.S. Coast Guard (USCG). (2012, May 31). Navigation Rules: International—Inland (72 COLREGS), COMDTINST M16672.2D. U.S. Department of Homeland Security. https://www.navcen.uscg.gov/pdf/navRules/navrules.pdf

U.S. Department of Homeland Security (DHS). (2017, September 14). Emerging Systems at Automated Container Terminals. Operational Analysis Division, National Protection and Programs Directorate, Office of Cyber and Infrastructure Analysis (OCIA).

van Dokkum, K. (2020). Ship Knowledge: Ship Design, Construction and Operation, 10th ed. Vlissingen, The Netherlands: Dokmar Maritime Publishers BV.

van Opstall, E. (2018, September 10). SmartPort: Research and Development for the Port of Rotterdam. Innovation News Network. https://www.innovationnewsnetwork.com/smartport-port-of-rotterdam/452/

Venables, M. (2022, September 2). Pathway to Autonomy. The Maritime Executive. https://maritime-executive.com/magazine/pathway-to-autonomy

Walker, J. (2019, November 22). Autonomous Ships Timeline—Comparing Rolls-Royce, Kongsberg, Yara and More. Emerj. https://www.techemergence.com/autonomous-ships-timeline/

Waltman, C. (2016, November 14). Aurora: Homeland Security's Secret Project to Change How We Think About Cybersecurity. Muckrock. https://www.muckrock.com/news/archives/2016/nov/14/aurora-generator-test-homeland-security/

Weiser, M. (1991, March). The Computer for the 21st Century. Scientific American, 265(3), 94-104. https://www.lri.fr/~mbl/Stanford/CS477/papers/Weiser-SciAm.pdf

Wilhelmsen. (n.d.) Intelligent Mooring with Timm Smart Ropes. https://www.wilhelmsen.com/marine-products/ropes/intelligent-mooring-with-timm-smart-ropes/

Williamson, G. (2015, July 7). OT, ICS, SCADA - What's the Difference? KuppingerCole Analysts. https://www.kuppingercole.com/blog/williamson/ot-ics-scada-whats-the-difference

Wortmann, F., & Flüchter, K. (2015, June). Internet of Things. Business & Information Systems Engineering, 57(3), 221-224. DOI: 10.1007/s12599-015-0383-3

Xia, F., Yang, L.T., Wang, L., & Vinel, A. (2012). Internet of Things. International Journal of Communication Systems, 25, 1101-1102. DOI: 0.1002/dac.2417

Yang, T., Feng, H., Yang, C., Sun, Z., Yang, J., Sun, F., Deng, R., & Su, Z. (2016). Cooperative Networking Towards Maritime Cyber Physical Systems. International Journal of Distributed Sensor Networks, 2016, article id 3906549. DOI: 10.1155/2016/3906549

Yang, Y., Zhong, M., Yao, H., Yu, F., Fu, X., & Postolache, O. (2018, February). Internet of Things for Smart Ports: Technologies and Challenges. IEEE Instrumentation & Measurement Magazine, 21(1), 34-43. DOI: 10.1109/MIM.2018.8278808

Zetter, K. (2014). Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon. New York: Crown.

Zetter, K. (2014, November 3). An Unprecedented Look at Stuxnet, the World's First Digital Weapon. WIRED. https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/

Zhang, X., Wang, C., Jiang, L., An, L., & Yang, R. (2021, September 1). Collision-avoidance Navigation Systems for Maritime Autonomous Surface Ships: A State of the Art Survey. Ocean Engineering, 235, 109380. DOI: 10.1016/j.oceaneng.2021.109380

Zhou, X.-Y., Liu, Z.-J., Wang, F.-W., & Wu, Z.-L. (2021, February). A System-Theoretic Approach to Safety and Security Co-Analysis of Autonomous Ships. Ocean Engineering, 222, 108569. DOI: 10.1016/j.oceaneng.2021.108569

[Top of Section | Top of Page]
Chapter 8. Strategies for Maritime Cyberdefense

American Bureau of Shipping (ABS). (2016). Cybersecurity: Guidance Notes for the Marine & Offshore Industries. https://ww2.eagle.org/content/dam/eagle/publications/brochures/Cybersecurity_16053.pdf

American Bureau of Shipping (ABS). (2016, September). ABS CyberSafety™ Volume 1: Guidance Notes on The Application of Cybersecurity Principles to Marine and Offshore Operations. https://ww2.eagle.org/content/dam/eagle/rules-and-guides/current/other/250_cybersafetyV1/CyberSafety_V1_Cybersecurity_GN_e.pdf

American Bureau of Shipping (ABS). (2016, September). ABS CyberSafety™ Volume 3: Guidance Notes on Data Integrity for Marine and Offshore Operations. https://ww2.eagle.org/content/dam/eagle/rules-and-guides/current/other/252_cybersafetyV3/CyberSafety_V3_Data_Integrity_GN_e.pdf

American Bureau of Shipping (ABS). (2016, September). ABS CyberSafety™ Volume 4: Guide for Software Systems Verification. https://ww2.eagle.org/content/dam/eagle/rules-and-guides/current/other/253_cybersafetyV4/CyberSafety_V4_SSV_Guide_e.pdf

American Bureau of Shipping (ABS). (2016, September). ABS CyberSafety™ Volume 5: Guidance Notes on Software Provider Conformity Program. https://ww2.eagle.org/content/dam/eagle/rules-and-guides/current/other/254_cybersafetyV5/CyberSafety_V5_SPCP_GN_e.pdf

Anaesoronye, M. (2022, September 14). Insurers See Shipping Face More Cyber threats Despite Long-term Safety Trends. BusinessDay. https://businessday.ng/insurance/article/insurers-see-shipping-face-more-cyber-threats-despite-long-term-safety-trends/

Arampatzis, A. (2020, August 2). The Biggest Challenges and Best Practices to Mitigate Risks in Maritime Cybersecurity. Tripwire. https://www.tripwire.com/state-of-security/security-data-protection/biggest-challenges-best-practices-mitigate-risks-maritime-cybersecurity/

Ault, R. (2022, February). The Coast Guard Needs Stronger Policy to Prevent Maritime Cyber-Attacks. Proceedings of the U.S. Naval Institute, 148(2). https://www.usni.org/magazines/proceedings/2022/february/coast-guard-needs-stronger-policy-prevent-maritime-cyber

Bacasdoon, J., & Bolmsten, J. (2022, June). A Multiple Case Study of METI Cybersecurity Education and Training: A Basis for the Development of a Guiding Framework for Educational Approaches. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 16(2), 319-334. DOI: 10.12716/1001.16.02.15

Bernsen, D.S. (2022, January). Navy Cryptologic Warfare Officers Cannot Do Cyber. Proceedings of the U.S. Naval Institute, 148(1). https://www.usni.org/magazines/proceedings/2022/january/navy-cryptologic-warfare-officers-cannot-do-cyber

Bernsen, D. (2022, August). The Navy Needs a Cyber Course Correction. Proceedings of the U.S. Naval Institute, 148(8). https://www.usni.org/magazines/proceedings/2022/august/navy-needs-cyber-course-correction

BIMCO et al. (2022). Cyber Security Workbook for On Board Ship Use, 3/e. Witherbys. https://www.bimco.org/about-us-and-our-members/publications/cyber-security-workbook

BIMCO et al. (2020, December 21). The Guidelines on Cyber Security Onboard Ships, version 4. https://www.bimco.org/-/media/bimco/about-us-and-our-members/publications/ebooks/guidelines-on-cyber-security-onboard-ships-v4.ashx

BIMCO to Add Cyber Security Clause to Contracts. (2018, November 27). Digital Ship. https://thedigitalship.com/news/maritime-satellite-communications/item/5771-bimco-to-add-cyber-security-clause-to-contracts

Bureau Veritas Group (BVG). (2018, March 13). Cyber Safety, Security and Autonomous Shipping Addressed With New Bureau Veritas Notations and Guidelines. https://group.bureauveritas.com/cyber-safety-security-and-autonomous-shipping-addressed-new-bureau-veritas-notations-and-guidelines

Bureau Veritas Group (BVG). (2018,July). Cybersecurity Requirements for Products to be Installed On-Board Naval Ships. Rule Note NR 642 DT R00 E. https://erules.veristar.com/dy/data/bv/pdf/642-NR_2018-07.pdf

Bureau Veritas Group (BVG). (2019, October). Guidelines for Autonomous Shipping. Guidance Note NI 641. http://erules.veristar.com/dy/data/bv/pdf/641-NI_2019-10.pdf

Bureau Veritas Group (BVG). (2020, September). Rules on Cyber Security for the Classification of Marine Units. Rule Note NR 659 DT R01. https://erules.veristar.com/dy/data/bv/pdf/659-NR_2020-09.pdf

Chambers, S. (2018, January 15). 69% of Danish Shipowners Hit by Cyber Crime in the Past Year. Splash247. https://splash247.com/69-danish-shipowners-hit-cyber-crime-past-year/

Chubb, N., Finn, P., & Ng, D. (2022, March). The Great Disconect. Thetius - HFW - Cyberowl. https://www.maritimelondon.com/wp-content/uploads/2022/03/Thetius-HFW-CyberOwl-Great-Disconnect-Cyber-Risk-Management-Report.pdf

Demchak, C.C., & Thomas, M.L. (2021, October 15). Can't Sail Away from Cyber Attacks: 'Sea-Hacking' from Land. War on the Rocks. https://warontherocks.com/2021/10/cant-sail-away-from-cyber-attacks-sea-hacking-from-land/

Dobiáš, P. (2022, June). Insurance of Cyber Risks in International Transport. Masaryk University Journal of Law and Technology, 16(1): 3-36. DOI: 10.5817/MUJLT2022-1-1

Erstad, E., Hopcraft, R., Harish, A.V., & Tam, K. (2023, March 13). A Human-Centred Design Approach for the Development and Conducting of Maritime Cyber Resilience Training. WMU Journal of Maritime Affairs. https://link.springer.com/article/10.1007/s13437-023-00304-7

Erstad, E., Ostnes, R., & Lund, M.S. (2021, March). An Operational Approach to Maritime Cyber Resilience. TransNav: The International Journal on Marine Navigation and Safety of Sea Transportation, 15(1). DOI: 10.12716/1001.15.01.01

European Union Agency for Cybersecurity (ENISA). (2011, December 19). Analysis of Cyber Security Aspects in the Maritime Sector. https://www.enisa.europa.eu/publications/cyber-security-aspects-in-the-maritime-sector-1/at_download/fullReport

European Union Agency for Cybersecurity (ENISA). (2019, November). Port Cybersecurity. https://www.enisa.europa.eu/publications/port-cybersecurity-good-practices-for-cybersecurity-in-the-maritime-sector

Eversden, A. (2020, June 30). The Navy Aims to Install Cyber Baselines Aboard 180 Ships. DefenseNews. https://www.defensenews.com/battlefield-tech/it-networks/2020/06/30/the-navy-aims-to-install-cyber-baselines-aboard-180-ships/

Green, E.H., Carr, E.W., Winebrake, J.J., & Corbett, J.J. (2020, June). Blockchain Technology and Maritime Shipping: A Primer. U.S. Maritime Administration. https://www.maritime.dot.gov/sites/marad.dot.gov/files/2020-07/MARAD%20Blockchain%20Final%20Primer%20%2820200622%29.pdf

Grobarcik, D., Loomis, W., Poznansky, M., & Smith, F. (2022, December). Wargaming to Find a Safe Port in a Cyber Storm. Atlantic Council Issue Brief. https://www.atlanticcouncil.org/wp-content/uploads/2022/12/Wargaming-to-find-a-safe-port-in-a-cyber-storm.pdf

Heckman, M.R., McCready, J., Mayhew, D., & Callahan, W.L. (2018, October). Chapter 32: Toward a Maritime Cyber Security Compliance Regime. Paper presented at the SNAME Maritime Convention, Providence, Rhode Island, USA, October 2018. https://www.mrheckman.com/yahoo_site_admin/assets/docs/Issues_in_Maritime_Cyber_Security_Manuscript_CH_32-mh20170323.146124839.pdf

Heering, D., Maennel, O.M., & Venables, A.N. (2021, July). Shortcomings in Cybersecurity Education for Seafarers. In: C.G. Soares & T.A. Santos (eds.), Developments in Maritime Technology and Engineering, Vol. 1. CRC Press. DOI: 10.1201/9781003216582-6

HM Government. (2022, August). National Strategy for Maritime Security. Presented to Parliament by the Secretary of State for Transport by Command of Her Majesty. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1098583/national-strategy-for-maritime-security-web-version.pdf

Hopcraft, R., Tam, K., Misas, J.D.P., Moara-Nkwe, K., & Jones, K. (2023, January-March). Developing a Maritime Cyber Safety Culture: Improving Safety of Operations. Maritime Technology and Research, 5(1): 258750. DOI: 10.33175/mtr.2023.258750

IHS Markit. (2017, October 26). Maritime Cybersecurity Survey [Webinar]. Fairplay and BIMCO.

IHS Markit. (2018, October 11). Maritime Cybersecurity Survey [Webinar]. Fairplay, BIMCO, and ABS.

Ikeda, S. (2022, February 3). "Cyber War" Exception Struck Down in Merck’s Battle With Insurance Company Over NotPetya Attack. CPO Magazine. https://www.cpomagazine.com/cyber-security/cyber-war-exception-struck-down-in-mercks-battle-with-insurance-company-over-notpetya-attack/

Institution of Engineering and Technology (IET). (2017). Code of Practice: Cyber Security for Ships. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/642598/cyber-security-code-of-practice-for-ships.pdf

Institution of Engineering and Technology (IET). (2020). Good Practice Guide: Cyber Security for Ports and Port Systems. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/859925/cyber-security-for-ports-and-port-systems-code-of-practice.pdf

International Association of Classification Societies (IACS). (2010, September). On Board Use and Application of Programmable Electronic Systems. IACS Requirement E22/2006, Revision 1, 2010. http://www.iacs.org.uk/media/2055/ur_e22_rev1_pdf1391.pdf

International Association of Classification Societies (IACS). (2022, April). Recommendation on Cyber Resilience. IACS Recommendation No. 166, correction 2. https://www.iacs.org.uk/download/10714

International Association of Classification Societies (IACS). (2022, April). Cyber Resilience of On-board Systems and Equipment. IACS Unified Requirements (UR) E27. https://iacs.org.uk/download/14105

International Association of Classification Societies (IACS). (2022, April). Cyber Resilience of Ships. IACS Unified Requirements (UR) E26. https://iacs.org.uk/download/14104

International Maritime Organization (IMO). (2017, June 16). Maritime Cyber Risk Management in Safety Management Systems. Resolution MSC.428(98). https://wwwcdn.imo.org/localresources/en/KnowledgeCentre/IndexofIMOResolutions/MSCResolutions/MSC.428(98).pdf

International Maritime Organization (IMO). (2017, July 5). Guidelines on Maritime Cyber Risk Management. MSC-FAL.1/Circ.3. https://wwwcdn.imo.org/localresources/en/OurWork/Security/Documents/MSC-FAL.1-Circ.3%20-%20Guidelines%20On%20Maritime%20Cyber%20Risk%20Management%20(Secretariat).pdf

International Maritime Organization (IMO). (2018, May 25). IMO Takes First Steps to Address Autonomous Ships. http://www.imo.org/en/MediaCentre/PressBriefings/Pages/08-MSC-99-MASS-scoping.aspx

Jacq, O., Boudvin, X., Brosset, D., Kermarrec, Y., & Simonin, J. (2018, October). Detecting and Hunting Cyberthreats in a Maritime Environment: Specification and Experimentation of a Maritime Cybersecurity Operations Centre. In Proceedings of the 2018 2nd Cyber Security in Networking Conference (CSNet), October 24-26, 2018, Paris, France. DOI: 10.1109/CSNET.2018.8602669

Jones, A., Koehler, S., Jerge, M., Graves, M., King, B., Dalrymple, R., Freese, C., & Von Albade, J. (2023, february 22). BATMAN: A Brain-like Approach for Tracking Maritime Activity and Nuance. Sensors23(5), 2424. DOI: 10.3390/s23052424
Jones Walker. (2018, October 24). Jones Walker LLP Releases Inaugural Maritime Cybersecurity Survey. https://www.joneswalker.com/insights/jones-walker-llp-releases-inaugural-maritime-cybersecurity-survey.html

Karamperidis, S., Kapalidis, C., & Watson, T. (2021, November 23). Maritime Cyber Security: A Global Challenge Tackled Through Distinct Regional Approaches. Journal of Marine Science and Engineering, 9(12), 1323. DOI: 10.3390/jmse9121323

Larsen, M.H., & Lund, M.S. (2021, October 25). Cyber Risk Perception in the Maritime Domain: A Systematic Literature Review. IEEE Access, 9, 144895-144905. DOI: 10.1109/ACCESS.2021.3122433

Kessler, G.C. (2018, October 12). Cybersecurity and the "Return on Negligence." The Maritime Executive. https://www.maritime-executive.com/editorials/cybersecurity-and-the-return-on-negligence

Kessler, G.C., Craiger, J.P., & Haass, J.C. (2018, September). A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 12(3), 429-437. DOI: 10.12716/1001.12.03.01

Kinghorn, G. (2022, April 5). Addressing Cybersecurity Readiness for the Global Shipping Industry. Security Boulevard. https://securityboulevard.com/2022/04/addressing-cybersecurity-readiness-for-the-global-shipping-industry/

Kollars, N., Tangredi, S.J., & Demchak, C.C. (2021, February 4). The Cyber Maritime Environment: A Shared Critical Infrastructure and Trump's Maritime Cyber Security Plan. War on the Rocks. https://warontherocks.com/2021/02/the-cyber-maritime-environment-a-shared-critical-infrastructure-and-trumps-maritime-cyber-security-plan/

Laso, P.M., Salmon, L., Bozhilova, M., Ivanov, I., Stoianov, N., Velev, G., Claramunt, C., & Yanakiev, Y. (2021, October 29). ISOLA: An Innovative Approach to Cyber Threat Detection in Cruise Shipping. In: Á. Rocha, C.H. Fajardo-Toro, & J.M.R. Rodríguez, J.M.R. (eds), Developments and Advances in Defense and Security. Smart Innovation, Systems and Technologies, vol 255. Springer, Singapore. DOI: 10.1007/978-981-16-4884-7_7

Livingstone, C. (2023, February 23). The Evolution of Class: From Lloyd's Coffee House to Modern Expertise. The Maritime Executive. https://www.maritime-executive.com/editorials/the-evolution-of-class-from-lloyd-s-coffee-house-to-modern-expertise

McNally, M. (2021, January 7). IMO2021, Not Just an IT Concern. MarineLink. https://www.marinelink.com/news/imo-not-concern-484360

McSorley, B., & Harding, E. (2021, Dceember 1). Need a Role Model for Shared Cyber Incident Response? Look to the Coast Guard. Defense360. https://defense360.csis.org/need-a-role-model-for-shared-cyber-incident-response-look-to-the-coast-guard/

Meadors, T.B., & Kessler, G.C. (2023, January 25). Improving the Speed of Cyberdefense: Seven Key Metrics. The Maritime Executive.. https://www.maritime-executive.com/editorials/improving-the-speed-of-cyberdefense-seven-key-metrics-to-know

Mishra, B. (2020, July 20). ClassNK Releases Guidelines for Designing Cyber Security Onboard Ships. Sea News. https://seanews.co.uk/security/cyber-security/classnk-releases-guidelines-for-designing-cyber-security-onboard-ships/

Naraine, R. (2021, December 22). Research: Simulated Phishing Tests Make Organizations Less Secure. SecurityWeek. https://www.securityweek.com/research-simulated-phishing-tests-make-organizations-less-secure

National Institute of Standards and Technology (NIST). (n.d.). Cybersecurity Framework Web site. https://www.nist.gov/cyberframework

National Institute of Standards and Technology (NIST). (n.d.). SP-800 Series Documents. Computer Security Resource Center. https://csrc.nist.gov/publications/sp800

National Institute of Standards and Technology (NIST). (2018, April 16). Framework for Improving Critical Infrastructure Cybersecurity, version 1.1. U.S. Department of Commerce. DOI: 10.6028/NIST.CSWP.04162018

New ASTM International Standard Aims to Reduce Maritime Cyber Risk. (2020, July 30). The Maritime Executive. https://www.maritime-executive.com/corporate/new-astm-international-standard-aims-to-reduce-maritime-cyber-risk

Petta, M.C. (2021, January 10). The IMO 2021 Cyber Guidelines and the Need to Secure Seaports. Maritime Executive. https://maritime-executive.com/editorials/the-imo-2021-cyber-guidelines-and-the-need-to-secure-seaports

Potamos, G., Peratikou, A., & Stavrou, S. (2021). Towards a Maritime Cyber Range Training Environment. In Proceedings of 2021 IEEE International Conference on Cyber Security and Resilience (CSR), July 26-28, 2021, Rhodes, Greece. DOI: 10.1109/CSR51186.2021.9527904

Pratson, L.F. (2023). Assessing Impacts to Maritime Shipping From Marine Chokepoint Closures. Communications in Transportation Research, 3(2023). DOI: 10.1016/j.commtr.2022.100083

Pseftelis, T., & Chondrokoukis, G. (2021). A Study about the Role of the Human Factor in Maritime Cybersecurity. SPOUDAI Journal of Economics and Business, 71(1–2), 55–72. https://spoudai.unipi.gr/index.php/spoudai/article/download/2887/2724

Reva, D. (2020, October). Maritime Cyber Security: Getting Africa Ready. Institute for Security Studies, Africa Report 29. https://issafrica.s3.amazonaws.com/site/uploads/ar-29.pdf

SecurityScorecard. (2021, December). Proactive Security Measures for Global Maritime Shipping. https://securityscorecard.com/resources/maritime-shipping

Staples, Z., & Sullivan, M. (2018, January 22). Cyberphysical Forensics: Lessons from the USS John S. McCain Collision. CIMSEC. https://cimsec.org/cyberphysical-forensics-lessons-from-the-uss-john-s-mccain-collision/

Snyder, J. (2020, May 19). New LNG Carrier "Cyber Secure by Design." Riviera. https://www.rivieramm.com/news-content-hub/new-lng-carrier-lsquocyber-secure-by-designrsquo-59456

Steady as She Goes: Three Expectations for the U.S Coast Guard Under the Biden Administration. (2021, January 8). gCaptain. https://gcaptain.com/expectations-for-us-coast-guard-under-biden-administration/

Stegmann, M. (2022, April 15). Cyber Warfare: How to Empower Your Defense Strategy With Threat Intelligence. Security Magazine. https://www.securitymagazine.com/articles/97432-cyber-warfare-how-to-empower-your-defense-strategy-with-threat-intelligence

Tam, K., & Jones, K. (2018). Cyber-Risk Assessment for Autonomous Ships. In Proceedings of 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), June 11-12, 2018. DOI: 10.1109/CyberSecPODS.2018.8560690

Tam, K., & Jones, K.D. (2018, August 29). Maritime Cybersecurity Policy: The Scope and Impact of Evolving Technology on International Shipping. Journal of Cyber Policy, 3(2), 147-164. DOI: 10.1080/23738871.2018.1513053

The Clock is Ticking for Compliance With IMO's 2021 Cyber Security Regulations. (2020, November 12). Lloyd's Register. https://www.lr.org/en/insights/articles/imo-cyber-secuity-regulation-compliance/

U.S. Coast Guard (USCG). (n.d.). Port & Facility Compliance, Cyber Security Website. https://www.dco.uscg.mil/Our-Organization/Assistant-Commandant-for-Prevention-Policy-CG-5P/Inspections-Compliance-CG-5PC-/Office-of-Port-Facility-Compliance/Domestic-Ports-Division/cybersecurity/

U.S. Coast Guard (USCG). (2015, June). United States Coast Guard Cyber Strategy. https://www.uscg.mil/Portals/0/Strategy/Cyber%20Strategy.pdf

U.S. Coast Guard (USCG). (2017, December). Maritime Bulk Liquids Transfer, Offshore Operations, and Passenger Vessel Cybersecurity Framework Profiles, version 3. https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/Cyber%20Profiles%20Overview.docx?ver=2018-01-10-143126-467

U.S. Coast Guard (USCG). (2018, January 10). Appendix B: Offshore Operations Profile. https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/Appendix%20B.%20Offshore%20Operations%20Profile.docx?ver=2018-01-10-140108-557

U.S. Coast Guard (USCG). (2018, January 10). Appendix C: Passenger Vessel Profile. https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/Appendix%20C.%20Passenger%20Vessel%20Profile.docx?ver=2018-01-10-140109-727

U.S. Coast Guard (USCG). (2018, January 10). Appendix D: Industry Cybersecurity Processes & Profile Mappings. https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/Appendix%20D.%20Industry%20Cybersecurity%20Processes%20and%20Profile%20Mappings.docx?ver=2018-01-10-143125-373

U.S. Coast Guard (USCG). (2018, February 28). Appendix A: Maritime Bulk Liquid Transfer Profile. https://www.dco.uscg.mil/Portals/9/CG-FAC/Documents/Appendix%20A.%20Maritime%20Bulk%20Liquids%20Transfer%20Profile.docx?ver=2018-01-10-141700-073

U.S. Coast Guard (USCG). (2018, October). United States Coast Guard Maritime Commerce Strategic Outlook. https://media.defense.gov/2018/Oct/05/2002049100/-1/-1/1/USCG%20MARITIME%20COMMERCE%20STRATEGIC %20OUTLOOK-RELEASABLE.PDF

U.S. Coast Guard (USCG). (2020). Cybersecurity Web page. https://www.dco.uscg.mil/Our-Organization/Assistant-Commandant-for-Prevention-Policy-CG-5P/Inspections-Compliance-CG-5PC-/Office-of-Port-Facility-Compliance/Domestic-Ports-Division/cybersecurity/

U.S. Coast Guard (USCG). (2020, February 26). Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities. Navigation and Vessel Inspection Circular (NVIC) No. 01-20. https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/5ps/NVIC/2020/NVIC_01-20_CyberRisk_dtd_2020-02-26.pdf?ver=2020-03-19-071814-023

U.S. Coast Guard (USCG). (2021, August). CYBER STRATEGIC OUTLOOK: The United States Coast Guard's Vision To Protect and Operate in Cyberspace. https://www.uscg.mil/Portals/0/Images/cyber/2021-Cyber-Strategic-Outlook.pdf

U.S. Coast Guard (USCG). (2022, April 29). NVIC 01-20 Frequently Asked Questions (FAQs) — Updated 4/29/2022. Navigation and Vessel Inspection Circular (NVIC) No. 01-22. https://www.dco.uscg.mil/Portals/9/Cyber%20NVIC%2001-20%20FAQs_updated%2029%20APR%2022.pdf

U.S. Coast Guard (USCG). (2022, August 5). 2021 Cyber Trends and Insights in the Marine Environment. Coast Guard Cyber Command. https://www.dco.uscg.mil/Portals/9/2021CyberTrendsInsightsMarineEnvironmentReport.pdf

U.S. Coast Guard Auxiliary. (2019). USCG Risk Management Classroom Workbook. National Response Directorate.

U.S. Department of Homeland Security (DHS). (n.d.). Assessments: Cyber Resilience Review (CRR). Cybersecurity & Infrastructure Security Agency (CISA). https://us-cert.cisa.gov/resources/assessments

U.S. Coast Guard (USCG). (2020, October 27). Vessel Cyber Risk Management Work Instruction (CVC-WI-027(1)). Office of Commercial Vessel Compliance (CG-CVC) Mission Management System (MMS) Work Instruction (WI). https://dco.uscg.mil/Portals/9/DCO%20Documents/5p/CG-5PC/CG-CVC/CVC_MMS/CVC-WI-027(series).pdf

U.S. Department of Homeland Security (DHS). (n.d.). Cyber Security Evaluation Tool (CSET®). Cybersecurity & Infrastructure Security Agency (CISA). https://www.cisa.gov/stopransomware/cyber-security-evaluation-tool-csetr

U.S. Department of Homeland Security (DHS). (2015, June 26). Transportation Systems Sector Cybersecurity Framework Implementation Guidance. Cybersecurity & Infrastructure Security Agency (CISA). https://www.cisa.gov/sites/default/files/publications/tss-cybersecurity-framework-implementation-guide-2016-508v2_0.pdf

U.S. Department of Homeland Security (DHS). (2019, June 3). Maritime Modal Sector Coordinating Council (Maritime SCC). Cybersecurity & Infrastructure Security Agency (CISA). https://www.cisa.gov/sites/default/files/publications/maritime_scc_charter_2019_4.26.19.pdf

U.S. Department of Homeland Security (DHS). (2020, March 24). Critical Infrastructure Sectors. Cybersecurity & Infrastructure Security Agency (CISA). https://www.cisa.gov/critical-infrastructure-sectors

Vijayan, J. (2019, July 9). What is an ISAC or ISAO? How These Cyber Threat Information Sharing Organizations Improve Security. CSO. https://www.csoonline.com/article/3406505/what-is-an-isac-or-isao-how-these-cyber-threat-information-sharing-organizations-improve-security.html

Wärtsilä. (2018, October 16) Wärtsilä Opens the First International Maritime Cyber Centre of Excellence in the World. https://www.wartsila.com/media/news/16-10-2018-wartsila-opens-the-first-international-maritime-cyber-centre-of-excellence-in-the-world-2296825

Weiss, J.G., Helleputte, C.-A., & De Cicco, D. (2020, October 22). US DOE and NIST Partner to Improve Cybersecurity in Energy, Maritime Transportation Industries. Steptoe. https://www.steptoe.com/en/news-publications/us-doe-and-nist-partner-to-improve-cybersecurity-in-energy-maritime-transportation-industries.html

White House (2020, December). National Maritime Cybersecurity Plan to the National Strategy for Maritime Security. https://www.hsdl.org/?view&did=848704

Wingrove, M. (2020, November 5). Norway Opens Cyber Resilience Centre. Riviera. https://www.rivieramm.com/news-content-hub/news-content-hub/norway-opens-cyber-resilience-centre-61586

[Top of Section | Top of Page]
Chapter 9. Concluding Thoughts

Afenyo, M., & Caesar, L.D. (2023, January). Maritime Cybersecurity Threats: Gaps and Directions for Future Research. Ocean & Coastal Management. DOI: 10.1016/j.ocecoaman.2023.106493

Bailey, D. (2017, July 13). Why You Need to Follow the Steve Jobs Method and 'Work Backwards.' Inc. https://www.inc.com/dave-bailey/why-you-need-to-follow-the-steve-jobs-method-and-w.html

Ben Farah, M.A., Ukwandu, E., Hindy, H., Brosset, D., Bures, M., Andonovic, I., & Bellekens, X. (2022, January 6). Cyber-Security in the Maritime Industry: A Systematic Survey of Recent Advances and Future Trends. Information, 13(1), 22. DOI: 10.3390/info13010022

Bolbot, V., Kulkarni, K., Brunou, P., Banda, O.V., & Musharraf, M. (2022, October 30). Developments and Research Directions in Maritime Cybersecurity: A Systematic Literature Review and Bibliometric Analysis. International Journal of Critical Infrastructure Protection. DOI: 10.1016/j.ijcip.2022.100571

Bolbot, V., Theotokatos, G., Boulougouris, E., & Vassalos, D. (2020, November). A Novel Cyber-Risk Assessment Method for Ship Systems. Safety Science, 131. DOI: 10.1016/j.ssci.2020.104908. https://www.sciencedirect.com/science/article/pii/S0925753520303052/pdfft

Chambers, S. (2018, March 16). Maritime CEO Forum: Shipping Anywhere From 30 to 500 Years Behind the Technology Curve. Splash247. https://splash247.com/maritime-ceo-forum-shipping-anywhere-30-500-years-behind-technology-curve/

Cyberspace Solarium Commission. (2020, March). Report of the United States of America Cyberspace Solarium Commission. https://drive.google.com/file/d/1ryMCIL_dZ30QyjFqFkkf10MxIXJGT4yv/view

Davidson, D. (2018, March 13). Don't Try to be 'Disruptive.' To Really Have an Impact, You Need to Reverse Engineer the Future. Entrepreneur. https://www.entrepreneur.com/article/309552

Filipoff, D. (2023, February 13). A Fleet Adrift: The Mounting Risks of the U.S. Navy's Force Development. Center for International Maritime Security (CIMSEC). https://cimsec.org/a-fleet-adrift-the-mounting-risks-of-the-u-s-navys-force-development/

Haney, J., & Lutters, W. (2020, October). Security Awareness Training for the Workforce: Moving Beyond "Check-the-Box" Compliance. IEEE Computer Magazine, 53(10), 91-95. DOI: 10.1109/MC.2020.3001959

Hartmann, G.K. (1975, July 1). Mine Warfare History and Technology. Naval Surface Weapons Center, White Oak Laboratory, Technical Report NWSC/WOL/TR 75-88. https://apps.dtic.mil/dtic/tr/fulltext/u2/a017318.pdf

Higgins, K.J. (2013, April 4). Hacking The User Security Awareness And Training Debate. DarkReading. https://www.darkreading.com/risk/hacking-the-user-security-awareness-and-training-debate

Higgins, K.J. (2015, March 26). SSL/TLS Suffers "Bar Mitzvah Attack." DarkReading. https://www.darkreading.com/attacks-breaches/ssl-tls-suffers-bar-mitzvah-attack-

Ileto, J. (2022, May 10). Cyber at Sea: Protecting Strategic Sealift in the Age of Strategic Competition. Modern War Institute at West Point. https://mwi.usma.edu/cyber-at-sea-protecting-strategic-sealift-in-the-age-of-strategic-competition/

Johnston, R.G. (2020, July). Security Maxims. Right Brain Sekurity. https://rbsekurity.com/Papers/Johnston_Security_Maxims.pdf

Kessler, G.C. (2018, October 12). Cybersecurity and the "Return on Negligence." The Maritime Executive. https://www.maritime-executive.com/editorials/cybersecurity-and-the-return-on-negligence

Kessler, G.C. (2022, April 19). Information Security, the MTS of the Future, and the New Convergence. The Maritime Executive. https://www.maritime-executive.com/editorials/information-security-the-mts-of-the-future-and-the-new-convergence

Kessler, G.C. (2022, May 11). Cybersecurity as a Team Sport: Resiliency, Agility and Cooperation . The Maritime Executive. https://www.maritime-executive.com/editorials/cybersecurity-as-a-team-sport-resiliency-agility-and-cooperation

Kessler, G.C., & Zorri, D.M. (2021). Cross Domain IW Threats to SOF Maritime Missions: Implications for U.S. SOF. Joint Special Operations University (JSOU) Report 21-4. MacDill Air Force Base (FL): The JSOU Press. https://jsouapplicationstorage.blob.core.windows.net/press/12/21-4.pdf

Lawrence, C. (2022, September 28). Securing the Seas When the Maritime Industry's Drowning. TNW. https://thenextweb.com/news/martime-industry-drowning-from-cybercriminal-threat

Larsen, B.J.P. (2022, June). Maritime Cybersecurity Shipping Industry Plan. Unpublished M.S. Thesis, University of Skövde. DOI: 10.13140/RG.2.2.29320.29441

Loomis, W., Singh, V.V., Kessler, G.C., & Bellekens, X. (2021, October). RAISING THE COLORS: Signaling for Cooperation on Maritime Cybersecurity. Cyber Statecraft Initiative, Scowcroft Center for Strategy and Security, Atlantic Council. https://www.atlanticcouncil.org/wp-content/uploads/2021/10/Raising-the-colors-Signaling-for-cooperation-on-maritime-cybersecurity.pdf

Lundquist, E.H. (2011, January 27). Project Evergreen. Defense Media Network. https://www.defensemedianetwork.com/stories/project-evergreen/

Meadors, T.M. (2022, September). Cyber Warfare is a Navy Mission. Proceedings of the U.S. Naval Institute, 148(9). https://www.usni.org/magazines/proceedings/2022/september/cyber-warfare-navy-mission

Meadors, T.M. (2023, February 22). Paralyzed at the Pier: Schrödinger’s Fleet and Systemic Naval Cyber Compromise. Center for International Maritime Security (CIMSEC. https://cimsec.org/paralyzed-at-the-pier-schrodingers-fleet-and-systemic-naval-cyber-compromise/

Oruç, A. (2022, June). Ethical Considerations in Maritime Cybersecurity Research. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 16,(2), 309-318. DOI: 10.12716/1001.16.02.14

Palmer, D. (2019, May 17). What is GDPR? Everything You Need to Know About the New General Data Protection Regulations. ZDNet. https://www.zdnet.com/article/gdpr-an-executive-guide-to-what-you-need-to-know/

Percival, T. (2021, January 18). Proactive vs. Reactive Cyber Security Strategies in Maritime. Hellenic Shipping News. https://www.hellenicshippingnews.com/proactive-vs-reactive-cyber-security-strategies-in-maritime/

Roer, K. (2017, June 1). A Culture of Security, Not of Blame. Information Security Magazine. https://www.infosecurity-magazine.com/blogs/culture-security-not-blame/

Rovner, J. (2023, March 13). The Liberal Cyber Order. War on the Rocks. https://warontherocks.com/2023/03/the-liberal-cyber-order/

Schauer, S., Stamer, M., Bosse, C., Pavlidis, M., Mouratidis, H., König, S., & Papastergiou, S. (2017). An Adaptive Supply Chain Cyber Risk Management Methodology. In: Kersten, Wolfgang Blecker, Thorsten Ringle, Christian M. (Ed.), Digitalization in Supply Chain Management and Logistics: Smart and Digital Solutions for an Industry 4.0 Environment, Proceedings of the Hamburg International Conference of Logistics (HICL), Vol. 23, ISBN 978-3-7450-4328-0, epubli GmbH, Berlin, pp. 405-425. DOI: 10.15480/882.1491

Shang, W., Gong,, T., Chen,, C., Hou, J., & Zeng, P. (2019, March 14). Information Security Risk Assessment Method for Ship Control System Based on Fuzzy Sets and Attack Trees. Security and Communication Networks, 2019, article 3574675. DOI: 10.1155/2019/3574675. https://downloads.hindawi.com/journals/scn/2019/3574675.pdf

Shepard, S. (2022). Reverse-Engineering the Future: A Prescription for Change Leadership. Kindle Direct Publishing. https://www.amazon.com/Reverse-Engineering-Future-Prescription-Change-Leadership-ebook/dp/B09SVVN7F3/ref=sr_1_1

Stoker, G., Greer, J., Clark, U., & Chiego, C. (2023, April). Considering Maritime Cybersecurity at a Non-Maritime Education and Training Institution. Cybersecurity Pedagogy and Practice Journal, 2(1), 66-76. http://iscap.us/papers/misc/countdownloads/5775

Stoltz, B. (2019, September 7). A New California Privacy Law Could Affect Every U.S. Business — Will You be Ready? Forbes. https://www.forbes.com/sites/allbusiness/2019/09/07/california-consumer-privacy-act-could-affect-your-business

Tam, K., Moara-Nkwe, K., & Jones, K.D. (2021, January-March). The Use of Cyber Ranges in the Maritime Context: Assessing Maritime-Cyber Risks, Raising Awareness, and Providing Training. Maritime Technology and Research, 3(1). DOI: 10.33175/mtr.2021.241410

Tvergrov, E.A. (2023, March 19). What Do You Do if a Hacker Takes Control of Your Ship? The Maritime Executive. https://www.maritime-executive.com/editorials/what-do-you-do-if-a-hacker-takes-control-of-your-ship

U.S. Coast Guard (USCG). (2012, May 31). Navigation Rules: International—Inland (72 COLREGS), COMDTINST M16672.2D. U.S. Department of Homeland Security. https://www.navcen.uscg.gov/pdf/navRules/navrules.pdf

U.S. Coast Guard (USCG). (2020, June 28). Marine Safety Alert 06-19 Cyber (07/2019). https://homeport.uscg.mil/Lists/Content/DispForm.aspx?ID=50460

U.S. Naval Institute (USNI). (2022, December 21). Cyber Power is Essential to Sea Power. The Proceedings Podcast. Panelists CDR Robert “Jake” Bebber, USN, and LCDR Tyson B. Meadors, USN, hosted by Bill Hamblet. https://www.youtube.com/watch?v=6zT_UdJSf3Q [video]

U.S. Navy. (2019, March). Cybersecurity Readiness Review. Secretary of the Navy. https://www.wsj.com/public/resources/documents/CyberSecurityReview_03-2019.pdf

Zorri, D.M., & Kessler, G.C. (2021, September 8). Cyber Threats and Choke Points: How Adversaries are Leveraging Maritime Cyber Vulnerabilities for Advantage in Irregular Warfare. Modern War Institute at West Point. https://mwi.usma.edu/cyber-threats-and-choke-points-how-adversaries-are-leveraging-maritime-cyber-vulnerabilities-for-advantage-in-irregular-warfare/

[Top of Section | Top of Page]

Ancillary Material

Author Podcasts/Interviews/Presentations

Maritime Cyber Newsletters, Blogs, and Web Sites

Maritime Journals

GPS/GNSS- and PNT-Related Sites

Ship Tracking/AIS Aggregation Web Sites

Papers Related to Securing AIS

Author Podcasts/Interviews/Presentations

Gary was quoted in the following article: Careless, J. (2022, December 17). Upgrading Maritime Cybersecurity in a Dangerous World. Transport Security International. https://www.tsi-mag.com/upgrading-maritime-cybersecurity-in-a-dangerous-world/

Gary Kessler participated in Panel 4 - Innovation to Meet Maritime Challenges, at the Maritime Security Challenges Conference (MSC 2022), Vancouver, BC, Canada (11/16/2022)

Gary gave two talks at the University of Plymouth's Cyber-SHIP Annual Symposium, held at IMO Headquarters in London (10/26-27/2022) — Geopolitical Implications Of the Weaponization of GPS and AIS in the Maritime Domain and The Human Element: Strategies to Combat the Maritime Cyber Workforce Problem (with Will Loomis)

Gary Kessler and A Historical View Of Information-Sharing (The Natural Curiosity Project Episode 167, hosted by Steven Shepard, 03/24/2022)

Charting Course: Next Steps for Maritime Cybersecurity With Allies and Partners, an Atlantic Council's Cyber Statecraft Initiative event with an introduction by The Hon. Angus King (I-Maine), and a panel session with RADM John W. Mauger (Asst. Commandant for Prevention Policy (CG-5P), USCG), Gary Kessler (Non-Resident Senior Fellow, Atlantic Council), Josie Long (Cyber Security Consultant, MITRE), and Sean Kline (Dir. of Maritime Affairs, Chamber of Shipping of America), moderated by Nina Kollars (Assoc. Professor, Cyber and Innovation Policy Institute (CIPI), U.S. Naval War College) (12/14/2021)

Maritime Cybersecurity Interview with Mr. William Loomis and Dr. Gary Kessler, a ThinkJSOU podcast moderated by Dr. Mark Grzegorzewski (12/02/2021)

Designer's Series: Balancing Cybersecurity and Autonomy in the Maritime Domain, an interview with William Loomis, Dr. Gary C. Kessler, and Michael Pyne, hosted by Nicolé Mullins (Teasley), at HACKtheMACHINE (11/29/2021)

Maritime Cybersecurity Panel with Stephen Mills (Royal Caribbean), Gary C. Kessler, and Daniel E. Turissini (Marine Technology Society), moderated by Lori Barfield and hosted by the Los Angeles Chapter of the Information Systems Security Association (ISSA-LA).

Sea Control 293 - Cyber Threats & Chokepoints with Dr. Diane Zorri and Dr. Gary Kessler (Center for International Maritime Security (CIMSEC), hosted by Anna McNeil, 11/14/2021)

Testimony before the U.S. House of Representatives Committee on Transportation & Infrastructure hearing on "The Evolving Cybersecurity Landscape: Industry Perspectives on Securing the Nation's Infrastructure" by Dr. Gary C. Kessler (11/04/2021) [Written testimony || Video of complete hearing (GCK's opening statement at 38:17-43:11)]

Hack The Sea 3.0 Village/DEF CON 29 (08/2021)

AIS Tools Demo (Notes from DEF CON)

AIS Proctocol Internals (Abridged) (Notes from Hack the Sea)

Cybersecurity Update with Gary Kessler (The Natural Curiosity Project, hosted by Steven Shepard, 06/21/2021)

"GNSS/AIS Spoofing: Issues in Maritime CyberSecurity." Video presentation by Gary Kessler at Maritime Cyber Security 2021 virtual event (06/17/2021).

Gary was quoted in the following article: Satira, B. (2021, May 12). Navigating the Waters of Maritime Cybersecurity. Help Net Security. https://www.helpnetsecurity.com/2021/05/12/maritime-cybersecurity/

An Interview With Gary Kessler on the National Maritime Cybersecurity Plan (The Natural Curiosity Project Episode 118, hosted by Steven Shepard, 02/18/2021)

An Interview with Gary Kessler on Maritime Cybersecurity (Cybersecurity Career Intelligence, hosted by Fred Scholl, Quinnipiac University, 11/02/2020)

An Interview With Gary Kessler on the Maritime Ransomware Attacks (The Natural Curiosity Project, hosted by Steven Shepard, 10/05/2020)

Hack The Sea 2.0 Village at DEF CON 28 (08/2020)

Build A Raspberry AIS

GPS:AIS Spoofing Attacks and Some Tools

Protecting AIS with Public Key Crypto Methods

An Interview with Gary Kessler, Andrew Lee (Jones Walker), and LT Kevin Kuhn (USCG) on cyberattack liabilities for maritime companies (IN THE KNOW Podcast 7: Planning for Real-World Cyber Threats, The Maritime Executive, hosted by Paul Benecki, 01/06/2019)

[Top of Section | Top of Page]

Maritime Cyber Newsletters, Blogs, and Web Sites

Center for International Maritime Security (CIMSEC)

Channel - 16 Maritime Security News

CSO Alliance

Cybersecurity & Infrastructure Security Agency (CISA) National Cyber Awareness System

Digital Ship newsletter

DNV cyber insights

Dryad Global Channel - 16 Maritime Security News

gCaptain

Hellenic Shipping News

JOC.com Maritime News

Lloyd's List

MarineLink

Maritime and Port Security Information Sharing and Analysis Organization (MPS-ISAO) TLP-Green Reports and Advisories

Maritime Domain Awareness Trade - Gulf of Guinea (MDAT-GoG)

The Maritime Executive

Maritime Logistics Professional

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MCYSEKA - Maritime Cyber Security Knowledge Archive

Navigation Outlook

Resilient Navigation and Timing (RNT) Foundation

Riviera Maritime Media

SAFETY4SEA

U.S. Coast Guard (USCG) Maritime Commons

U.S. Coast Guard (USCG) Maritime Cyber Readiness Branch (MCRB)

U.S. Naval Institute (USNI) News

Vessel Performance Optimisation

Voyage Worldwide

[Top of Section | Top of Page]

Maritime Journals

International Journal of Maritime Crime & Security

Journal of Marine Science & Engineering

Journal of Marine Science & Technology (Digital Commons)

Journal of Marine Science & Technology (JASNAOE)

NAVIGATION: Journal of the Institute of Navigation

OUR SEA: International Journal of Maritime Science & Technology

The Journal of Navigation

Transactions on Maritime Science

TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation

WMU Journal of Maritime Affairs

[Top of Section | Top of Page]

GPS/GNSS- and PNT-Related Sites

CISA Positioning, Navigation, and Timing page

GPSJam

GPSPATRON

International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA) — Positioning , Navigation and Timing (PNT) page

Interreg Baltic Sea Region R-Mode Baltic Project

MarRINav: Improving the Integrity and Resilience of Maritime Navigation

Resilient Navigation and Timing Foundation

The Institute of Navigation (ION)

The Royal Institute of Navigation (RIN)

USCG Navigation Center — GPS Problem Report Status page

[Top of Section | Top of Page]

Ship Tracking/AIS Aggregation Web Sites

AISHub

CruiseMapper

FleetMon

MarineTraffic

My Ship Tracking

Ship Tracker

Shipfinder

Shipspotting.com

TankerTrackers.com

Vessel Finder

Vesseltracker

[Top of Section | Top of Page]

Papers Related to Securing AIS

One area of Gary's research is related to AIS, AIS security vulnerabilities and exploits, and methods with which to secure AIS. Although not a specific theme of the book, a secure AIS is integral to a secure MTS. In that spirit, here are some papers specifically related to AIS (and some GNSS) security:

Anderson, J., Lo, S., & Walter, T. (2022, January). Cryptographic Ranging Authentication with TESLA, Rapid Re-keying, and a PRF. Proceedings of the 2022 International Technical Meeting of The Institute of Navigation, Long Beach, California, January 2022, pp. 43-55. DOI: 10.33012/2022.18226

Anderson, J., Lo, S., & Walter, T. (2022, January). Efficient and Secure Use of Cryptography for Watermarked Signal Authentication. Proceedings of the 2022 International Technical Meeting of The Institute of Navigation, Long Beach, California, January 2022, pp. 68-82. DOI: 10.33012/2022.18228

Androjna, A., Brcko, T., Pavic, I., & Greidanus, H. (2020, October 20). Assessing Cyber Challenges of Maritime Navigation. Journal of Marine Science and Engineering, 8(10), 776. DOI: 10.3390/jmse8100776

Androjna, A., & Perkovič, M. (2021, September). Impact of Spoofing of Navigation Systems on Maritime Situational Awareness. Transactions on Maritime Science, 10(2). DOI: 10.7225/toms.v10.n02.w08

Androjna, A., Perkovič, M., Pavic, I., & Mičković. (2021, May). AIS Data Vulnerability Indicated by a Spoofing Case-Study. Applied Sciences, 11(11), 5015. DOI: 10.3390/app11115015

Aziz, A., Tedeschi, P., Sciancalepore, S., & Di Pietro, R. (2020, August 7). SecureAIS - Securing Pairwise Vessels Communications. 2020 IEEE Conference on Communications and Network Security (CNS), 29 June-1 July, Avignon, France. DOI: 10.1109/CNS48642.2020.9162320

Balduzzi, M., Pasta, A., & Wilhoit, K. (2014, December). A Security Evaluation of AIS Automated Identification System. In Proceeding the 30th Annual Computer Security Applications Conference (ACSAC '14), 436-445, New Orleans, Louisiana, 8-12 December 2014. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.694.7968&type=pdf

Balduzzi, M., Wilhoit, K., & Pasta, A. (2014, December). A Security Evaluation of AIS. Trend Micro Research Paper. https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-a-security-evaluation-of-ais.pdf

Baker, R. (2021, August 16). Creating an AIS Pi for Maritime Research. wondersmith_rae blog. https://wondersmithrae.medium.com/creating-an-ais-pi-for-maritime-research-5e6f754e541c

Baker, R. (2021, August 27). How to Install OpenCPN on Your AIS Raspberry Pi for Maritime Research. wondersmith_rae blog. https://wondersmithrae.medium.com/how-to-install-opencpn-on-your-ais-raspberry-pi-for-maritime-research-c6d3da5eb5a6

Blanco, J. (2019, December 5). C2 Over Maritime AIS and Commercial Aggregation [video]. DEF CON 27 Hack the Sea Village. https://www.youtube.com/watch?v=wRWh6FVIFeo

Chen, M.-Y., & Wu, H.-T. (2023, January). An Automatic-Identiﬁcation-System-Based Vessel Security System. IEEE Transactions on Industrial Informatics, 19(1), 870-879. DOI: 10.1109/TII.2021.3139348

Duan, Y., Huang, J., Lei, J., Kong, L., Lv, Y., Lin, Z., Chen, G., & Kha, M.K. (2023, February). AISChain: Blockchain-Based AIS Data Platform With Dynamic Bloom Filter Tree. IEEE Transactions on Intelligent Transportation Systems, 24(2), 2332-2343. DOI: 10.1109/TITS.2022.3188691

Erwin, S. (2022, August 17). Commercial Geospatial Technologies That Detect GPS Disruptions to be Tested in Military Exercises. SpaceNews. https://spacenews.com/commercial-geospatial-technologies-that-detect-gps-disruptions-to-be-tested-in-military-exercises/

Goudosis, A., & Katsikas, S.K. (2019, June 14). Towards a Secure Automatic Identification System (AIS). Journal of Marine Science and Technology, 24, 410-423. DOI: 10.1007/s00773-018-0561-3

Goudosis, A., & Katsikas, S.K. (2020, June). Secure AIS with Identity-Based Authentication and Encryption. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 14(2). DOI: 10.12716/1001.14.02.03

Goudosis, A., & Katsikas, S.K. (2022, June). Secure Automatic Identiﬁcation System (SecAIS): Proof-of-Concept Implementation. Journal of Marine Science and Engineering, 10(6), 805. DOI: 10.3390/jmse10060805

Goudossis, A., Kostis, T., & Nikitakos, N. (2012). Automatic Identification System Stated Requirements for Naval Transponder Security Assurance. In: A. Goudossis, T. Kostis, & N. Nikitakos (Eds.), Proceedings of the 2nd International Conference on Applications of Mathematics and Informatics in Military Sciences (AMIMS), Vari, Greece. https://www.researchgate.net/profile/Athanasios-Goudosis/publication/280573426_Automatic_Identification_System_Stated_Requirements_for_Naval_Transponder_Security_Assurance/links/5d6f6d2da6fdccf93d38830c/Automatic-Identification-System-Stated-Requirements-for-Naval-Transponder-Security-Assurance.pdf

Gupta, B.B., Gaurav, A., Hsu, C.-H., & Jiao, B. (2021, November 15). Identity-Based Authentication Mechanism for Secure Information Sharing in the Maritime Transport System. IEEE Transactions on Intelligent Transportation Systems, 1-9. DOI: 10.1109/TITS.2021.3125402

Hall, J., Lee, J., Benin, J., Armstrong, C., & Owen, H. (2015). IEEE 1609 Influenced Automatic Identification System (AIS). In Proceedings of 2015 IEEE 81st Vehicular Technology Conference (VTC Spring), May 11-14, Glasgow, pp. 1-5. DOI: 10.1109/VTCSpring.2015.7145867

Hu, Q., Jiang, Y., Zhang, J., Sun, X., & Zhang, S. (2015, November). Development of an Automatic Identification System Autonomous Positioning System. Sensors, 15(11), 28574–28591. DOI: 10.3390/s151128574

International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA). (2019, June). The Technical Specification of VDES, Edition 3. IALA Guideline 1139. https://www.e-navigation.nl/sites/default/files/1139-ed.3-the-technical-specification-of-vdes_june-2019.pdf

International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA). (2020). Collection of Regional Applications for AIS Application Specific Messages of Regional Applications for AIS Binary Messages. https://www.iala-aism.org/asm/

International Association of Marine Aids to Navigation and Lighthouse Authorities (IALA). (2022, December 16). VHF Data Exchange System (VDES) Overview, Edition 3.0. IALA Guideline 1117. https://www.iala-aism.org/product/g1117/

International Maritime Organization (IMO). (2010, June 2). Guidance on the Use of AIS Application-Specific Messages. SN.1/Circ. 289. http://vislab-ccom.unh.edu/~schwehr/papers/2009-Nav55-CG-AIX-Report-Annex1.pdf

International Telecommunication Union (ITU). (2014, February). Technical Characteristics for an Automatic Identification System Using Time Division Multiple Access in the VHF Maritime Mobile Frequency Band. ITU-R Recommendation M.1371-5. M Series: Mobile, Radiodetermination, Amateur and Related Satellite Services. https://www.itu.int/dms_pubrec/itu-r/rec/m/R-REC-M.1371-5-201402-I!!PDF-E.pdf

International Telecommunication Union (ITU). (2019, October). Assignment and Use of Identities in the Maritime Mobile Service. ITU-R Recommendation M.585-8. M Series: Mobile, Radiodetermination, Amateur and Related Satellite Services. https://www.itu.int/dms_pubrec/itu-r/rec/m/R-REC-M.585-8-201910-I!!PDF-E.pdf

Jiang, Y., Wu, J., & Zhang, S. (2018, MArch 27). An Improved Positioning Method for Two Base Stations in AIS. Sensors, 18(4), 991. DOI: 10.3390/s18040991

Johnson, G., Dykstra, K., Ordell, S., & Swaszek, P. (2020, October). R-Mode Positioning System Demonstration. Proceedings of 33rd International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2020), September 21-25, 2020, pp. 839-855. DOI: 10.33012/2020.17728

Johnson, G., Swaszek, P., Alberding, J., Hoppe, M., & Oltmann, J.-H. (2014, September). The Feasibility of R-mode to Meet Resilient PNT Requirements for E-navigation. Proceedings of 27th International Technical Meeting of the Satellite Division of the Institute of Navigation, ION GNSS 2014, Tampa, FL. https://www.researchgate.net/profile/Gregory-Johnson-4/publication/289887465_The_feasibility_of_R-mode_to_meet_resilient_PNT_requirements_for_e-navigation/links/5ba011ad299bf13e6038a905/The-feasibility-of-R-mode-to-meet-resilient-PNT-requirements-for-e-navigation.pdf

Kessler, G.C. (2020, May 1). AIS Replay and Spoofing [video]. https://www.garykessler.net/gck/AIS_replay_and_spoofing.mp4

Kessler, G.C. (2020, June). Protected AIS: A Demonstration of Capability Scheme to Provide Authentication and Message Integrity. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 14(2), 279-286. DOI: 10.12716/1001.14.02.02

Kessler, G.C. (2021, August 22). AIS Spoof of a Warship [video]. https://www.garykessler.net/gck/202108_MOSKVA_spoof.mp4

Kessler, G.C. (2022, April 17). AIS Tools. https://www.garykessler.net/software/index.html#ais

Kessler, G.C. (2022, December 6). AIS Research Using a Raspberry Pi (2022 Update). https://www.garykessler.net/library/ais_pi.html

Lázaro, F., Raulefs, R., Bartz, H., & Jerkovits, T. (2021, September 12). VDES R-Mode: Vulnerability Analysis and Mitigation Concepts. International Journal of Satellite Communications and Networking. DOI: 10.1002/sat.1427

Lázaro, F., Raulefs, R., Wang, W., Clazzer, F., & Plass, S. (2018, July 20). VHF Data Exchange System (VDES): An Enabling Technology for Maritime Communications. CEAS Space Journal, 11, 55-63. DOI: 10.1007/s12567-018-0214-8

Lee, E., Mokashi, A.J., Moon, S.Y., & Kim, G. (2019, August 24). The Maturity of Automatic Identification Systems (AIS) and Its Implications for Innovation. Journal of Marine Science and Engineering, 7(9), 287. DOI: 10.3390/jmse7090287

Litts, R.E., Popescu, D.C., & Popescu, O. (2021, September 6). Authentication Protocol for Enhanced Security of the Automatic Identification System. 2021 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom), May 24-28, 2021, Bucharest, Romania. DOI: 10.1109/BlackSeaCom52164.2021.9527840

Litts, R.E., Popescu, D.C., & Popescu, O. (2021, December). Authentication Protocol for Enhanced Security of the Automatic Identification System. Naval Engineers Journal, 133(4), 127-137. https://bt.e-ditionsbyfry.com/publication/?m=63540&i=731188&p=138&ver=html5

Moltsen, L., & Pielmeier, S. (2019, September). Introduction to VDES (VHF Data Exchange System). sternula. https://www.sternula.com/wp-content/uploads/2019/09/2019-09-What-is-VDES.pdf

Neish, A., & Walter, T. (2020, May 20). Securing GNSS — A Trip Down Cryptography Lane. Inside GNSS. https://insidegnss.com/securing-gnss-a-trip-down-cryptography-lane/

Oh, S.H., Seo, D., & Lee, B. (2015). S3 (Secure Ship-to-Ship) Information Sharing Scheme using Ship Authentication in the e-Navigation. International Journal of Security and Its Applications, 9(2), 97-110. DOI: 10.14257/ijsia.2015.9.2.10

Onyango, S.O., Owiredu, S.A., Kim, K.-I., Yoo, S.-L. A. (2022, November). Quasi-Intelligent Maritime Route Extraction from AIS Data.Sensors. Sensors, 22(22), 8639. DOI: 10.3390/s22228639

Ray, C., Gallen, R., Iphar; C., Napoli, A., & Bouju, A. (2015, September 21). DeAIS Project: Detection of AIS Spoofing and Resulting Risks. In Proceedings of OCEANS 2015, Genova, Italy, 18-21 May 2015, pp. 1-6. DOI: 10.1109/OCEANS-Genova.2015.7271729

Šafář, J., Grant, A., Williams, P., & Ward, N. (2020, January). Performance Bounds for VDES R-mode. Journal of Navigation, 73(1), 92-114. DOI: 10.1017/S0373463319000559

Šafář, J., Grant, A., & Bransby, M. (2021, September). Performance bounds for VDE-SAT R-Mode. International Journal of Satellite Communications and Networking. DOI: 10.1002/sat.1429

Satellite RF Tracking Follows the "Dark" Ships That AIS Can't See. (2022, July 26). The Maritime Executive. https://www.maritime-executive.com/article/satellite-rf-tracking-follows-the-dark-ships-that-ais-can-t-see

Schütze, G. (2020, January 30). GPS (Part 1) - Structure, Mode of Operation, Technical and Physical Fundamentals of GPS. Marine-Pilots.com. https://www.marine-pilots.com/articles/14342-gps-part-1-structure-mode-of-operation-technical-and-physical-fundamentals-of-gps

Schütze, G. (2020, February 26). GPS (Part 2), Physical and Technical Errors of GNSS - An Error Analysis. Marine-Pilots.com. https://www.marine-pilots.com/articles/14518-gps-part-2-physical-and-technical-errors-of-gnss-error-analysis

Schütze, G. (2020, May 6). GPS (Part 3) - Accidental Interferences and Intended Interferences by Extern Technical Sytems. Marine-Pilots.com. https://www.marine-pilots.com/articles/17170-gps-part-3-accidental-interferences-and-intended-interferences-by-extern-technical-sytems

Sciancalepore, S., Tedeschi, P., Aziz, A., & Di Pietro, R. (2021, March 30). Auth-AIS: Secure, Flexible, and Backward-Compatible Authentication of Vessels AIS Broadcasts. IEEE Transactions on Dependable and Secure Computing, 99. DOI: 10.1109/TDSC.2021.3069428

Shyshkin, O. (2022, November). Cybersecurity Providing for Maritime Automatic Identification System. In Proceedinsg of IEEE 41st International Conference on Electronics and Nanotechnology (ELNANO), pp. 736-740. October 10-14, 2022, Kyiv, Ukraine. DOI: 10.1109/ELNANO54667.2022.9926987

Stewart, A., Rice, E., & Safonov, P. (2018, April). Digital Authentication Strategies for the Automated Identification System. Proceedings of the Midwest Instruction and Computing Symposium (MICS) 2018, Duluth, Minnesota, April 6-7, 2018. http://micsymposium.org/mics2018/proceedings/MICS_2018_paper_64.pdf

Su, P., Sun, N., Zhu, L., Li, Y., Bi, R., Li, M., & Zhang, Z. (2017, April). A Privacy-Preserving and Vessel Authentication Scheme Using Automatic Identiﬁcation System. SCC '17: Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing, April 2017, pp. 83–90. DOI: 10.1145/3055259.3055261

U.S. Coast Guard (USCG). (2014, June 4). Encrypted Automatic Identification System (EAIS) Interface Design Description (IDD). Command, Control & Communications Engineering Center (C3CEN). https://www2.epic.org/foia/dhs/uscg/nais/EPIC-15-05-29-USCG-FOIA-20151030-Production-2.pdf

Wimpenny, G., Šafář, J., Grant, A., & Bransby, M. (2021, December 14). Securing the Automatic Identification System (AIS): Using Public Key Cryptography to Prevent Spoofing Whilst Retaining Backwards Compatibility. The Journal of Navigation, 1-13. DOI: 10.1017/S0373463321000837

Wimpenny, G., Šafář, J., Grant, A., Bransby, M., & Ward, N. (2017, September). Cyber-Security and a Potential Role for the Maritime Cloud. Proceedings of the 30th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2017), Portland, Oregon, September 25-29, 2017, pp. 1800-1808. DOI: 10.33012/2017.15395

Wimpenny, G., Šafář, J., Grant, A., Bransby, M., & Ward, N. (2018, September). Public Key Authentication for AIS and the VHF Data Exchange System (VDES). Proceedings of the 31st International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2018), Miami, Florida, September 24-28, 2018, pp. 1841-1851.DOI: 10.33012/2018.15948

Wirsing, M., Dammann, A., & Raulefs, R. (2020, January). Investigating R-Mode Signals for the VDE System. Proceedings of OCEANS 2019 MTS/IEEE SEATTLE, October 27-31, 2019. DOI: 10.23919/OCEANS40490.2019.8962635

Wolsing, K., Roepert, L., Bauer, J., & Wehrle, K. (2022, January 14). Anomaly Detection in Maritime AIS Tracks: A Review of Recent Approaches. Journal of Marine Science and Engingeering, 10(1), 112. DOI: 10.3390/jmse10010112

Zhang, J., Zhang, S., & Wang, J. (2017, May 22). Pseudorange Measurement Method Based on AIS Signals. Sensors, 17(5), 1183. DOI: 10.3390/s17051183

[Top of Section | Top of Page]

About the Authors and the Book

Gary C. Kessler, Ph.D., CISSP, is President of Gary Kessler Associates, a consulting, research, and training company located in Ormond Beach, Florida. He has been in the information security and education fields for more than 40 years, and is a retired professor of cybersecurity. Gary is a Principal Consultant at Fathom5, a Non-Resident Senior Fellow at the Atlantic Council, a visiting faculty member in the Electrical Engineering & Cyber Systems Section at the U.S. Coast Guard Academy, on the Board of Advisers of Cydome, and has testified before the U.S. House of Representatives about maritime cybersecurity issues. Gary has a B.A. in mathematics from Humboldt State University (California), an M.S. degree in computer science from the University of Vermont, and a Ph.D. in computing technology in education from Nova Southeastern University (Florida). His research interests focus on maritime cybersecurity, particularly related to AIS, as well as network protocols, digital forensics, and cybersecurity management and policy. Gary is Chief of the Cybersecurity Prevention Operations Division in the USCG Auxiliary, a PADI Master SCUBA Diver Trainer, and holds a USCG 50GT master merchant mariner certificate. Gary lives in Florida with his wife, Gayle.

Dr. Steven Shepard is the founder of the Shepard Communications Group in Williston, Vermont, and co-founder of the Executive Crash Course Company. A professional author, photographer, audio producer, and educator with more than 35 years of experience in the technology industry, he has written books and articles on a wide variety of topics. Steve received his undergraduate degree in Spanish and Romance Philology from the University of California at Berkeley, his master's degree in International Business from St. Mary's College, and his Ph.D. at the Da Vinci Institute in Rivonia, South Africa. He is a Senior Fellow of the Da Vinci Institute of South Africa; a Founding Director of the African Telecoms Institute; and an Emeritus member of the Board of Trustees of Champlain College. He was Resident Director of the University of Southern California's Executive Leadership and Advanced Management Programs for more than 25 years and is adjunct professor at Emory University and the Da Vinci Institute, among others. Thanks to a childhood spent in Spain, Steve is native fluent in Spanish and routinely publishes and delivers presentations in that language. He lives in Vermont with his wife Sabine, who has put up with him for more than 45 years.

The book can be purchased from Amazon in paperback (USD16.99) or Kindle (USD9.99) format.

Get more information about Gary (Amazon Author Page | Web site) and Steve (Amazon Author Page | Web site).
[Top of Page]

© 2020-, Gary C. Kessler & Steven D. Shepard