"Maritime Cybersecurity" Updates

Maritime Cybersecurity
A Guide for Leaders and Managers

by Gary C. Kessler & Steven D. Shepard

This Web page is devoted to providing updated or additional information with which to supplement Maritime Cybersecurity: A Guide for Leaders and Managers.

Papers, Articles, and Other Resources Related to the Book

Ancillary Material

How to Purchase the Book

Page last updated: 23 November 2020

Papers, Articles, and Other Resources Related to the Book

Chapter 2. Cybersecurity Basics

Cimpanu, C. (2020, August 2). Google: Eleven Zero-Days Detected in the Wild in the First Half of 2020. ZDNet. https://www.zdnet.com/article/google-eleven-zero-days-detected-in-the-wild-in-the-first-half-of-2020/

Mactavish, A. (2020, August 7). Cyber-Crime — A Continuing Concern. Seatrade Maritime News. https://www.seatrade-maritime.com/opinions-analysis/cyber-crime-continuing-concern

Multi-State Information Sharing and Analysis Center (MS-ISAC). (2020, September). Ransomware Guide. Cybersecurity & Infrastructure Security Agency (CISA). https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C.pdf

Tischer, M., Durumeric, Z., Bursztein, E., & Bailey, M. (2017, March/April). The Danger of USB Drives. IEEE Security & Privacy, 15(2), 62-69.
Chapter 3. Case Studies: Cyber Attacks on the Maritime Sector

Shen, C., & Baker, J. (2020, September 28). CMA CGM Confirms Ransomware Attack. Lloyd's List Maritime Intelligence.

Sonnemaker, T. (2020, August 3). Garmin Reportedly Paid Hackers a Multimillion Dollar Ransom to Recover Files After a Cyberattack That Left Their Services Offline for Several Days Last Month. Business Insider. https://www.businessinsider.com/garmin-paid-multimillion-dollar-ransom-to-hackers-report-2020-8

Truong, K. (2020, July 28). The Garmin Ransomware Hack is Horrifying. Vice. https://www.vice.com/en_us/article/5dzkd5/the-garmin-ransomware-hack-is-horrifying

United States Coast Guard (USCG). (2020, September 30). Malicious Email Spoofing Incidents. Marine Safety Information Bulletin (MSIB 19-20). https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/MSIB/2020/USCG-MSIB-19-20-CYBER-SPOOFING.pdf

Chapter 4. Ports and Cybersecurity

DOT Launches New Marine Highway Module of Port Planning and Investment Toolkit. (2020, October 15). Homeland Security Today. https://www.hstoday.us/subject-matter-areas/transportation/dot-launches-new-marine-highway-module-of-port-planning-and-investment-toolkit/

Iran: One of 2 Cyberattack Targets was Country's Ports. (2020, October 16). Asharq Al-Awsat. https://english.aawsat.com/home/article/2567991/iran-one-2-cyberattack-targets-was-countrys-ports

Wingrove, M. (2020, November 23). Cyber Attack Shuts Down US Port Servers. https://www.rivieramm.com/news-content-hub/news-content-hub/cyber-attack-shuts-down-us-port-servers-61955

Chapter 5. Shipboard Communication Systems

Degnarain, N. (2020, November 6). Captain's Noon Reports Crucial Missing Evidence For Mauritius Oil Spill Ship. Forbes. https://www.forbes.com/sites/nishandegnarain/2020/11/06/captains-noon-reports-crucial-missing-evidence-for-mauritius-oil-spill-ship/?sh=16f204841a67

Goodin, D. (2020, August 5). Insecure Satellite Internet is Threatening Ship and Plane Safety. Ars Technica. https://arstechnica.com/information-technology/2020/08/insecure-satellite-internet-is-threatening-ship-and-plane-safety/

Chapter 6. Navigation Systems

Awan, M.S.K., & Al Ghamdi, M.A. (2019, October 2). Understanding the Vulnerabilities in Digital Components of An Integrated Bridge System (IBS). Journal of Marine Science and Engineering, 7(10), 350. https://doi.org/10.3390/jmse7100350

Iannucci, P.A., & Humphreys, T.E. (2020, September 25). Fused Low-Earth-Orbit GNSS. The University of Texas at Austin Radionavigation Laboratory. https://arxiv.org/pdf/2009.12334.pdf

Lambert, N., & Goward, D.A. (2020, November). Solution to GPS Hacking. Sea Technology, 8-10. https://lsc-pagepro.mydigitalpublication.com/publication/?m=60787&i=680110&p=8

Svilicic, B., Rudan, I., Frančić, V., & Doričić, M. (2019). Shipboard ECDIS Cyber Security: Third-Party Component Threats. Scientific Journal of Maritime Research, 33(2), 176-180. https://doi.org/10.31217/p.33.2.7

Tucker, P. (2020, July 31). The Air Force's Latest GPS Alternative: Earth's Magnetic Fields. Defense One. https://www.defenseone.com/technology/2020/07/air-forces-latest-gps-alternative-earths-magnetic-fields/167387/

Under Attack – Receiver Response to Spoofing: Robustness vs. Resilience. (2020, September 30). Inside GNSS. https://insidegnss.com/under-attack-receiver-response-to-spoofing-robustness-vs-resilience/

Chapter 7. Industrial Control and Autonomous Systems

Advancement for Autonomous Operations on Deep-Sea Ships. (2020, October 2). The Maritime Executive. https://www.maritime-executive.com/article/advancement-for-autonomous-operations-on-deep-sea-ships

Cusimano, J., Ayala, M., & Villano, G. (2020, November 10). Navigating Cybersecurity Challenges in Maritime Operational Technology. The Maritime Executive. https://maritime-executive.com/editorials/navigating-cybersecurity-challenges-in-maritime-operational-technology

Dow, M. (2020, August 31). Rise of Ransomware: Why OT is a Prime Target for Cybercriminals. Security. https://www.securitymagazine.com/articles/93197-rise-of-ransomware-why-ot-is-a-prime-target-for-cybercriminals

Horowitz, B.M. (2020, January-February). Cyberattack-Resilient Cyberphysical Systems. IEEE Security & Privacy, 18(1), 55-60. DOI: 10.1109/MSEC.2019.2947123.

Humayed, A., Lin, J., Li, F., & Luo, B. (2017, December). Cyber-Physical Systems Security — A Survey. IEEE Internet of Things Journal, 4(6), 1802-1831. DOI: 10.1109/JIOT.2017.2703172.

MASSPorts initiative launched to develop autonomous shipping. (2020, August 6). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/6737-massports-initiative-launched-to-develop-autonomous-shipping

MOL begins study on collision avoidance of autonomous ships. (2020, October 21). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/6876-mol-begins-study-on-collision-avoidance-of-autonomous-ships

The Collision Regulations and Autonomous Shipping. (2020, July). Shipping Law Insights blog, Norton Rose Fulbright. https://www.nortonrosefulbright.com/en/knowledge/publications/5fedab67/the-collision-regulations-and-autonomous-shipping

Chapter 8. Strategies for Maritime Cyberdefense

Arampatzis, A. (2020, August 2). The Biggest Challenges and Best Practices to Mitigate Risks in Maritime Cybersecurity. Tripwire. https://www.tripwire.com/state-of-security/security-data-protection/biggest-challenges-best-practices-mitigate-risks-maritime-cybersecurity/

New ASTM International Standard Aims to Reduce Maritime Cyber Risk. (2020, July 30). The Maritime Executive. https://www.maritime-executive.com/corporate/new-astm-international-standard-aims-to-reduce-maritime-cyber-risk

Reva, D. (2020, October). Maritime Cyber Security: Getting Africa Ready. Institute for Security Studies, Africa Report 29. https://issafrica.s3.amazonaws.com/site/uploads/ar-29.pdf

The Clock is Ticking for Compliance With IMO's 2021 Cyber Security Regulations. (2020, 12 November). Lloyd's Register. https://www.lr.org/en/insights/articles/imo-cyber-secuity-regulation-compliance/

U.S. Coast Guard. (2020, October 27). Vessel Cyber Risk Management Work Instruction (CVC-WI-027(1)). Office of Commercial Vessel Compliance (CG-CVC) Mission Management System (MMS) Work Instruction (WI). https://dco.uscg.mil/Portals/9/DCO%20Documents/5p/CG-5PC/CG-CVC/CVC_MMS/CVC-WI-027(series).pdf

Weiss, J.G., Helleputte, C.-A., & De Cicco, D. (2020, October 22). US DOE and NIST Partner to Improve Cybersecurity in Energy, Maritime Transportation Industries. Steptoe. https://www.steptoe.com/en/news-publications/us-doe-and-nist-partner-to-improve-cybersecurity-in-energy-maritime-transportation-industries.html

Wingrove, M. (2020, November 5). Norway Opens Cyber Resilience Centre. Riviera. https://www.rivieramm.com/news-content-hub/news-content-hub/norway-opens-cyber-resilience-centre-61586

Ancillary Material
Podcasts

An Interview with Gary Kessler on Maritime Cybersecurity (Cybersecurity Career Intelligence, hosted by Fred Scholl, Quinnipiac University, 11/02/2020)

An Interview With Gary Kessler On Maritime Ransomware Attacks (The Natural Curiosity Project, hosted by Steven Shepard, 10/05/2020)

Maritime newsletters that cover cybersecurity

Coast Guard Maritime Commons

Digital Ship newsletter

gCaptain

Hellenic Shipping News

JOC.com Maritime News

Lloyd's List

MarineLink

The Maritime Executive

Riviera Maritime Media

SAFETY4SEA

GPS/GNSS-Related Issues

USCG Navigation Center — GPS Problem Reports Status page

Resilient Navigation and Timing Foundation

Ship tracking Web sites mentioned in Chapter 3:

CruiseMapper

FleetMon

MarineTraffic

My Ship Tracking

Ship Tracker

Shipfinder

Vessel Finder

Vesseltracker

Hack The Sea 2.0 Village at DEF CON 28 (2020)

Build A Raspberry AIS

GPS:AIS Spoofing Attacks and Some Tools

Protecting AIS with Public Key Crypto Methods

Buy the Book!

The book can be purchased from Amazon in Kindle or print format.

Get more information about Gary (Amazon Author Page | Web site) and Steve (Amazon Author Page | Web site).

© 2020, Gary C. Kessler & Steven D. Shepard