"Maritime Cybersecurity" Updates

Maritime Cybersecurity
A Guide for Leaders and Managers

by Gary C. Kessler & Steven D. Shepard

This Web page is devoted to providing updated or additional information with which to supplement Maritime Cybersecurity: A Guide for Leaders and Managers.

Papers, Articles, and Other Resources Related to the Book

Ancillary Material

How to Purchase the Book

Page last updated: 23 September 2021

Papers, Articles, and Other Resources Related to the Book

Chapter 1. The Maritime Transportation System (MTS)

Bebbington, T. (2021, August 6). Cyberattack or Coincidence? Seatrade Maritime News. https://www.seatrade-maritime.com/regulation/less-25-bulkers-and-tankers-will-attain-eexi-compliance

Cohen, J. (2021). Where Zeros and Ones Sink Ships - Cyber Warfare Enters the Naval Battlespace. Naval Forces, 42(5), 49-51.

Foote, R. (2017) Cybersecurity in the Marine Transportation Sector: Protecting Intellectual Property to Keep Our Ports, Facilities, and Vessels Safe from Cyber Threats. Cybaris, 8(2), article 3. https://open.mitchellhamline.edu/cybaris/vol8/iss2/3

Kiln. (n.d.). Ship Map. https://www.shipmap.org/

Chapter 2. Cybersecurity Basics

Barker, W.C., Scarfone, K., Fisher, W., & Souppaya, M. (2021, June). Cybersecurity Framework Profile for Ransomware Risk Management. Preliminary Draft National Institute of Standards and Technology Interagency or Internal Report (NISTIR) 8374, U.S. Department of Commerce. https://csrc.nist.gov/CSRC/media/Publications/nistir/draft/documents/NIST.IR.8374-preliminary-draft.pdf

Barsky, N. (2021, August 31). The SEC Exposed Cybersecurity’s Fatal Flaw - Executive Resistance To Bad News. Forbes. https://www.forbes.com/sites/noahbarsky/2021/08/31/the-sec-exposed-cybersecuritys-fatal-flaw---executive-resistance-to-bad-news/?sh=37c8b2922339

Cimpanu, C. (2020, August 2). Google: Eleven Zero-Days Detected in the Wild in the First Half of 2020. ZDNet. https://www.zdnet.com/article/google-eleven-zero-days-detected-in-the-wild-in-the-first-half-of-2020/

Epsco-Ra Introduces New Cybersecurity Assessment Method. (2021, April 22). Digital Ship. https://thedigitalship.com/news/maritime-satellite-communications/item/7261-epsco-ra-introduces-new-cybersecurity-assessment-method

Gatlan, S. (2021, June 30). CISA Releases New Ransomware Self-Assessment Security Audit Tool. BleepingComputer. https://www.bleepingcomputer.com/news/security/cisa-releases-new-ransomware-self-assessment-security-audit-tool/

Mactavish, A. (2020, August 7). Cyber-Crime — A Continuing Concern. Seatrade Maritime News. https://www.seatrade-maritime.com/opinions-analysis/cyber-crime-continuing-concern

Mc Mahon, C. (2020, July 10). In Defence of the Human Factor. Frontiers of Psychology. DOI: 10.3389/fpsyg.2020.01390

Multi-State Information Sharing and Analysis Center (MS-ISAC). (2020, September). Ransomware Guide. Cybersecurity & Infrastructure Security Agency (CISA). https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C.pdf

Norton, Q. (2014, May 20). Everything is Broken. The Message. https://medium.com/message/everything-is-broken-81e5f33a24e1#.sc7pf19g3

Palmer, D. (2021, April 23). Ransomware's Perfect Target: Why One Industry Needs to Improve Cybersecurity, Before It's Too Late. ZDNet. https://www.zdnet.com/article/ransomwares-perfect-target-why-one-industry-needs-to-improve-cybersecurity-before-its-too-late/

Progoulakis, I., Nikitakos, N., Rohmeyer, P., Bunin, B., Dalaklis, D., & Karamperidis, S. (2021, January 22). Perspectives on Cyber Security for Offshore Oil and Gas Assets. Journal of Marine Science and Engineering, 9(2), 112. DOI: 10.3390/jmse9020112

Tischer, M., Durumeric, Z., Bursztein, E., & Bailey, M. (2017, March/April). The Danger of USB Drives. IEEE Security & Privacy, 15(2), 62-69.
Chapter 3. Case Studies: Cyber Attacks on the Maritime Sector

Cimpanu, C. (2018, December 12). Ships Infected with Ransomware, USB Malware, Worms. ZDNet. https://www.zdnet.com/article/ships-infected-with-ransomware-usb-malware-worms/

Shen, C., & Baker, J. (2020, September 28). CMA CGM Confirms Ransomware Attack. Lloyd's List Maritime Intelligence.

Sonnemaker, T. (2020, August 3). Garmin Reportedly Paid Hackers a Multimillion Dollar Ransom to Recover Files After a Cyberattack That Left Their Services Offline for Several Days Last Month. Business Insider. https://www.businessinsider.com/garmin-paid-multimillion-dollar-ransom-to-hackers-report-2020-8

Truong, K. (2020, July 28). The Garmin Ransomware Hack is Horrifying. Vice. https://www.vice.com/en_us/article/5dzkd5/the-garmin-ransomware-hack-is-horrifying

United States Coast Guard (USCG). (2020, September 30). Malicious Email Spoofing Incidents. Marine Safety Information Bulletin (MSIB 19-20). https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/MSIB/2020/USCG-MSIB-19-20-CYBER-SPOOFING.pdf

Chapter 4. Ports and Cybersecurity

DOT Launches New Marine Highway Module of Port Planning and Investment Toolkit. (2020, October 15). Homeland Security Today. https://www.hstoday.us/subject-matter-areas/transportation/dot-launches-new-marine-highway-module-of-port-planning-and-investment-toolkit/

Drougkas, A., Sarri, A., Kyranoudi, P. (2020, December). CYBER RISK MANAGEMENT FOR PORTS: Guidelines for Cybersecurity in the Maritime Sector. ENISA. https://www.enisa.europa.eu/publications/guidelines-cyber-risk-management-for-ports/at_download/fullReport

Fredrickson, K. (2021, May 9). Marine Transportation System (MTS) Cyber Spotlight: Approaching deadlines for incorporating cyber into Facility Security Assessments (FSA) and Facility Security Plans (FSP). Coast Guard Maritime Commons. https://mariners.coastguard.blog/2021/05/09/marine-transportation-system-mts-cyber-spotlight/

International Association of Ports and Harbors. (2021, July 2). Cybersecurity Guidelines for Ports and Port Facilities, v 1.0. https://sustainableworldports.org/wp-content/uploads/IAPH-Cybersecurity-Guidelines-version-1_0.pdf

Iran: One of 2 Cyberattack Targets was Country's Ports. (2020, October 16). Asharq Al-Awsat. https://english.aawsat.com/home/article/2567991/iran-one-2-cyberattack-targets-was-countrys-ports

Port of Los Angeles Inks $6.8 Mln Cybersecurity Deal with IBM. (2020, December 7). Maritime Logistics Professional. https://www.maritimeprofessional.com/news/port-angeles-inks-cybersecurity-deal-363659
Wingrove, M. (2020, November 23). Cyber Attack Shuts Down US Port Servers. https://www.rivieramm.com/news-content-hub/news-content-hub/cyber-attack-shuts-down-us-port-servers-61955

Chapter 5. Shipboard Communication Systems

Degnarain, N. (2020, November 6). Captain's Noon Reports Crucial Missing Evidence For Mauritius Oil Spill Ship. Forbes. https://www.forbes.com/sites/nishandegnarain/2020/11/06/captains-noon-reports-crucial-missing-evidence-for-mauritius-oil-spill-ship/?sh=16f204841a67

Goodin, D. (2020, August 5). Insecure Satellite Internet is Threatening Ship and Plane Safety. Ars Technica. https://arstechnica.com/information-technology/2020/08/insecure-satellite-internet-is-threatening-ship-and-plane-safety/

Iran's Secret Cyber Files On How Cargo Ships and Petrol Stations Could Be Attacked. (2021, July 27). IFMAT. https://www.ifmat.org/07/27/irans-secret-cyber-files-on-how-cargo-ships-and-petrol-stations-could-be-attacked/

Kessler, G.C. (2021, September). The CAN Bus in the Maritime Environment - Technical Overview and Cybersecurity Vulnerabilities. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 15(3), 531-540. DOI: 10.12716/1001.15.03.05.

Pavur, J., Mosery, D., Strohmeiery, M., Lendersy, V., & Martinovic, I. (2020, May). A Tale of Sea and Sky On the Security of Maritime VSAT Communications. In Proceedings of the 2020 IEEE Symposium on Security and Privacy (SP), 18-21 May 2020, San Francisco. DOI: 10.1109/SP40000.2020.00056

Tran, K., Keene, S., Fretheim, E., & Tsikerdekis, M. (2021, April 21). Marine Network Protocols and Security Risks. Journal of Cybersecurity and Privacy, 2021(1), 239-251. DOI: 10.3390/jcp1020013

Chapter 6. Navigation Systems

Anderson, J.M., Carroll, K.L., DeVilbiss, N.P., Gillis, J.T., Hinks, J.C., O'Hanlon, B.W., Rushanan, J.J., Scott, L., & Yazdi, R.A. (2017, September). Chips-Message Robust Authentication (Chimera) for GPS Civilian Signals. Proceedings of the 30th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2017), Portland, Oregon, pp. 2388-2416. DOI: 10.33012/2017.15206

Androjna, A., Perkovič, M., Pavic, I., & Mišković. (2021, May). AIS Data Vulnerability Indicated by a Spoofing Case-Study. Applied Sciences, 11(11), 5015. DOI: 10.3390/app11115015

Androjna, A., & Perkovič, M. (2021, September). Impact of Spoofing of Navigation Systems on Maritime Situational Awareness. Transactions on Maritime Science, 10(2). DOI: 10.7225/toms.v10.n02.w08

Awan, M.S.K., & Al Ghamdi, M.A. (2019, October 2). Understanding the Vulnerabilities in Digital Components of An Integrated Bridge System (IBS). Journal of Marine Science and Engineering, 7(10), 350. DOI: 10.3390/jmse7100350

Boling, A., Kuo, L., Snyder, L., & Sung, L. (2021). UNMASKED: Vessel Identity Laundering and North Korea's Maritime Sanctions Evasion. Center for Advanced Defense Studies (C4ADS). https://c4ads.org/s/Unmasked-North-Korea-Vessel-Identity-Laundering-ntbe.pdf

Chow, B.G., & Kelley, B.W. (2021, July 28). Peace in the Era of Weaponized Space. SpaceNews. https://spacenews.com/op-ed-peace-in-the-era-of-weaponized-space/

González, R., Lacarra, E., López, M., & Heikonen, K. (2021, September). EGNOS Performance Along Finnish Coast. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 15(3), 551-556. DOI: 10.12716/1001.15.03.07.

Goodman, J. (2021, May 28). Tanker's Impossible Voyage Signals New Sanction Evasion Ploy. yahoo!news. https://news.yahoo.com/tanker-impossible-voyage-signals-sanction-040109857.html
Goward, D.A. (2021, April 14). Assured PNT Summit - Opening Remarks. Defense Strategies Institute Assured PNT Summit. https://rntfnd.org/2021/04/16/assured-pnt-summit-opening-remarks/

GPS Denied Solutions and Upcoming Technologies. (2021, May 11). Advanced Navigation. https://www.advancednavigation.com/news/gps-denied-solutions-and-upcoming-technologies

Hambling, D. (2020, October 4). What Would the World do Without GPS? BBC. https://www.bbc.com/future/article/20201002-would-the-world-cope-without-gps-satellite-navigation

Hansen, A., Mackey, S., Wassaf, H., Shah, V., Wallischeck, E., Scarpone, C., Barzach, M., & Baskerville, E. (2021, January). Complementary PNT and GPS Backup Technologies Demonstration Report. Cambridge (MA): U.S. Department of Transportation, John A Volpe National Transportation Systems Center, Report DOT-VNTSC-20-07. https://www.transportation.gov/sites/dot.gov/files/2021-01/FY%2718%20NDAA%20Section%201606%20DOT%20Report%20to%20Congress_Combinedv2_January%202021.pdf

Harris, M. (2021, July 29). Phantom Warships Are Courting Chaos in Conflict Zones. WIRED. https://www.wired.com/story/fake-warships-ais-signals-russia-crimea/

Hemminghaus, C., Bauer, J., & Padilla, E. (2021, March). BRAT: A BRidge Attack Tool for Cyber Security Assessments of Maritime Systems. TransNav, The International Journal on Marine Navigation and Safety of Sea Transportation, 15(1). DOI: 10.12716/1001.15.01.02

How SailPlan's Cloud-based Platform is Optimising Navigational Decision-making. (2021, March 5). Vessel Performance Optimisation. https://vpoglobal.com/2021/03/05/how-sailplans-cloud-based-platform-is-optimising-navigational-decision-making/

Humphreys, T. (2012, August 24). Resilient and Robust PNT. ION Joint Navigation Conference. https://rntfnd.us3.list-manage.com/track/click?u=06a79dfa9d702640cd0cee682&id=40316749a7&e=45ff616045

Iannucci, P.A., & Humphreys, T.E. (2020, September 25). Fused Low-Earth-Orbit GNSS. The University of Texas at Austin Radionavigation Laboratory. https://arxiv.org/pdf/2009.12334.pdf

Lambert, N., & Goward, D.A. (2020, November). Solution to GPS Hacking. Sea Technology, 8-10. https://lsc-pagepro.mydigitalpublication.com/publication/?m=60787&i=680110&p=8

Leite Junior, W.C., de Moraes, C.C., de Albuquerque, C.E.P., Machado, R.C.S., & de Sá, A.O. (2021, May 4). A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems. Sensors, 21(9), 3195. DOI: 10.3390/s21093195

Russian Electronic Warfare System Is Capable Of Neutralizing GPS, Galileo and BeiDou Systems. (2021, February 1). Sputnik International News. https://rntfnd.org/2021/02/04/russian-electronic-warfare-system-is-capable-of-neutralizing-gps-galileo-and-beidou-systems-sputnik-international/

Sutton, H.I. (2021, June 21). Positions of Two NATO Ships Were Falsified Near Russian Black Sea Naval Base. USNI News. https://news.usni.org/2021/06/21/positions-of-two-nato-ships-were-falsified-near-russian-black-sea-naval-base

Svilicic, B., Rudan, I., Frančić, V., & Doričić, M. (2019). Shipboard ECDIS Cyber Security: Third-Party Component Threats. Scientific Journal of Maritime Research, 33(2), 176-180. DOI: 10.31217/p.33.2.7

Tippenhauer, N.O., Pöpper, C., Rasmussen, K.B., & Čapkun, S. (2011, October). On the Requirements for Successful GPS Spoofing Attacks. In CCS '11: Proceedings of the 18th ACM conference on Computer and Communications Security, pp. 75–86. https://dl.acm.org/doi/pdf/10.1145/2046707.2046719

Tucker, P. (2020, July 31). The Air Force's Latest GPS Alternative: Earth's Magnetic Fields. Defense One. https://www.defenseone.com/technology/2020/07/air-forces-latest-gps-alternative-earths-magnetic-fields/167387/

Under Attack – Receiver Response to Spoofing: Robustness vs. Resilience. (2020, September 30). Inside GNSS. https://insidegnss.com/under-attack-receiver-response-to-spoofing-robustness-vs-resilience/

U.S. Coast Guard (USCG). (2021, April 22). Worldwide Navigational Warnings Service. Marine Safety Information Bulletin (MSIB 05-21). https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/MSIB/2021/MSIB_21-05_WorldwideNavigationalWarningsService.pdf

U.S. Department of Transportation. (2020, December 9). Virtual Workshop on GPS Jamming and Spoofing in the Maritime Environment. https://www.transportation.gov/pnt/agenda-virtual-workshop-gps-jamming-and-spoofing-maritime-environment

U.S. Government Accountability Office (GAO). (2021, May). TECHNOLOGY ASSESSMENT: Defense Navigation Capabilities — DOD is Developing Positioning, Navigation, and Timing Technologies to Complement GPS (GAO-21-320SP). https://www.gao.gov/assets/gao-21-320sp.pdf

U.S. Navy Ship Spoofed to Crimea. (2021, June 30). Resilient Navigation and Timing (RNT) Foundation blog. https://rntfnd.org/2021/06/30/u-s-navy-ship-spoofed-to-crimea/

Using AI to Enhance Navigational Safety. (2021, May 21). Vessel Performance Optimisation. https://vpoglobal.com/2021/05/21/using-ai-to-enhance-navigational-safety/

Weiss, M., Diamond, P., & Goward, D.A. (2020, October 16). A Resilient National Timing Architecture. RNT Foundation. https://rntfnd.org/wp-content/uploads/Resilient-National-Timing-Architecture-16-Oct-2020.pdf

Chapter 7. Industrial Control and Autonomous Systems

Advancement for Autonomous Operations on Deep-Sea Ships. (2020, October 2). The Maritime Executive. https://www.maritime-executive.com/article/advancement-for-autonomous-operations-on-deep-sea-ships

Cusimano, J., Ayala, M., & Villano, G. (2020, November 10). Navigating Cybersecurity Challenges in Maritime Operational Technology. The Maritime Executive. https://maritime-executive.com/editorials/navigating-cybersecurity-challenges-in-maritime-operational-technology

Davis, R. & Inajima, T. (2021, August 31). First Autonomous Cargo Ship Faces Test With 236-Mile Voyage. gCaptain. https://gcaptain.com/first-autonomous-cargo-ship-faces-test-with-236-mile-voyage/

Dow, M. (2020, August 31). Rise of Ransomware: Why OT is a Prime Target for Cybercriminals. Security. https://www.securitymagazine.com/articles/93197-rise-of-ransomware-why-ot-is-a-prime-target-for-cybercriminals

Fleming, C., Elks, C., Bakirtzis, G., Adams, S.C., Carter, B., Beling, P.A., & Horowitz, B. (2020, November 29). Cyber-Physical Security Through Resiliency: A Systems-centric Approach. eprint arXiv:2011.14469. https://arxiv.org/abs/2011.14469v1

Horowitz, B.M. (2020, January-February). Cyberattack-Resilient Cyberphysical Systems. IEEE Security & Privacy, 18(1), 55-60. DOI: 10.1109/MSEC.2019.2947123.

Humayed, A., Lin, J., Li, F., & Luo, B. (2017, December). Cyber-Physical Systems Security — A Survey. IEEE Internet of Things Journal, 4(6), 1802-1831. DOI: 10.1109/JIOT.2017.2703172.

Industrial Safety and Security (ISS) Source. (2021, March 1). Tool to Protect Against GPS Spoofing. ISSSource.com. https://isssource.com/tool-to-protect-against-gps-spoofing/

Kehoe, A., & Cecotti, M. (2021, March 23). Multiple Destroyers Were Swarmed By Mysterious 'Drones' Off California Over Numerous Nights. The Ware Zone. https://www.thedrive.com/the-war-zone/39913/multiple-destroyers-were-swarmed-by-mysterious-drones-off-california-over-numerous-nights

MASSPorts initiative launched to develop autonomous shipping. (2020, August 6). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/6737-massports-initiative-launched-to-develop-autonomous-shipping

MOL begins study on collision avoidance of autonomous ships. (2020, October 21). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/6876-mol-begins-study-on-collision-avoidance-of-autonomous-ships

Ocean of Things (OoT). (n.d.). Defense Advanced Research Projects Agency (DARPA), U.S. Department of Defense (DOD). https://oceanofthings.darpa.mil/

Russia Moving Forward with Autonomous Navigation on Commercial Vessels. (2020, December 11). The Maritime Executive. https://www.maritime-executive.com/article/russia-moving-forward-with-autonomous-navigation-on-commercial-vessels

Schuler, M. (2021, July 15). Navy's Second 'Ghost Fleet' Unmanned Ship Makes Long-Range Transit from Gulf to West Coast. gCaptain. https://gcaptain.com/navy-ghost-fleet-unmanned-ship-makes-second-long-range-trip/?subscriber=true&goal=0_f50174ef03-a31fbc4401-170367962&mc_cid=a31fbc4401&mc_eid=f9a51576ea

Seals, T. (2021, September 6). IoT Attacks Skyrocket, Doubling in 6 Months. threatpost. https://threatpost.com/iot-attacks-doubling/169224/

Singapore Launches First Drone Technology Test Bed. (2021, April 22). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/7259-singapore-launches-first-drone-technology-test-bed

The Collision Regulations and Autonomous Shipping. (2020, July). Shipping Law Insights blog, Norton Rose Fulbright. https://www.nortonrosefulbright.com/en/knowledge/publications/5fedab67/the-collision-regulations-and-autonomous-shipping

Saul, J. (2021, July 28). The Pool Of Ship Officers Is Running Dry. https://gcaptain.com/the-pool-of-ship-officers-is-running-dry/

tpgroup’s Autonomous Navigation System Completes Sea Trials. (2020, December 22). Digital Ship. https://thedigitalship.com/news/electronics-navigation/item/7018-tpgroup-s-autonomous-navigation-system-completes-sea-trials

Chapter 8. Strategies for Maritime Cyberdefense

Arampatzis, A. (2020, August 2). The Biggest Challenges and Best Practices to Mitigate Risks in Maritime Cybersecurity. Tripwire. https://www.tripwire.com/state-of-security/security-data-protection/biggest-challenges-best-practices-mitigate-risks-maritime-cybersecurity/

BIMCO et al. (2020, December 21). The Guidelines on Cyber Security Onboard Ships, version 4. https://www.bimco.org/-/media/bimco/news-and-trends/news/priority-news/2020/2021-12-23-guidelines-on-cyber-security-onboard-ships.ashx

Green, E.H., Carr, E.W., Winebrake, J.J., & Corbett, J.J. (2020, June). Blockchain Technology and Maritime Shipping: A Primer. U.S. Maritime Administration. https://www.maritime.dot.gov/sites/marad.dot.gov/files/2020-07/MARAD%20Blockchain%20Final%20Primer%20%2820200622%29.pdf

Heering, D., Maennel, O.M., & Venables, A.N. (2021, July). Shortcomings in Cybersecurity Education for Seafarers. In: C.G. Soares & T.A. Santos (eds.), Developments in Maritime Technology and Engineering, Vol. 1. CRC Press. DOI: 10.1201/9781003216582-6

Jacq, O., Boudvin, X., Brosset, D., Kermarrec, Y., & Simonin, J. (2018, October). Detecting and Hunting Cyberthreats in a Maritime Environment: Specification and Experimentation of a Maritime Cybersecurity Operations Centre. In Proceedings of the 2018 2nd Cyber Security in Networking Conference (CSNet), October 24-26, 2018, Paris, France. DOI: 10.1109/CSNET.2018.8602669

Kollars, N., Tangredi, S.J., & Demchak, C.C. (2021, February 4). The Cyber Maritime Environment: A Shared Critical Infrastructure and Trump's Maritime Cyber Security Plan. War on the Rocks. https://warontherocks.com/2021/02/the-cyber-maritime-environment-a-shared-critical-infrastructure-and-trumps-maritime-cyber-security-plan/

McNally, M. (2021, January 7). IMO2021, Not Just an IT Concern. MarineLink. https://www.marinelink.com/news/imo-not-concern-484360

New ASTM International Standard Aims to Reduce Maritime Cyber Risk. (2020, July 30). The Maritime Executive. https://www.maritime-executive.com/corporate/new-astm-international-standard-aims-to-reduce-maritime-cyber-risk

Petta, M.C. (2021, January 10). The IMO 2021 Cyber Guidelines and the Need to Secure Seaports. Maritime Executive. https://maritime-executive.com/editorials/the-imo-2021-cyber-guidelines-and-the-need-to-secure-seaports

Reva, D. (2020, October). Maritime Cyber Security: Getting Africa Ready. Institute for Security Studies, Africa Report 29. https://issafrica.s3.amazonaws.com/site/uploads/ar-29.pdf

Steady as She Goes: Three Expectations for the U.S Coast Guard Under the Biden Administration. (2021, January 8). gCaptain. https://gcaptain.com/expectations-for-us-coast-guard-under-biden-administration/

The Clock is Ticking for Compliance With IMO's 2021 Cyber Security Regulations. (2020, 12 November). Lloyd's Register. https://www.lr.org/en/insights/articles/imo-cyber-secuity-regulation-compliance/

The Navy Aims to Install Cyber Baselines Aboard 180 Ships. (2020, July). DefenseNews. https://www.defensenews.com/battlefield-tech/it-networks/2020/06/30/the-navy-aims-to-install-cyber-baselines-aboard-180-ships/

U.S. Coast Guard. (2020, October 27). Vessel Cyber Risk Management Work Instruction (CVC-WI-027(1)). Office of Commercial Vessel Compliance (CG-CVC) Mission Management System (MMS) Work Instruction (WI). https://dco.uscg.mil/Portals/9/DCO%20Documents/5p/CG-5PC/CG-CVC/CVC_MMS/CVC-WI-027(series).pdf

Weiss, J.G., Helleputte, C.-A., & De Cicco, D. (2020, October 22). US DOE and NIST Partner to Improve Cybersecurity in Energy, Maritime Transportation Industries. Steptoe. https://www.steptoe.com/en/news-publications/us-doe-and-nist-partner-to-improve-cybersecurity-in-energy-maritime-transportation-industries.html

U.S. Coast Guard. (2021, August). CYBER STRATEGIC OUTLOOK: The United States Coast Guard's Vision To Protect and Operate in Cyberspace. https://www.uscg.mil/Portals/0/Images/cyber/2021-Cyber-Strategic-Outlook.pdf

White House (2020, December). National Maritime Cybersecurity Plan to the National Strategy for Maritime Security. https://www.whitehouse.gov/wp-content/uploads/2021/01/12.2.2020-National-Maritime-Cybersecurity-Plan.pdf

Wingrove, M. (2020, November 5). Norway Opens Cyber Resilience Centre. Riviera. https://www.rivieramm.com/news-content-hub/news-content-hub/norway-opens-cyber-resilience-centre-61586

Chapter 9. Concluding Thoughts

Bailey, D. (2017, July 13). Why You Need to Follow the Steve Jobs Method and 'Work Backwards.' Inc. https://www.inc.com/dave-bailey/why-you-need-to-follow-the-steve-jobs-method-and-w.html

Bolbota, V., Theotokatosa, G., Boulougourisa, E., & Vassalosa, D. (2020, November). A Novel Cyber-Risk Assessment Method for Ship Systems. Safety Science, 131. DOI: 10.1016/j.ssci.2020.104908. https://www.sciencedirect.com/science/article/pii/S0925753520303052/pdfft

Davidson, D. (2018, March 13). Don't Try to be 'Disruptive.' To Really Have an Impact, You Need to Reverse Engineer the Future. Entrepreneur. https://www.entrepreneur.com/article/309552

Kessler, G.C., and Zorri, D.M. (2021). Cross Domain IW Threats to SOF Maritime Missions: Implications for U.S. SOF. Joint Special Operations University (JSOU) Report 21-4. MacDill Air Force Base (FL): The JSOU Press. https://jsou.libguides.com/ld.php?content_id=61653860

Lundquist, E.H. (2011, January 27). Project Evergreen. Defense Media Network. https://www.defensemedianetwork.com/stories/project-evergreen/

Schauer, S., Stamer, M., Bosse, C., Pavlidis, M., Mouratidis, H., König, S., & Papastergiou, S. (2017). An Adaptive Supply Chain Cyber Risk Management Methodology. In: Kersten, Wolfgang Blecker, Thorsten Ringle, Christian M. (Ed.), Digitalization in Supply Chain Management and Logistics: Smart and Digital Solutions for an Industry 4.0 Environment, Proceedings of the Hamburg International Conference of Logistics (HICL), Vol. 23, ISBN 978-3-7450-4328-0, epubli GmbH, Berlin, pp. 405-425. DOI: 10.15480/882.1491

Percival, T. (2021, January 18). Proactive vs. Reactive Cyber Security Strategies in Maritime. Hellenic Shipping News. https://www.hellenicshippingnews.com/proactive-vs-reactive-cyber-security-strategies-in-maritime/

Shang, W., Gong,, T., Chen,, C., Hou, J., & Zeng, P. (2019, March 14). Information Security Risk Assessment Method for Ship Control System Based on Fuzzy Sets and Attack Trees. Security and Communication Networks, 2019, article 3574675. DOI: 10.1155/2019/3574675. https://downloads.hindawi.com/journals/scn/2019/3574675.pdf

wondersmith_rae. (2020, November 30). Maritime OSINT: Port Analysis. https://wondersmithrae.medium.com/maritime-osint-port-analysis-d09b4531728d

Zorri, D.M., & Kessler, G.C. (2021, September 8). Cyber Threats and Choke Points: How Adversaries are Leveraging Maritime Cyber Vulnerabilities for Advantage in Irregular Warfare. Modern War Institute at West Point. https://mwi.usma.edu/cyber-threats-and-choke-points-how-adversaries-are-leveraging-maritime-cyber-vulnerabilities-for-advantage-in-irregular-warfare/

Ancillary Material
Podcasts/Interviews/Presentations

Cybersecurity Update with Gary Kessler (The Natural Curiosity Project, hosted by Steven Shepard, 06/21/2021)

"GNSS/AIS Spoofing: Issues in Maritime CyberSecurity." Maritime Cyber Security 2021 (06/17/2021).

Satira, B. (2021, May 12). Navigating the Waters of Maritime Cybersecurity. Help Net Security. https://www.helpnetsecurity.com/2021/05/12/maritime-cybersecurity/

An Interview With Gary Kessler on the National Maritime Cybersecurity Plan (The Natural Curiosity Project, hosted by Steven Shepard, 02/18/2021)

An Interview with Gary Kessler on Maritime Cybersecurity (Cybersecurity Career Intelligence, hosted by Fred Scholl, Quinnipiac University, 11/02/2020)

An Interview With Gary Kessler on the Maritime Ransomware Attacks (The Natural Curiosity Project, hosted by Steven Shepard, 10/05/2020)

Hack The Sea 2.0 Village at DEFCON 28 (2020)

Build A Raspberry AIS

GPS:AIS Spoofing Attacks and Some Tools

Protecting AIS with Public Key Crypto Methods

Hack The Sea 3.0 Village/DEF CON 29 (2021)

AIS Tools Demo (Notes from DEF CON)

AIS Proctocol Internals (Abridged) (Notes from Hack the Sea)

Newsletters/Blogs/Web sites that cover maritime cybersecurity and related issues

Center for International Maritime Security

Coast Guard Maritime Commons

CSO Alliance

Digital Ship newsletter

gCaptain

Hellenic Shipping News

JOC.com Maritime News

Lloyd's List

MarineLink

The Maritime Executive

Maritime Logistics Professional

Maritime & Port Security Information Sharing and Analysis Organization (MPS-ISAO) TLP-Green Reports and Advisories

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MCYSEKA - Maritime Cyber Security Knowledge Archive

Resilient Navigation and Timing Foundation

Riviera Maritime Media

SAFETY4SEA

USCG Maritime Cyber Readiness Branch (MCRB)

Vessel Performance Optimisation

Relevant journals

International Journal of Maritime Crime & Security

Journal of Marine Science & Engineering

Journal of Marine Science & Technology (Digital Commons)

Journal of Marine Science & Technology (JASNAOE)

Transactions on Maritime Science

TransNav, the International Journal on Marine Navigation and Safety of Sea Transportation

GPS/GNSS-Related Issues

USCG Navigation Center — GPS Problem Reports Status page

Resilient Navigation and Timing Foundation

Ship tracking Web sites (mentioned in Chapter 3):

CruiseMapper

FleetMon

MarineTraffic

My Ship Tracking

Ship Tracker

Shipfinder

TankerTrackers.com

Vessel Finder

Vesseltracker

Buy the Book!

The book can be purchased from Amazon in Kindle or print format.

Get more information about Gary (Amazon Author Page | Web site) and Steve (Amazon Author Page | Web site).

© 2020-2021, Gary C. Kessler & Steven D. Shepard