Anonymous Reporting
MCA Chatter
V-ID Terminal
My Account


Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019

Future of the Sea: Cyber Security

December 11th 2017
Executive Summary

The UK’s reliance on a secure and stable maritime sector makes maritime cyber security a key concern. This is particularly true for the security of seaborne trade, which makes up the vast majority of UK imports and exports. The UK National Cyber Security Strategy has clearly identified maritime infrastructure and vessels, as a class of cyber-physical systems, to be potentially vulnerable to interference from cyber threats. This potential vulnerability stems from a combination of increased connectivity and reliance on digital components, increased levels of autonomous control, and globally accessible navigation systems.

The scope of this review includes evidence accumulated to describe cyber security needs within the maritime sector, accounting for publicly reported cases of successful cyber attacks against the maritime infrastructure. A range of sources have been consulted including peer-reviewed publications, industry reports, government reports, and media sources vetted for credible reporting. The key findings are summarised below.

• Within the maritime sector, three broad categories of cyber attacks have been identified with a range of demonstrable impacts. These categories are defined by the target of the attack; enterprise and information assets, GPS and navigation systems, or critical control systems.

• Across these three types of attacks, a rise in criticality has been observed in terms of threat motivation, technical competence of attackers and complexity of employed attacks. The published evidence for the maritime threat landscape is sparse beyond the reported attacks.

• Some potential technological developments for the maritime industry merit special attention as they are expected to occur during the next 3–5 years. These include advances in communication, improved sensing, and intelligent and autonomous control systems. All three pose cyber security challenges as they build over existing digital technologies, allowing for broader access to ships and vessels, as well as making potential software-dependent weaknesses easier to exploit for malicious gain.

• Traditional engineering has focused on safety-critical design and development. Safety, however, is distinct from cyber security. Lessons from other sectors with parallel challenges suggest that both security and safety need to be incorporated across the engineering lifecycle to ensure such systems are safe from accidents and secure from deliberate threats.

• Enterprise IT systems used for typical office functions within the maritime sector need to be better protected with previously existing security mechanisms to counter commonly known threats.

• Navigation systems, which are critical to the maritime sector, should be paid particular attention in order to protect against skilled and targeted attacks.

• Advanced and sophisticated attacks may target a range of electronic and control systems for ships, vessels, offshore units and port systems. These need particularly highly coordinated responses including support from national technical authorities such as the UK’s National Cyber Security Centre (NCSC).

• Other responses to mitigate against cyber security risks are also required to be crosssector, including threat sharing and attack reporting systems, coordinated incident

Please find the report attached as a downloadable PDF. 


Portable document format
Portable document format 213,33 KB
December 11th 2017 11:42