A Structured Analysis of Information Security Incidents in the Maritime Sector

Cyber attacks in the maritime sector can have a major impact on world economy. However, the severity of this threat can be underestimated because many attacks remain unknown or unnoticed. We present an overview about publicly known cyber incidents in the maritime sector from the past 20 years. In total, we found 90 publicly reported attacks and 15 proof of concepts. Furthermore, we interviewed five IT security experts from the maritime sector. The interviews put the results of our research in perspective and confirm that our view is comprehensive. However, the interviewees highlight that there is a high dark figure of unreported incidents and argue that threat information sharing may potentially be helpful for attack prevention. From these results, we extract threats for players in the maritime sector.