A Sea of Cyber Threats: Maritime Cybersecurity from the Perspective of Mariners

• URL: http://arxiv.org/abs/2506.15842v2
• Date: Mon, 14 Jul 2025 21:31:09 GMT
• Title: A Sea of Cyber Threats: Maritime Cybersecurity from the Perspective of Mariners
• Authors: Anna Raymaker, Akshaya Kumar, Miuyin Yong Wong, Ryan Pickren, Animesh Chhotaray, Frank Li, Saman Zonouz, Raheem Beyah,
• Abstract summary: Maritime systems, including ships and ports, are critical components of global infrastructure.<n>Recent attacks disrupting Maersk, one of the world's largest shipping companies, caused widespread impacts on international trade.<n>Despite the sector's importance, maritime cybersecurity remains underexplored, leaving significant gaps in understanding its challenges and risks.
• Score: 11.0069835329933
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Maritime systems, including ships and ports, are critical components of global infrastructure, essential for transporting over 80% of the world's goods and supporting internet connectivity. However, these systems face growing cybersecurity threats, as shown by recent attacks disrupting Maersk, one of the world's largest shipping companies, causing widespread impacts on international trade. The unique challenges of the maritime environment--such as diverse operational conditions, extensive physical access points, fragmented regulatory frameworks, and its deeply interconnected structure--require maritime-specific cybersecurity research. Despite the sector's importance, maritime cybersecurity remains underexplored, leaving significant gaps in understanding its challenges and risks. To address these gaps, we investigate how maritime system operators perceive and navigate cybersecurity challenges within this complex landscape. We conducted a user study comprising surveys and semi-structured interviews with 21 officer-level mariners. Participants reported direct experiences with shipboard cyber-attacks, including GPS spoofing and logistics-disrupting ransomware, demonstrating the real-world impact of these threats. Our findings reveal systemic and human-centric issues, such as training poorly aligned with maritime needs, insufficient detection and response tools, and serious gaps in mariners' cybersecurity understanding. Our contributions include a categorization of threats identified by mariners and recommendations for improving maritime security, including better training, response protocols, and regulation. These insights aim to guide future research and policy to strengthen the resilience of maritime systems.

Related papers

• Transportation Cyber Incident Awareness through Generative AI-Based Incident Analysis and Retrieval-Augmented Question-Answering Systems [10.753557727661027]
  This paper presents a large language model (LLM) based approach to extract and organize transportation related cyber incidents.<n>A key contribution of this work is the use of generative AI to transform unstructured, heterogeneous cyber incident data into structured formats.<n>This study contributes a novel, accessible tool for improving cybersecurity awareness in the transportation sector.
  arXiv  Detail & Related papers  (2025-08-04T15:34:25Z)
• Secure Physical Layer Communications for Low-Altitude Economy Networking: A Survey [76.36166980302478]
  The Low-Altitude Economy Networking (LAENet) is emerging as a transformative paradigm.<n>Physical layer communications in the LAENet face growing security threats due to inherent characteristics of aerial communication environments.<n>This survey comprehensively reviews existing secure countermeasures for physical layer communication in the LAENet.
  arXiv  Detail & Related papers  (2025-04-12T09:36:53Z)
• Frontier AI's Impact on the Cybersecurity Landscape [42.771086928042315]
  This paper presents an in-depth analysis of frontier AI's impact on cybersecurity.<n>We first define and categorize the marginal risks of frontier AI in cybersecurity.<n>We then systemically analyze the current and future impacts of frontier AI in cybersecurity.
  arXiv  Detail & Related papers  (2025-04-07T18:25:18Z)
• A Systematic Review of Security Communication Strategies: Guidelines and Open Challenges [47.205801464292485]
  We identify user difficulties including information overload, technical comprehension, and balancing security awareness with comfort.<n>Our findings reveal consistent communication paradoxes: users require technical details for credibility yet struggle with jargon and need risk awareness without experiencing anxiety.<n>This work contributes to more effective security communication practices that enable users to recognize and respond to cybersecurity threats appropriately.
  arXiv  Detail & Related papers  (2025-04-02T20:18:38Z)
• Maritime Cybersecurity: A Comprehensive Review [8.406766604243163]
  Maritime cybersecurity refers to the protection of computer systems and digital assests within the maritime industry. In this survey, we aim to identify the significant domains of maritime cybersecurity and measure their effectiveness. A multi-dimensional taxonomy of maritime cyber attacks is presented, offering insights into threat actors, motivations, and impacts. We have evaluated various security solutions, from integrated solutions to component specific solutions.
  arXiv  Detail & Related papers  (2024-09-09T07:30:48Z)
• The MESA Security Model 2.0: A Dynamic Framework for Mitigating Stealth Data Exfiltration [0.0]
  Stealth Data Exfiltration is a significant cyber threat characterized by covert infiltration, extended undetectability, and unauthorized dissemination of confidential data. Our findings reveal that conventional defense-in-depth strategies often fall short in combating these sophisticated threats. As we navigate this complex landscape, it is crucial to anticipate potential threats and continually update our defenses.
  arXiv  Detail & Related papers  (2024-05-17T16:14:45Z)
• Cyber Threat Landscape Analysis for Starlink Assessing Risks and Mitigation Strategies in the Global Satellite Internet Infrastructure [0.0]
  This study aims to provide valuable insights into the cybersecurity challenges inherent in the operation of global satellite internet infrastructure. By prioritizing risks and proposing effective mitigation strategies, this research seeks to contribute to the ongoing efforts to safeguard the integrity and accessibility of satellite-based internet connectivity.
  arXiv  Detail & Related papers  (2024-05-11T23:03:31Z)
• The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
  Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
  arXiv  Detail & Related papers  (2024-01-03T07:47:22Z)
• The New Frontier of Cybersecurity: Emerging Threats and Innovations [0.0]
  The research delves into the consequences of these threats on individuals, organizations, and society at large. The sophistication and diversity of these emerging threats necessitate a multi-layered approach to cybersecurity. This study emphasizes the importance of implementing effective measures to mitigate these threats.
  arXiv  Detail & Related papers  (2023-11-05T12:08:20Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• A System for Automated Open-Source Threat Intelligence Gathering and Management [53.65687495231605]
  SecurityKG is a system for automated OSCTI gathering and management. It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
  arXiv  Detail & Related papers  (2021-01-19T18:31:35Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.