Maritime Cyber Attack Database (MCAD)

Maritime Cyber Attack Database (MCAD)


Researchers at NHL Stenden University of Applied Sciences in the Netherlands have launched the Maritime Cyber Attack Database (MCAD), a database of incidents involving the worldwide maritime sector. MCAD is an open-source database that compiles records of maritime cyber incidents dating back to 2001.

Created by a team led by Dr Stephen McCombie, Professor of Maritime IT Security, the database contains over 160 incidents, including location spoofing of NATO ships visiting Ukraine in the Black Sea in 2021. Developed collaboratively with students, this database is now accessible online to the public. By utilizing open-source data, the research group has documented various cyber-related events within the maritime sector, including instances such as Russia's location spoofing of NATO ships in the Black Sea near Ukraine in 2021.



Enhancing Cybersecurity Awareness


The entries in the database underscore the significance of cybersecurity in today's maritime industry, revealing prevalent vulnerabilities. McCombie emphasizes that the simulated attack in Ukraine aimed to elicit a response, showcasing the concept of 'deploying disruptive power.' The range of possibilities in contemporary cyber threats is noteworthy, emphasizing the need to educate governments and businesses not only on responding to such attacks but also on proactive preparedness. Other incidents in the database include an insider attack by a systems administrator on a US nuclear aircraft carrier at sea in 2014 and a 2019 ransomware attack on a large container ship that prevented it from entering New York harbor.

Maritime Cyber Attack Database (MCAD)

Screenshot of the Maritime Cyber Attack Database (MCAD).
Click HERE to visit the database. (https://maritimecybersecurity.nl/)



“The scope of what is possible today is surprising, so we need to educate governments and companies about these kinds of cyber-attacks and help them understand not only how to react to them, but how to be prepared for them”, said Dr. McCombie.

The Maritime IT Security research group at NHL Stenden drew from open-source information to compile data on more than 160 cyber incidents in the maritime industry for MCAD. This database extends beyond vessel-related events, encompassing incidents affecting ports and other maritime facilities worldwide. Now publicly available online, the database is anticipated to enhance cybersecurity awareness in the sector, providing valuable information for further research and more precise simulations in this critical domain.

One of the planned uses of the database is to develop maritime cyber incident simulations that are realistic and relevant so that companies, organizations, ports, and harbors can prepare for attacks. The research group will also use MCAD to produce reports and research papers showing trends and the results of detailed analysis of subsets of the data.

“The incident database is not a one-off and the collection will be regularly updated and augmented. While we searched manually for the initial research, we are now developing AI to help automate the identification of new incidents from open sources and identify further details on already known incidents,” added Dr McCombie.

In summary, the Maritime Cyber Attack Database (MCAD) documenting cyber incidents in the maritime industry provides a valuable resource for improving cybersecurity, informing decision-making, and fostering collaboration. Its accessibility to the public contributes to a collective effort to address the evolving challenges of cybersecurity in the maritime sector.


REFERENCE


About the Author

Ruben George