Dutch University Launches Maritime Cyberattack Database

Image courtesy of the Department of Homeland Security.

Researchers at NHL Stenden University of Applied Sciences in the Netherlands in July announced that they have launched the Maritime Cyber Attack Database (MCAD), a database of incidents involving the worldwide maritime sector.

As of the time of its launch, the database contained more than 160 incidents.

The university said in a statement that incidents in the database demonstrate the relevance of cybersecurity across the board of today’s maritime industry and the vulnerabilities that exist.

Drawing from open source information, the NHL Stenden’s Maritime IT Security research group collected information on the more than 160 cyber incidents for the MCAD. The database not only covers incidents impacting vessels, but also ports and other maritime facilities worldwide.

Now available publicly online, the research group said that it expects the database to help improve maritime cybersecurity awareness and provide data for further research.

Incidents in the database include an insider attack by a systems administrator on a U.S. nuclear aircraft carrier at sea in 2014 and a 2019 ransomware attack on a large container ship that prevented it from entering New York harbor.

“Considering over 90% of the world’s cargo is transported by ship (an equivalent of 70% of global trade value), the latter incident demonstrates an especial weakness concerning the Global Maritime Transportation System (GMTS),” the researchers said in a statement.

The GMTS is a system of systems that cover vessels, waterways, ports, and landside connections, moving people and goods to and from the water.

“It’s role in the global economy is significant and its security all the more essential, and yet fleets and the technology they carry are aging rapidly and becoming increasingly vulnerable to cyber-attacks such as the ransomware attack in 2019,” the researchers’ statement reads in part.

Research shows that about 38% of oil tankers and 59% of general cargo ships globally are more than 20 years old.

“This database is aimed at creating a safer world, where the GMTS can respond to threats that will just continue to grow in numbers and impact,” Peter Mulder, Academy Director ICT & Creative Technologies at NHL Stenden, stated. “By creating this public database, we increase greater awareness about cyber incidents in the maritime sector, and we create data for further research by our research group … and our associated partners.”

One of the uses of the database is to develop maritime cyber incident simulations that are realistic and relevant so that companies, organizations, ports and harbors can prepare for attacks. The research group will also use MCAD to produce reports and research papers showing trends and the results of detailed analysis on subsets of the data.