Identifying Commonalities of Cyberattacks Against the Maritime Transportation System


  • Rebecca Rohan Marymount University



maritime transportation system, MTS, adversary, information technology (IT)


The purpose of this study is to identify commonalities in cyberattacks against the civilian maritime transportation system (MTS). For this exploratory study, the researcher analysed documents to identify trends about the cyberattacks impacting and responsible adversaries targeting maritime operations. The MTS can use identified trends to make informed decisions about information technology (IT) and operational technology (OT) requiring new or enhanced cybersecurity measures. Current research examining publicly disclosed cyberattacks impacting MTS companies identifies the trend of increasing cyberattacks against the MTS. However, current research fails to examine adversaries and their social-political needs thoroughly. Knowledge of the adversary based on the Diamond Model of Intrusion Analysis can be augmented by identifying which MTS assets (e.g., shipbuilding, ports) and which aspect of the information security triad—Confidentiality, Integrity, or Availability (CIA)—the adversary targeted. At the conclusion of this limited, exploratory document analysis, the researcher determined the most compromised aspect of the information security triad was Availability and then Confidentiality; there were no identified Integrity compromises. The most targeted MTS assets was shipping companies, followed by ports, administration, shipbuilding, and vessels. Concerning the adversary customer behind MTS cyberattacks, China was first, followed by unknown cyber adversaries, then Russia, Iran, and Israel. Last, in terms of adversary’s social-political needs, data exfiltration occurred the most, followed by ransomware, political agenda, and unknown needs.