Increasing cyber-awareness amongst actors of the maritime logistics value chain
The maritime industry is an important financial sector for the EU’s economy. Digital infrastructure plays a critical role in the operation and management of numerous systems that are critical to the safety and security of shipping and ports. However, many of the maritime information systems were designed without taking into account the ever-growing cybersecurity risk. This heightens the need for improvements to cyber risk management and the importance of cyber preparedness. In this context, the EU-funded Cyber-MAR project sought to fully exploit cyber range – a virtual environment for hands-on cyber simulation training and software development – in the maritime logistics value chain. “Our aim was to provide a cost-efficient training solution and, amongst other objectives, we sought to develop and deploy a sophisticated simulation platform based on the capabilities of cyber ranges. This would cover the training needs of different kinds of professionals, while also raising their cybersecurity awareness level through hands-on training and practice,” explains Angelos Amditis, project coordinator and research and development director of the Institute of Communication and Computer Systems in Greece.
Highly customisable innovative platform
The Cyber-MAR project developed and deployed a highly customisable innovative platform that extends and combines the capabilities of its interconnected cyber ranges into an integrated environment with sophisticated capabilities in hybrid simulation, intrusion detection and prevention, data fusion and analytics, situational awareness, and threat intelligence. “The simulation of realistic cyberattack scenarios and exercises, as well as the seamless integration with a learning management system, was used to cover the training needs of maritime professionals and raise their cybersecurity awareness level through hands-on training,” outlines Amditis. Complemented by cyber risk assessment and econometric modelling capabilities, the Cyber-MAR platform also allowed users to implement vulnerability analysis of their infrastructure assets and assess the potential economic impact of the various cyberattack scenarios across different value chains. This capability facilitated the development of risk mitigation strategies and resilience improvement.
Testing the platform in three pilot case scenarios
The platform was validated in three highly realistic pilot use case scenarios in ports and ships, showcasing its applicability and practicality. “The first pilot scenario focused on testing and validating an initial version of the Cyber-MAR system in the scope of a cyber-attack scenario on the port authority’s electrical grid at the Port of Valencia,” notes Amditis. The second pilot case looked at a vessel scenario – where an attacker launched an attack, altering the course of a large container vessel. In doing so, it caused a blockage on the approach channel. The third scenario involved testing a combined attack that initially targeted the SCADA system, responsible for controlling the traffic around the train yard. This was followed by the main attack on the port network, wiping out its entire IT and OT infrastructure.
Increasing the maturity of the Cyber-MAR platform
Overall, the project succeeded in identifying and characterising the cyber risks that are of most concern to port and/or vessel operations. “Additionally, we managed to quantify the economic impact of port disruptions caused by cyber-attacks and develop tools to help all stakeholders understand, assess and estimate the costs that cyber-attacks could potentially inflict on maritime enterprises. Finally, we aimed to establish and extend collaboration and engagement among CERTs/CSIRTs, competent authorities, and relevant actors,” concludes Amditis. The project’s next steps involve identifying possible improvements to the Cyber-MAR platform with the aim of increasing its maturity level, as well as supporting commercialisation activities to make Cyber-MAR results available to the market.
Keywords
Cyber-MAR, cybersecurity, Cyber-MAR platform, maritime sector
