This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

Maritime Cyberattack and Ransomware

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

 

. Maritime Cyberattack and Ransomware

Introduction

Cyber attacks in  American marine have affected many companies in losing over an average of $17.36 million annually due to cyberattacks. Cybersecurity in the U.S. maritime has increased due to the socio-political tension with foreign countries. It is imperative to understand the reasons and implications of ransomware and cyberattacks in the maritime industry. The effect of Maritime getting attacked has led to significant economic losses and information breach. The research aims to evaluate maritime cybersecurity and identify the various threats that influence naval operations and activities. The research question, How would the U.S. maritime industry reduce cyber and ransomware attacks? Numerous cyberattack incidents occurred in America that proved inadequate security from hackers and aspects of ransomware (Chang et al., 2019). The hypothesis is that if there is increased cybersecurity in the U.S. maritime industry, then it would ensure low economic loss and ransomware attacks. The American maritime industry includes the cyber attacks that are caused by a lack of training and preparedness of the experts. Secondly is the use of an outdated system in the industry that has made U.S. maritime vulnerable to internal and external attacks, and lastly, is the risk of being hacker’s target. The need for mitigation strategies in solving the aspect of cyber attacks and ransomware would be able to improve the cybersecurity process through providing the best cybersecurity training courses to experts, regular updating and upgrading of software program, and improving the cybersecurity climate and international relations with other nations to avoid being targets ( Lagouvardou, 2018).

 

Literature review

Maritime Transportation and IoT

America’s Marine Transportation System, also known as the ( MTS ) involves the expansive waterways and ports in which assists in the transportation of people and cargo. There are also land-side connections in which promotes the movement of passengers as well as goods to and from the American coastal waters. The MTS entails around 25,000 miles of navigable channels, which shows that the marine system is vast. In the U.S., the primary elements of maritime transportation involve the port infrastructure and the canals, which require optimal security. Author Tucci (2017) contend that cyber incidents adversely impacts the lives of individuals at sea and the ports. Compromised marine navigation system usually threatens lives, and pus the environment in danger. The author explains the implication of the vulnerability of the maritime industry in the U.S. and how the loss of property and money gets lost, thus profoundly disrupting the typical trade activities. The need to address security concerns by the U.S. Coast Guards ensure long sustainable security measures and strategies that would withstand cyber attacks and address other security risks in the marine transportation system (MTS). Whenever there are ample safety measures, t promotes international trade, which encourages ship and vessel operators to feel safe. The need for U.S. marine to establish regular risk assessments and viable mitigation process would make the American waters free from cyber-related threats.

Moreover, the State and local governments have the mandate to contribute to the success of the security maintenance process through information sharing. Engagement of authorities through Maritime Security Committees and meetings, even forums, gives the government opportunity to address cyber risks. The waterways infrastructure in the maritime industry is one of the integral elements in which ensures there is safe vessel movement at sea under the protection of the U.S. coast guards. The hijacking mitigation of the port infrastructure is imperative as it entails protecting the port operations and warehousing information (Marks, 2017).

The decrease of ransomware and the continuous threat in the Internet of Things( IoT) have been mitigated mainly through the sensors in the IoT paradigm (Yaqoob et al., 2017 ). The security concerns in the IoT was brought the traditional security mechanisms which cannot be advisable due to the technological advancement and innovation. The growing scope of the internet has made it more dangerous for online and digital devices to get hacked. The reduction on the outdated and resource-constrained devices is some changes in with IoT that have managed to stay clear of the cyber attacks and ransomware. Over the years, the internet has been a platform for ransomware attacks and making the US government have open network challenges. During a cyberattack, data integrity usually gets compromised. It is essential to ensure security software’s upgradability and patchability features are updated in the port infrastructure and systems. Promoting privacy and trust in the private sector, especially ship owners.

The Maritime Administration’s (MARAD)

Kessler, Craiger, and Haass (2018) posit that the maritime transportation system tends to experiences an increase in target cyber-attacks that affect the industry’s safety. The authors support the need for adversarial cyber models in which would ensure optimal maritime industry as well as risk mitigation and resiliency plans, which reduce cyber attacks. The purpose is to foster the development of the U.S. maritime industry with the intent to meet the various country’s economic and security needs.  There is a need for the United States to increase cybersecurity on its strategic sealift capabilities so that it would ensure ships to deploy their military forces without getting hijacked. Some of the strategic sealift involves the  Government-owned as well as private vessels that do business and trade under the U.S.-flag. The U.S. government also depends on the Mariners and the intermodal systems that support infrastructure transport. The challenges of the port infrastructure in the U.S. has reduced the capacity to handle cargo movement at sea, which affects commerce. There is a need for significant improvements to the multimodal transportation infrastructure so that it would reduce the level of congestion, which leads to delay in transportation. Port effectiveness and efficiency act as interfaces between water and land-based activities and movements.  Roberts et al., 2019 contend that having a multimodal system in that the maritime industry is both physical and online to avoid total penetration of ransomware in the system would promote MTS in the United States. Physical intrusion to the naval base or maritime IT faculty is difficult hence reducing the chances of cyberattacks. Physical prevention strategies like password and key card access to maritime faculties and cargo warehouses promote MTS protection.

 

 

 

 

Ransomware attack at U.S. maritime base

In 2019, there was a virus attack on the American maritime industry in which implied that cyber-attacks and online hacking poses a threat to the U.S. coast guards. It is a fact to understand cybersecurity in America is re required, and it is their mandate to ensure that there is no interference. The hackers demanded money for the restoration of the system of $14m (£10.6m). There are a lot of external hijacked servers that affect businesses in the marine industry. The online hacking has led to getting port transportation system vulnerable to ransomware. China and North Korea have been neck to neck with the United stated in technological supremacy, which has led to international tension and hostility. The new mode of attacks is the cyber wars which can cripple communication and transportation systems. According to Jones et al., 2016 asserts that due to the technological change and the vast innovation in cybercrimes,  there has been a lot of vulnerability that impacts the security of the maritime transportation system in the United States. The author further explains the securing of private and public owned vessels at sea requires optimal cybersecurity to avoid online hijacks for information and goods. Compromised vessel tends to lose data and control of their operations. Maritime-related systems are at high risk of getting attacked by ransomware, especially their navigation systems. There is a need for more cybersecurity measures for propulsion, and cargo-related functionality in which the U.S. government should invest to avoid future hacks. Recently this year, U.S. Coast Guard admitted that there was a ransomware attack that affected the whole facility. The lack of detection of the USCG has led to ransomware intrusion, which out the U.S. marine safety at risk. The need for the proper establishment of marine safety alert would prevent previous Ryuk ransomware attacks that penetrated an I.T. facility network of a Maritime Transportation Security Act (MTSA). https://www.google.com/amp/s/www.silicon.co.uk/security/cyberwar/ransomware-us-coast-guard-326285/amp

 

Methodology

The research methodology that would be appropriate is the qualitative method, as it would entail the in-depth descriptive analysis of the research dissemination ( Clark, K. R., & Vealé, 2018). Through the descriptive approach, it will answer the research question of how to reduce the US maritime cyber attacks and ransomware. Firstly, it attacks, and ransomware is not physical components, but they are wireless systems in which get attacked by viruses and hijacking of the system. The US maritime security system usually gets a lot of criticism for failure to incorporate drastic contingency action plans. Purposely to avoid hackers penetrating the networks and steal all cargo and passenger manifest data, US marine and naval information, and vessel movement control. Over the years, there have been security council talks with the US coast guards in the implementation of a secure cybersecurity system to mitigate ransomware attacks. Secondly, through the descriptive method, it is essential to understand that qualitative methodology is crucial as it analysis the data or information collected vividly. The reason as to why this method is useful is that it would explain the various strategies and containment measures of preventing cyber attacks. The after match of ransomware attacks tend to cripple the US maritime industry by making the cargo and people’s movement vulnerable to external and internal attacks. The purpose of the research approach is to examine the implication of US maritime after the cyber-attacks and explaining the rationale for the implementation of cybersecurity measures and action plans. The descriptive research approach has the benefit of explaining the need for the US maritime industry to fund software installation and security management systems to prevent cyber attacks and ransomware.

The data collection method for the research is in-depth interviews as it entails both personal and unstructured interview questions. The selection criterion of the participants would involve a random sampling method that would be imperative to prevent any form of biased information given.  The data collection tool would include the semi-structured questionnaire in which would be in getting the information of randomly selected participants from a different level of management in the US maritime sectors.

Some of the questionnaires are ;

1. What do you think about ransomware attacks on the US maritime industry?

2. What is the main problem that leads to cyber attacks on US maritime security systems?

3. What are the impacts that affect vessels and cargo movements after cyberattacks? Are there any economic losses?

4. What are the experiences and the lessons learned after a ransomware attack on US MTS and control system?

5. What are the strategies and measures to be taken to prevent cyber attacks ransomware in the maritime industry in the United States?

Analysis

In this section of the research, the data collected from the random selection process of participants included answered of the semi-structured interview question. The purpose of the analysis is to establish a concrete understanding of how cyber attacks and ransomware influence maritime operations and activities. The Qualitative Data Analysis (QDA) usually would interpret how US coast guards experience the aftermath of cyberattacks and how people and situations get impacted by cybersecurity in the maritime industry in a matter of vessel and cargo movement. Narrative analysis is the appropriate method to analyze the collected data from the interview. The rationale for using this analysis method is to analyze the available content from semi-structured interviews of respondents thoroughly. The narrative analysis focuses on utilizing different experiences shared by individuals of the coast guards by answering the research question, which is how the US maritime industry will reduce cyberattack and ransomware would. The ransom participants were five in which they were able to answer all the interview questions. For question one, the participants explained that they viewed ransomware as a deliberate attack from United states competitors in the naval system and maritime transportation. It is imperative to understand that foreign entities are some of the causes of aggression. There are two main reasons for a ransomware attack on the US maritime industry, which involves getting vital intelligence on cargo and vessel information on US coastal lines. Another one is to extort money from the US government, which is a capital crime to hack into a marine base or maritime IT facility. Questions two and three were answered, explaining the lack of preparedness in having mitigation strategies for preventing cyberattacks. The hijacking of the systems has been prevalent in the past five years in the Marine industry, which proves that the primary problem is lack of planning and realization of the importance of having updated cybersecurity. The impact on the cargo and vessel movement for both government and private owners is that it leads to uncertainty and misinformation when at sea. The economic loss that owners endure due to ransomware and cyber attacks is enormous, which brings to loss of trust in the US maritime security measures and system. Questions four and five involve the experiences of the US coastguards and the vessel owners after being attacked by ransomware. The coast guards feel that they are not well trained or equipped to prevent the online hijacking of their systems. Some of the recommended strategies include proper training of the employee, using updated software tools and methods, and lastly, promoting international cooperation and relation with countries that are previously responsible for hacking the system. For instance, having good international cooperation and ties with North Korea and China would ensure low ransomware and cyber-attacks, which affects the US economically and socially, bringing uncertainties in the maritime industry.

Findings of the collected data involved that various security breaches in the US marine brought by lack of preparedness from the US Coast guards and IT facilities. Another result is that ransomware attacks require proper cybersecurity updates on all control centers. Training of personnel and employment of specialized IT experts with experience of cyber-attack mitigation protocols are some of the measures discussed in the semi-structured interview questions.

Recommendations

This section entails the necessary guidelines and measures in solving the issue with cyber attacks and the vulnerability of the US maritime sector. It is imperative to have strategies in which can be able to maintain proper inventory of control system devices; hence it would mitigate any form of exposure of online attacks that affects the external networks. There is a need to implement effective network segmentation and the application of firewalls, which protects the US maritime system. The US coastal guards and IT faculty should have proper employee cybersecurity training program or refresher courses which would promote optimal protection. The US marine base requires early threat detection systems so that they can forecast any imminent danger to the systems and control. The port infrastructure is integral for the commerce of the country, and it essential to install anti-malware that would be effective in ransomware prevention. The hacking of naval-based and cargo ships over the past years proves that there is a need for software upgrades. Marine based systems require test runs that are frequently scheduled in scanning the security status. Cyber attacks can be mitigated through the recommendation of having the restore and recovery points so that they can ensure no loss of data after an attack or hijack. Training the US coast guards and other personnel in risk management and preparedness would help educate them on the dangers of cyber attacks and ransomware ( Mraković, & Vojinović, 2019).

Conclusion

Cybercrimes and attacks are considered unethical, and the US government has the mandate to protect data-intensive business environments and facilities from any form of ransomware like WannaCry and adopt best mitigation practices. The increasing technological advancement and the innovation that happens all across the world explains the need to have useful information security programs and software that would protect data integrity. The US maritime infrastructure requires constant data updates by applying technology practices. The research aimed to explain the need for cybersecurity strategies that would foster data security in the marine industry as a whole. The maritime transportation systems are targets by foreign and domestic attacks. The naval and other marine-based systems, as well as ports and waterways, should be protected to ensure governmental and private-owned vessels have ease in movement. Education and training the US coast guards and hiring experienced IT specialists are vital to forecast future cyber attacks. Proper management of software updates and restricted access to cargo and other control systems reduce IT security risks. Finally, the development of contingency plans with the new online backups system would ensure that cyber threats and ransomware attacks get mitigated.

 

References

Chang, C. H., Wenming, S., Wei, Z., Changki, P., & Kontovas, C. A. (2019, November). Evaluating cybersecurity risks in the maritime industry: a literature review. In Proceedings of the International Association of Maritime Universities (IAMU) Conference.

Clark, K. R., & Vealé, B. L. (2018). Strategies to enhance data collection and analysis in qualitative research. Radiologic Technology89(5), 482CT-485CT.

Tucci, A. E. (2017). Cyber risks in the marine transportation system. In Cyber-Physical Security (pp. 113-131). Springer, Cham.

Jones, K. D., Tam, K., & Papadaki, M. (2016). Threats and impacts in maritime cyber security.

Kessler, G. C., Craiger, J. P., & Haass, J. C. (2018). A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System. TransNav: International Journal on Marine Navigation and Safety of Sea Transportation, 12(3), 429.

Lagouvardou, S. (2018). Maritime Cyber Security: concepts, problems and models. Kongens Lyngby, Copenhagen.

Mraković, I., & Vojinović, R. (2019). Maritime Cyber Security Analysis–How to Reduce Threats?. Transactions on Maritime Science8(01), 132-139.

Marks, M. (2017). The U.S. Passenger Vessel Industry. Coast Guard Journal of Safety & Security at Sea, Proceedings of the Marine Safety & Security Council, 74(1).

Roberts, F. S., Egan, D., Nelson, C., & Whytlaw, R. (2019). Combined cyber and physical attacks on the maritime transportation system. NMIOTC Maritime interdiction operations journal18.

Yaqoob, I., Ahmed, E., ur Rehman, M. H., Ahmed, A. I. A., Al-garadi, M. A., Imran, M., & Guizani, M. (2017). The rise of ransomware and emerging security challenges in the Internet of Things. Computer Networks129, 444-458.

 

https://www.google.com/amp/s/www.silicon.co.uk/security/cyberwar/ransomware-us-coast-guard-326285/amp

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask