Maritime Cyber Threats research group

Overview

As a Tier1 National UK threat, cyber-attacks can cost companies millions in a maritime cyber-attack. As the world heavily depends on maritime operations, we at the University of Plymouth have been researching maritime cyber-threats as few organisations have the capability, connections, and facilities to do so. This group is uniquely placed to make significant contributions in maritime cyber-security and brings together leading-edge multidisciplinary research and practical expertise from across UoP and beyond.

Current projects

  • Compiling a body of knowledge article for the area of maritime cyber-threats.
  • Vulnerability and risk analysis for existing ship-based systems.
  • Threat assessment for ship-based operations and human decision making.
  • Supply chain vulnerability for maritime operations.
  • Cyber-security for autonomous vessels.
  • Process and training to protect mariners and ships against cyber-attacks.
  • Understanding psychological perceptions of, and responses to, risk and threat.

We continuously engage in discussions and collaborative research with academia, government and industry in all areas related to maritime cyber-threats.  Part of our research and training is held in the University ship simulators, and the team is in active collaboration with the cyber-security aspect of the Mayflower Autonomous Ship project and in supplying relevant training for maritime-security.


Recent publications and presentations

Jones K, Tam K, and Papadaki M. Threats and Impacts in Maritime Cyber Security, IET Engineering & Technology Reference. April 2016

Tam K, Jones K. Maritime Cyber Risk: Model-Based Assessments for the Global Fleet [slides], MRS 2017 &  United States Merchant Marine Academy November 2017

Jones K, Tam K. Maritime Cyber Risk [slides], UK Security Expo 2017, Maritime and Transport security Conference. Grand Hall, London.

Recent news

Maritime-Cyber Ransomware Scenario

Attackers or hackers can use ransomware to hold a target hostage for ransom. This can have unique outcomes in the maritime environment, as it could either lock crew or passengers in their rooms (for example, on a cruise ship) or possibly even lock ship controls, leaving the entire ship drifting and vulnerable at sea. To raise awareness, researchers at Plymouth University have filmed this scenario on one of the university’s ship simulator, while researching technological and policy-based solutions.

False AIS Data in Cyber-Attack Scenario

Not all cyber-attacks result in physical or even noticeable actions. Some of the most sophisticated attacks, like corporate espionage, may never even be detected. In this scenario, an attempt to steal data from the ship bridge has accidentally, and temporarily, corrupted anti-collision software (AIS) and caused phantom ships to appear close to the ship. Researchers at Plymouth University filmed this scenario to raise awareness on these kinds of maritime cyber-issues, as misinformation can be confusing, particularly in bad weather, and crew can lose trust in the ship systems or accidents can occur. It is important to realise that not all attacks are “flashy”, and even if a system goes back to behaving normally, crew should be trained to recognize whether a cyber-attack is occurring and the system will continue to be compromised until fixed.

Staff profiles