NHL Stenden University of Applied Sciences has launched database that exposes cyber hacking in the worldwide maritime industry.

Researchers led by Dr Stephen McCombie, professor of maritime IT Security, have launched the Maritime Cyber Attack Database (MCAD), a database of incidents involving the worldwide maritime sector. The database contains over 160 incidents, including the location spoofing of NATO ships visiting Ukraine in the Black Sea in 2021.

The database not only covers incidents impacting vessels, but also ports and other maritime facilities worldwide. Now available publicly online, the research group expects the database will help improve cyber security awareness in the sector and provide data for further research and more accurate simulations in this critical area.

Other incidents in the database include an insider attack by a systems administrator on a US nuclear aircraft carrier at sea in 2014 and a 2019 ransomware attack on a large container ship that prevented it from entering New York harbour.

Dr Stephen McCombie said “The scope of what is possible today is surprising, so we need to educate governments and companies about these kind of cyber-attacks and help them understand not only how to react to them, but how to be prepared for them.”

One of the uses of the database is to develop maritime cyber incident simulations that are realistic and relevant so that companies, organisation, ports and harbours can prepare for attacks.

The research group will also use MCAD to produce reports and research papers showing trends and the results of detailed analysis on subsets of the data.

McCombie added that the incident database is not a one-off and the collection will be regularly updated and augmented.

“While we searched manually for the initial research, we are now developing AI to help automate the identification of new incidents from open sources and identify further details on already known incidents,” McCombie commented.