Researchers at NHL Stenden University of Applied Sciences in the Netherlands have launched the Maritime Cyber Attack Database (MCAD). MCAD includes information on over 160 cyber incidents in the maritime industry. When compared to my database of control system cyber incidents, the MCAD database was missing the cases where control system cyber-related incidents caused physical impacts to ships and port facilities. In addition to the ransomware cases that affected port operations, many of the incidents in my database caused physical impacts to ships including losing power, steering, and/or crashing. Port cyber-related incidents included cranes dropping containers, ships’ radars shutting down port/critical infrastructure SCADA systems, and other physical impacts. There were also impacts that prevented ships from transiting waterways. As my previous blog suggests, recognizing control system cyber-related incidents is a problem in every infrastructure sector, and special training is required.
