Attacking (and Defending) the Maritime Radar System

Longo, Giacomo; Russo, Enrico; Armando, Alessandro; Merlo, Alessio

doi:10.1109/tifs.2023.3282132

Cited by 16 publications

(11 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They also describe the category of sophisticated contextaware radar manipulation attacks. Longo et al [4] implement these attacks, which again aligns with the G-1 goal. Notably, their technique enables precise injections into the PPI we use to implement our attacks.…”

Section: Related Workmentioning

confidence: 91%

“…Attacks exploit the radar hijacking techniques described in [4]. Briefly, radar hijacking involves injecting fake AS-TERIX packets to modify echoes immediately after the PPI receives legitimate values from the antenna.…”

Section: Attack Descriptionmentioning

confidence: 99%

“…Literature works demonstrate examples where malicious individuals have disrupted these systems either by infiltrating the network [4] or by manipulating traffic directly on the radar workstation [5, P.35], [6]. The results of such attacks can include the Denial of Service or manipulating the display, such as adding, deleting, or modifying targets.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Electronic Attacks as a Cyber False Flag against Maritime Radars Systems

Longo,

Merlo,

Armando

et al. 2023

2023 IEEE 48th Conference on Local Computer Networks (LCN)

Self Cite

View full text Add to dashboard Cite

Radar systems have long been essential for safe navigation in various transportation sectors, including aviation, maritime, and automotive. While these systems provide invaluable situational awareness and decision-making capabilities, they increasingly become targets for malicious actors aiming to disrupt their normal operations. Electronic countermeasures (ECM) have traditionally been the predominant form of attack. However, recent findings have uncovered their vulnerability to cyberbased actions, capitalizing on their digitization and network connectivity. In this paper, we propose a novel threat model that exploits cyber attack capabilities against radar systems to simulate the effects of ECM. This model goes beyond known attacks by introducing a deceptive element, challenging attribution. To evaluate the feasibility of these attacks, extensive experimentation is conducted using a realistic case study involving the maritime domain. Through this research, we aim to highlight the evolving threats facing radar systems and the need for comprehensive security measures.

show abstract

Section: Related Workmentioning

confidence: 91%

Section: Attack Descriptionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Electronic Attacks as a Cyber False Flag against Maritime Radars Systems

Longo,

Merlo,

Armando

et al. 2023

2023 IEEE 48th Conference on Local Computer Networks (LCN)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Further supporting the role of risk management in the maritime field, another study introduced a threat probability assessment tool [35]. A different perspective on managing risks to radar systems on ships in light of emerging threats was provided by Longo et al [36]. Their study presented a detection system that provides a proactive approach to identifying anomalies in radar video feeds to form a risk management strategy.…”

Section: Cybersecurity Supply Chain Risk Managementmentioning

confidence: 99%

Comprehensive Analysis of Maritime Cybersecurity Landscape Based on the NIST CSF v2.0

Dimakopoulou,

Rantos

2024

JMSE

View full text Add to dashboard Cite

As technology advances and digitalization becomes more prevalent in the industry, the cyber threats to maritime systems and operations have significantly increased. The maritime sector relies heavily on interconnected networks, communication systems, and sophisticated technologies for its operations, making it an attractive target for cybercriminals, nation-states, and other threat actors. Safeguarding the maritime sector against cyber threats is crucial to ensuring the safety, integrity, and efficiency of maritime operations as well as for protecting sensitive information and global trade. The International Maritime Organization (IMO) has played a significant role in addressing cybersecurity issues, leading to the implementation of regulations aimed at risk reduction. This paper delves into the realm of cybersecurity within the maritime industry, offering an in-depth analysis of its various aspects through an extensive literature review based on the latest Version 2.0 of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) functional areas. The primary objective is to establish a connection between research and NIST’s functions and categories, thereby presenting a nascent perspective and identifying existing security research gaps. Through the adoption of this strategic approach, the present paper aims to cultivate a forward-looking and proactive state of maturity in anticipation of future developments within the maritime industry. The outcomes of this research can provide valuable reference points in academic discourse, potentially leading to new hypotheses, and fuel innovation in developing advanced cybersecurity measures within the maritime industry.

show abstract

“…There has been research that has demonstrated how vulnerabilities inherent in the networking infrastructure can be exploited. Research conducted by [ 19 ] took advantage of the inbuilt weaknesses in the ASTERIX protocol used for radar data transmission to show how malware can be propagated in the INS. Ref.…”

Section: Introductionmentioning

confidence: 99%

Bridging the Gap: Enhancing Maritime Vessel Cyber Resilience through Security Operation Centers

Nganga,

Nganya,

Lützhöft

et al. 2023

Sensors

View full text Add to dashboard Cite

Increasingly disruptive cyber-attacks in the maritime domain have led to more efforts being focused on enhancing cyber resilience. From a regulatory perspective, there is a requirement that maritime stakeholders implement measures that would enable the timely detection of cyber events, leading to the adoption of Maritime Security Operation Centers (M-SOCs). At the same time, Remote Operation Centers (ROCs) are also being discussed to enable increased adoption of highly automated and autonomous technologies, which could further impact the attack surface of vessels. The main objective of this research was therefore to better understand both enabling factors and challenges impacting the effectiveness of M-SOC operations. Semi-structured interviews were conducted with nine M-SOC experts. Informed by grounded theory, incident management emerged as the core category. By focusing on the factors that make M-SOC operations a unique undertaking, the main contribution of this study is that it highlights how maritime connectivity challenges and domain knowledge impact the M-SOC incident management process. Additionally, we have related the findings to a future where M-SOC and ROC operations could be converged.

show abstract

Attacking (and Defending) the Maritime Radar System

Cited by 16 publications

References 23 publications

Electronic Attacks as a Cyber False Flag against Maritime Radars Systems

Electronic Attacks as a Cyber False Flag against Maritime Radars Systems

Comprehensive Analysis of Maritime Cybersecurity Landscape Based on the NIST CSF v2.0

Bridging the Gap: Enhancing Maritime Vessel Cyber Resilience through Security Operation Centers

Contact Info

Product

Resources

About