The maritime industry is currently experiencing a process of digital transformation, which involves a significant level of automation and enhanced communication with external networks. As a result, maritime facilities are becoming more susceptible to cyber threats. In addition to the potential economic and reputational harm to shipping companies, a cyber-attack on maritime systems could result in significant incidents such as the release of hazardous substances, collisions, grounding, and fires. This poses significant risks to both ship crew, ship, cargo, and environment. This study examines cybersecurity events in the maritime sector. The main objective is to cultivate a thorough comprehension of cyber-attacks that specifically target systems in maritime facilities, by analyzing insights derived from previous incidents. The work involves the construction and examination of a number of cybersecurity incidents. An inquiry is carried out to determine the time patterns, geographical spread, sector-specific consequences, and attributes of these cyber-attacks, including the identity of the perpetrator, intention (whether deliberate or unintentional), and the affected systems inside the maritime domain. The paper examines particular instances to identify the main stages of a cyber-attack on maritime facilities' systems, the fundamental strategies employed by attackers, and proposes standard cybersecurity solutions to reduce these risks. The study's contribution entails the methodical delineation of the cyber security terrain that is unique to the maritime industry.
Keywords: Maritime cyber incident, Maritime cybersecurity, Incident analysis