Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework

Yonghyun Jo; Oongjae Choi; Jiwoon You; Youngkyun Cha; Dong Hoon Lee

doi:10.3390/s22051860

Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework

Yonghyun Jo, Oongjae Choi, Jiwoon You, Youngkyun Cha, Dong Hoon Lee

School of Cybersecurity

Research output: Contribution to journal › Article › peer-review

3 Citations (Scopus)

Abstract

Cybersecurity is important on ships that use information and communication technology. On such ships, the work, control, and sensor systems are connected for steering, navigation, and cargo management inside the hull, and a cyberattack can have physical consequences such as sinking and crashing. Research on ship cybersecurity is a new challenge, and related studies are lacking. Cyberattack models can provide better insight. With this study, we aim to introduce a cyberattack analysis method based on the MITRE ATT&CK framework so that a cyberattack model for ships can be established. In addition, we identify the characteristics of the attack phase by analyzing cases of hacking and vulnerability research for ship systems using tactics, techniques, and procedures, and suggest the minimum measures essential for defense. Using the ship cyberattack model, we aim to identify the characteristics of the systems used for ship navigation, communication, and control; provide an understanding of the threats and vulnerabilities; and suggest mitigation measures through the proposed model. We believe the results of this study could guide future research.

Original language	English
Article number	1860
Journal	Sensors
Volume	22
Issue number	5
DOIs	https://doi.org/10.3390/s22051860
Publication status	Published - 2022 Mar 1

Keywords

Cyber threat
Information sharing
MITRE ATT & CK
Maritime cybersecurity
Security risk analysis

ASJC Scopus subject areas

Analytical Chemistry
Information Systems
Biochemistry
Atomic and Molecular Physics, and Optics
Instrumentation
Electrical and Electronic Engineering

Access to Document

10.3390/s22051860

Cite this

@article{288d0a1e6bcd4dcfba37dea919fa572f,

title = "Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework",

abstract = "Cybersecurity is important on ships that use information and communication technology. On such ships, the work, control, and sensor systems are connected for steering, navigation, and cargo management inside the hull, and a cyberattack can have physical consequences such as sinking and crashing. Research on ship cybersecurity is a new challenge, and related studies are lacking. Cyberattack models can provide better insight. With this study, we aim to introduce a cyberattack analysis method based on the MITRE ATT&CK framework so that a cyberattack model for ships can be established. In addition, we identify the characteristics of the attack phase by analyzing cases of hacking and vulnerability research for ship systems using tactics, techniques, and procedures, and suggest the minimum measures essential for defense. Using the ship cyberattack model, we aim to identify the characteristics of the systems used for ship navigation, communication, and control; provide an understanding of the threats and vulnerabilities; and suggest mitigation measures through the proposed model. We believe the results of this study could guide future research.",

keywords = "Cyber threat, Information sharing, MITRE ATT & CK, Maritime cybersecurity, Security risk analysis",

author = "Yonghyun Jo and Oongjae Choi and Jiwoon You and Youngkyun Cha and Lee, {Dong Hoon}",

note = "Funding Information: This research was a part of the project titled {\textquoteleft}Development of maritime cyber-threat intel-ligence{\textquoteright}, funded by the Ministry of Oceans and Fisheries, Korea.(No. 20210038). Publisher Copyright: {\textcopyright} 2022 by the authors. Licensee MDPI, Basel, Switzerland.",

year = "2022",

month = mar,

day = "1",

doi = "10.3390/s22051860",

language = "English",

volume = "22",

journal = "Sensors (Switzerland)",

issn = "1424-8220",

publisher = "Multidisciplinary Digital Publishing Institute (MDPI)",

number = "5",

}

TY - JOUR

T1 - Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework

AU - Jo, Yonghyun

AU - Choi, Oongjae

AU - You, Jiwoon

AU - Cha, Youngkyun

AU - Lee, Dong Hoon

N1 - Funding Information: This research was a part of the project titled ‘Development of maritime cyber-threat intel-ligence’, funded by the Ministry of Oceans and Fisheries, Korea.(No. 20210038). Publisher Copyright: © 2022 by the authors. Licensee MDPI, Basel, Switzerland.

PY - 2022/3/1

Y1 - 2022/3/1

N2 - Cybersecurity is important on ships that use information and communication technology. On such ships, the work, control, and sensor systems are connected for steering, navigation, and cargo management inside the hull, and a cyberattack can have physical consequences such as sinking and crashing. Research on ship cybersecurity is a new challenge, and related studies are lacking. Cyberattack models can provide better insight. With this study, we aim to introduce a cyberattack analysis method based on the MITRE ATT&CK framework so that a cyberattack model for ships can be established. In addition, we identify the characteristics of the attack phase by analyzing cases of hacking and vulnerability research for ship systems using tactics, techniques, and procedures, and suggest the minimum measures essential for defense. Using the ship cyberattack model, we aim to identify the characteristics of the systems used for ship navigation, communication, and control; provide an understanding of the threats and vulnerabilities; and suggest mitigation measures through the proposed model. We believe the results of this study could guide future research.

AB - Cybersecurity is important on ships that use information and communication technology. On such ships, the work, control, and sensor systems are connected for steering, navigation, and cargo management inside the hull, and a cyberattack can have physical consequences such as sinking and crashing. Research on ship cybersecurity is a new challenge, and related studies are lacking. Cyberattack models can provide better insight. With this study, we aim to introduce a cyberattack analysis method based on the MITRE ATT&CK framework so that a cyberattack model for ships can be established. In addition, we identify the characteristics of the attack phase by analyzing cases of hacking and vulnerability research for ship systems using tactics, techniques, and procedures, and suggest the minimum measures essential for defense. Using the ship cyberattack model, we aim to identify the characteristics of the systems used for ship navigation, communication, and control; provide an understanding of the threats and vulnerabilities; and suggest mitigation measures through the proposed model. We believe the results of this study could guide future research.

KW - Cyber threat

KW - Information sharing

KW - MITRE ATT & CK

KW - Maritime cybersecurity

KW - Security risk analysis

UR - http://www.scopus.com/inward/record.url?scp=85125189640&partnerID=8YFLogxK

U2 - 10.3390/s22051860

DO - 10.3390/s22051860

M3 - Article

C2 - 35271006

AN - SCOPUS:85125189640

SN - 1424-8220

VL - 22

JO - Sensors (Switzerland)

JF - Sensors (Switzerland)

IS - 5

M1 - 1860

ER -

Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this