Maritime Cybersecurity: A Comprehensive Review

Abstract

The maritime industry stands at a critical juncture, where the imperative for technological advancement intersects with the pressing need for robust cybersecurity measures. Maritime cybersecurity refers to the protection of computer systems and digital assests within the maritime industry, as well as the broader network of interconnected components that make up the maritime ecosystem. In this survey, we aim to identify the significant domains of maritime cybersecurity and measure their effectiveness. We have provided an in-depth analysis of threats in key maritime systems, including AIS, GNSS, ECDIS, VDR, RADAR, VSAT, and GMDSS, while exploring real-world cyber incidents that have impacted the sector. A multi-dimensional taxonomy of maritime cyber attacks is presented, offering insights into threat actors, motivations, and impacts. We have also evaluated various security solutions, from integrated solutions to component specific solutions. Finally, we have shared open challenges and future solutions. In the supplementary section, we have presented definitions and vulnerabilities of vessel components that have discussed in this survey. By addressing all these critical issues with key interconnected aspects, this review aims to foster a more resilient maritime ecosystem.