The cyber threat against operational systems on ships
This assessment describes the cyber threat against Danish ships' operational systems. Cyber attacks can affect the function of these systems and thereby affect maritime safety and the safety on board.
This threat assessment is published to inform authorities and shipping companies within the maritime sector about the different types of cyber threats and their seriousness. This should give organizations within the sector a foundation on which to protect the ships.
The combined cyber threat against operational systems on board Danish ships is HIGH. This assessment review the different types of threats in combination with examples of attacks.
The systems are especially under threat from cyber criminals with financial motives. The attacks are not targeted towards the operational systems, but the attackers are apportunistic and will attacks these systems, if they can get to them.
Individual hackers are also a threat to the operational systems due to their curiosity or a technical interest. Despite these differences in motivation, a threat actor can use a compromised supplier of equipment to attack the systems on board the ships.
The assessment also describes the threat from destructive cyber attacks from state sponsored threat actors, and looks at the factors that can affect the likelihood of being exposed to this threat.
This threat assessment is a supplement to CFCS' general threat assessment of the cyber threat against the maritime sector.
Centre for Cybersecurity
October 6, 2020