THE ROLE OF CYBER SITUATIONAL AWARENESS OF HUMANS IN SOCIAL ENGINEERING CYBER ATTACKS ON THE MARITIME DOMAIN

Mersin University Journal of Maritime Faculty Pub Date : 2023-12-12 DOI:10.47512/meujmaf.1370274

Cihat Aşan

{"title":"THE ROLE OF CYBER SITUATIONAL AWARENESS OF HUMANS IN SOCIAL ENGINEERING CYBER ATTACKS ON THE MARITIME DOMAIN","authors":"Cihat Aşan","doi":"10.47512/meujmaf.1370274","DOIUrl":null,"url":null,"abstract":"Through technological advancements, the expanding proportion of maritime transportation on a global scale is becoming faster, more automated, more digital, and ultimately more cyber-space. In particular, the Industrial Revolution 4.0 has brought real-time digital integration of stakeholders in the maritime industry, both on land and at sea, into cyberspace. However, the scope of life and property protection at sea has expanded with the participation of the cyber environment as well as the physical environment. The human factor plays a leading role in ensuring the security of both the physical and cyber environment. In parallel, the main target of hackers who try to gain profit by violating the security environment is the person who does not have sufficient situational awareness of cyber security and can be called the weakest link in the chain. In this study, as main goal, the role of the situational awareness of the employees in the past cyber-attacks on the maritime industry was examined, and a perspective on the measures to be taken was presented. To achieve this research goal, the study utilized the snowballing technique to access literature, which helped uncover additional relevant resources not initially detected. This was followed by a systematic analysis of the collected literature. An analysis of attacks conducted since 2010 revealed that 76% of them utilized social engineering methods, such as phishing, malware, and ransomware. These attackers appear to exploit the maritime industry's insufficient cybersecurity awareness among its employees and the lack of a comprehensive understanding of cybersecurity within the industry.","PeriodicalId":228080,"journal":{"name":"Mersin University Journal of Maritime Faculty","volume":"58 3","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Mersin University Journal of Maritime Faculty","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.47512/meujmaf.1370274","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Through technological advancements, the expanding proportion of maritime transportation on a global scale is becoming faster, more automated, more digital, and ultimately more cyber-space. In particular, the Industrial Revolution 4.0 has brought real-time digital integration of stakeholders in the maritime industry, both on land and at sea, into cyberspace. However, the scope of life and property protection at sea has expanded with the participation of the cyber environment as well as the physical environment. The human factor plays a leading role in ensuring the security of both the physical and cyber environment. In parallel, the main target of hackers who try to gain profit by violating the security environment is the person who does not have sufficient situational awareness of cyber security and can be called the weakest link in the chain. In this study, as main goal, the role of the situational awareness of the employees in the past cyber-attacks on the maritime industry was examined, and a perspective on the measures to be taken was presented. To achieve this research goal, the study utilized the snowballing technique to access literature, which helped uncover additional relevant resources not initially detected. This was followed by a systematic analysis of the collected literature. An analysis of attacks conducted since 2010 revealed that 76% of them utilized social engineering methods, such as phishing, malware, and ransomware. These attackers appear to exploit the maritime industry's insufficient cybersecurity awareness among its employees and the lack of a comprehensive understanding of cybersecurity within the industry.

查看原文本刊更多论文

人类网络态势感知在海洋领域社会工程学网络攻击中的作用

通过技术进步，全球范围内不断扩大的海运比例正变得越来越快、越来越自动化、越来越数字化，并最终越来越网络化。特别是，工业革命 4.0 将海运业的利益相关者从陆地和海上实时数字化整合到网络空间。然而，随着网络环境和物理环境的参与，海上生命和财产保护的范围也在扩大。人的因素在确保物理环境和网络环境的安全方面发挥着主导作用。与此同时，那些试图通过破坏安全环境来牟利的黑客们的主要目标就是那些对网络安全没有足够的态势感知的人，他们可以被称为网络安全链条中最薄弱的环节。在本研究中，作为主要目标，研究了员工的情景意识在过去对海运业的网络攻击中所起的作用，并对应采取的措施提出了看法。为实现这一研究目标，本研究采用了滚雪球技术来获取文献，这有助于发现更多最初未发现的相关资源。随后对收集到的文献进行了系统分析。对 2010 年以来进行的攻击进行的分析表明，76% 的攻击使用了社会工程学方法，如网络钓鱼、恶意软件和勒索软件。这些攻击者似乎利用了海运业员工网络安全意识不足以及行业内对网络安全缺乏全面了解的问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Mersin University Journal of Maritime Faculty

自引率

0.00%

发文量