The Maritime Cyber Attack Database (MCAD), which has been gathering incidents dating back to 2001, is now online and publicly available. The database, which was developed in collaboration with students, utilizes open-source information, and has collected information on more than 160 cyber incidents involving the maritime sector, including the location spoofing of NATO ships visiting Ukraine in the Black Sea by Russia in 2021.    

MCAD encourages all stakeholders in the maritime industry to use the database to report and research incidents. 

The incidents in the database demonstrate the wide range of vulnerabilities that exist, including the Russian spoofing attacks, in which it appeared as if the British and Dutch warships were near the coast of Russian-occupied Crimea entering Russia’s main naval base, but it turned out to be a virtual trip that never took place. 

“The simulated attack in Ukraine was all about provoking a reaction and so-called ‘deploying disruptive power,’” said Professor Stephen McCombie, who created the database.  “The scope of what is possible today is surprising, so we need to educate governments and companies about these kind of cyber-attacks and help them understand not only how to react to them, but how to be prepared for them.”

Drawing from open-source information, the NHL Stenden’s Maritime IT Security research group collected information on over 160 cyber incidents in the maritime industry for the MCAD. The database not only covers incidents impacting vessels, but also ports and other maritime facilities worldwide. 

The research group says it hopes the database will help improve cyber security awareness in the sector and provide data for further research and more accurate simulations in this critical area.