Assessing Cyber Risks of an INS Using the MITRE ATT&CK Framework
Abstract
:1. Introduction
2. Background
2.1. INS Concept
- Route Monitoring: “The navigational task of continuous surveillance of own ships position in relation to the pre-planned route and the waters” [9].
- Route Planning: The task that provides procedures for voyage planning, route planning functions and data for the Electronic Chart Display and Information System (ECDIS), administering the route plan, checking route plan against hazards, manoeuvring limitation (e.g., rate of turn (ROT)), drafting and refining the route plan against meteorological information [8].
- Collision Avoidance: “The navigational task of detecting and plotting other ships and objects to avoid collisions” [9].
- Navigation Control Data: “Task that provides information for the manual and automatic control of the ship’s movement on a task station” [9].
- Navigational Status and Data Display: The task that displays data for the manual and automatic control of the ship’s primary movement [8].
- Alert Management: “Concept for the harmonized regulation of the monitoring, handling, distribution and presentation of alerts on the bridge” [9].
2.2. MITRE ATT&CK Framework
2.3. Literature Review
3. The Extended Methodology and Implementation
- Components are specified and classified.
- Functions of components and data flow among components are identified.
- The failure modes for components are determined.
- Failure modes are mapped with consequences and impacts.
- Estimation criteria for criticalities are identified.
- Detection methods and existing controls are identified.
- The impact scores of components are identified.
- Risk scores are calculated and risk levels are identified.
3.1. Component Specification and Classification
3.2. Functions of Components and Data Flow among Components
3.3. Identifying Failure Modes
3.4. Mapping Failure Modes with Consequences and Impacts
3.5. Identified Estimation Criteria for Criticalities
3.6. Identifying Detection Methods and Existing Controls
3.7. Identifying Impact Scores of Components
3.8. Calculating Risk Scores and Identifying Risk Levels
4. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
Appendix A
No. | Component | MITRE ID | Techniques | Risk |
---|---|---|---|---|
1 | AIS | T0815 | Denial of View | High |
2 | AIS | T0829 | Loss of View | Medium |
3 | Controls for M/E | T0879 | Damage to Property | Medium |
4 | Controls for M/E | T0809 | Data Destruction | Medium |
5 | Controls for M/E | T0826 | Loss of Availability | Medium |
6 | Controls for M/E | T0828 | Loss of Productivity and Revenue | Medium |
7 | Controls for M/E | T0856 | Spoof Reporting Message | Medium |
8 | Controls for main rudder | T0879 | Damage to Property | Medium |
9 | Controls for main rudder | T0809 | Data Destruction | Medium |
10 | Controls for main rudder | T0826 | Loss of Availability | Medium |
11 | Controls for main rudder | T0828 | Loss of Productivity and Revenue | Medium |
12 | Controls for main rudder | T0856 | Spoof Reporting Message | Medium |
13 | ECDIS | T1498.002 | Reflection Amplification | Medium |
14 | ECDIS | T1499.004 | Application or System Exploitation | Medium |
15 | ECDIS | T1499.003 | Application Exhaustion Flood | Medium |
16 | ECDIS | T1499.002 | Service Exhaustion Flood | Medium |
17 | ECDIS | T1499.001 | OS Exhaustion Flood | Medium |
18 | ECDIS | T1531 | Account Access Removal | Medium |
19 | ECDIS | T1529 | System Shutdown/Reboot | Medium |
20 | ECDIS | T1499 | Endpoint Denial of Service | Critical |
21 | ECDIS | T1498 | Network Denial of Service | Critical |
22 | ECDIS | T1496 | Resource Hijacking | High |
23 | GPS | T0815 | Denial of View | Medium |
24 | HCS | T0826 | Loss of Availability | Medium |
25 | MFD | T1531 | Account Access Removal | Medium |
26 | MFD | T1529 | System Shutdown/Reboot | Medium |
27 | MFD | T1499 | Endpoint Denial of Service | High |
28 | MFD | T1498 | Network Denial of Service | High |
29 | MFD | T1496 | Resource Hijacking | Medium |
30 | NAVTEX | T1464 | Network Denial of Service | High |
31 | NAVTEX | T1463 | Manipulate Device Communication | Medium |
32 | RADAR | T1498.002 | Reflection Amplification | High |
33 | RADAR | T1499.004 | Application or System Exploitation | Medium |
34 | RADAR | T1499.003 | Application Exhaustion Flood | Medium |
35 | RADAR | T1499.002 | Service Exhaustion Flood | High |
36 | RADAR | T1499.001 | OS Exhaustion Flood | High |
37 | RADAR | T1491.001 | Internal Defacement | Medium |
38 | RADAR | T1531 | Account Access Removal | Medium |
39 | RADAR | T1529 | System Shutdown/Reboot | Medium |
40 | RADAR | T1499 | Endpoint Denial of Service | Critical |
41 | RADAR | T1498 | Network Denial of Service | Critical |
42 | RADAR | T1496 | Resource Hijacking | High |
43 | RADAR | T1491 | Defacement | Medium |
44 | TCS | T0809 | Data Destruction | Medium |
45 | TCS | T0826 | Loss of Availability | Medium |
Appendix B
Component | Failure | Occurred Incidents & Discovered Vulnerabilities | Failure Modes | ||
---|---|---|---|---|---|
Mobile | Enterprise | ICS | |||
AIS |
|
|
|
|
|
Anemometer |
| N/A |
|
| |
BNWAS |
| N/A |
|
| |
Central Alert Management HMI |
| N/A |
|
| |
Controls for M/E |
| N/A |
| ||
ECDIS |
|
|
|
| |
Echo Sounder |
| N/A |
|
| |
GPS |
|
|
|
|
|
Gyro-Compass |
| N/A |
|
| |
HCS |
| N/A |
|
| |
Indicators |
| N/A |
|
| |
MFD |
|
|
|
| |
NAVTEX |
| N/A |
|
|
|
References
- UNCTAD. Review of Maritime Transport 2021; United Nations Publications: New York, NY, USA, 2021; Available online: https://unctad.org/webflyer/review-maritime-transport-2021 (accessed on 20 November 2021).
- IMO. Introduction to IMO. Available online: https://www.imo.org/en/About/Pages/Default.aspx (accessed on 29 September 2022).
- IMO MSC-FAL.1-Circ.3-Rev.1; Guidelines on Maritime Cyber Risk Management. IMO: London, UK, 2021.
- IMO Resolution MSC.428(98); Maritime Cyber Risk Management in Safety Management Systems. IMO: London, UK, 2017.
- IMO. Guide to Maritime Security and the ISPS Code: Section 4 Security Responsibilities of Ship Operators—4.13 Cyber Security on Board Ships; IMO: London, UK, 2021; Available online: https://shop.witherbys.com/guide-to-maritime-security-and-the-isps-code-2021-edition/ (accessed on 10 July 2022).
- IMO. ISPS Code: Part A Mandatory Requirements—9 Ship Security Plan; IMO: London, UK, 2002. [Google Scholar]
- Resolution A.915(22); Revised Maritime Policy and Requirements for a Future Global Navigation Satellite System (GNSS). IMO: London, UK, 2001.
- IMO MSC.252(83); Adoption of the Revised Performance Standards for Integrated Navigation Systems (INS): Introduction, Contents, Module A-B. IMO: London, UK, 2018.
- IMO MSC.252(83); Adoption of the Revised Performance Standards for Integrated Navigation Systems (INS): Appendices. IMO: London, UK, 2018.
- Strom, B. ATT&CK 101. Available online: https://medium.com/mitre-attack/att-ck-101-17074d3bc62 (accessed on 6 November 2022).
- MITRE. Enterprise Matrix. Available online: https://attack.mitre.org/matrices/enterprise/ (accessed on 10 July 2022).
- Georgiadou, A.; Mouzakitis, S.; Askounis, D. Assessing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework. Sensors 2021, 21, 3267. [Google Scholar] [CrossRef] [PubMed]
- MITRE. Mobile Matrix. Available online: https://attack.mitre.org/matrices/mobile/ (accessed on 10 July 2022).
- MITRE. ICS Matrix. Available online: https://attack.mitre.org/matrices/ics/ (accessed on 10 July 2022).
- MITRE. Enterprise Tactics. Available online: https://attack.mitre.org/tactics/enterprise/ (accessed on 10 July 2022).
- MITRE. Enterprise Techniques. Available online: https://attack.mitre.org/techniques/enterprise/ (accessed on 10 July 2022).
- MITRE. Enterprise Mitigations. Available online: https://attack.mitre.org/mitigations/enterprise/ (accessed on 10 July 2022).
- MITRE. Software. Available online: https://attack.mitre.org/software/ (accessed on 10 July 2022).
- MITRE. Groups. Available online: https://attack.mitre.org/groups/ (accessed on 10 July 2022).
- MITRE. Data Sources. Available online: https://attack.mitre.org/datasources/ (accessed on 10 July 2022).
- Kavallieratos, G.; Katsikas, S. Managing cyber security risks of the cyber-enabled Ship. J. Mar. Sci. Eng. 2020, 8, 768. [Google Scholar] [CrossRef]
- Kavallieratos, G.; Katsikas, S.; Gkioulos, V. Cyber-attacks against the autonomous ship. In Computer Security; Katsikas, S.K., Cuppens, F., Cuppens, N., Lambrinoudakis, C., Antón, A., Gritzalis, S., Mylopoulos, J., Kalloniatis, C., Eds.; Springer International Publishing: Cham, Switzerland, 2019; pp. 20–36. ISBN 978-3-030-12785-5. [Google Scholar]
- Tusher, H.M.; Munim, Z.H.; Notteboom, T.E.; Kim, T.-E.; Nazir, S. Cyber security risk assessment in autonomous shipping. Marit. Econ. Logist. 2022, 24, 208–227. [Google Scholar] [CrossRef]
- Shang, W.; Gong, T.; Chen, C.; Hou, J.; Zeng, P. Information security risk assessment method for ship control system based on Fuzzy Sets and Attack Trees. Secur. Commun. Netw. 2019, 2019, 3574675. [Google Scholar] [CrossRef] [Green Version]
- Oruc, A. Cybersecurity Risk Assessment for Tankers and Defence Methods. Master’s Thesis, Piri Reis University, Istanbul, Turkey, 2020. [Google Scholar]
- Kessler, G.C.; Craiger, P.; Haass, J.C. A taxonomy framework for maritime cybersecurity: A demonstration using the Automatic Identification System. TransNav Int. J. Mar. Navig. Saf. Sea Transp. 2018, 12, 429–437. [Google Scholar] [CrossRef] [Green Version]
- Svilicic, B.; Kamahara, J.; Rooks, M.; Yano, Y. Maritime cyber risk management: An experimental ship assessment. J. Navig. 2019, 72, 1108–1120. [Google Scholar] [CrossRef]
- iTrust. Guidelines for Cyber Risk Management in Shipboard Operational Technology Systems. 2022. Available online: https://itrust.sutd.edu.sg/news-events/news/guidelines-for-cyber-risk-management-in-shipboard-ot-systems/ (accessed on 6 April 2022).
- You, B.; Zhang, Y.; Cheng, L.-C. Review on cybersecurity risk assessment and evaluation and their approaches on maritime transportation. In Proceedings of the 30th Annual Conference of International Chinese Transportation Professionals Association, Houston, TX, USA, 19–21 May 2017. [Google Scholar]
- Tam, K.; Jones, K. MaCRA: A model-based framework for maritime cyber-risk assessment. WMU J. Marit. Aff. 2019, 18, 129–163. [Google Scholar] [CrossRef]
- Tam, K.; Jones, K. Cyber-risk assessment for autonomous ships. In Proceedings of the 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), Glasgow, UK, 11–12 June 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1–8, ISBN 978-1-5386-4683-0. [Google Scholar]
- Bolbot, V.; Theotokatos, G.; Boulougouris, E.; Vassalos, D. A novel cyber-risk assessment method for ship systems. Saf. Sci. 2020, 131, 104908. [Google Scholar] [CrossRef]
- Meland, P.H.; Nesheim, D.A.; Bernsmed, K.; Sindre, G. Assessing cyber threats for storyless systems. J. Inf. Secur. Appl. 2022, 64, 103050. [Google Scholar] [CrossRef]
- ISO 31000; Risk Management Guidelines: Guidelines. ISO: Geneva, Switzerland, 2018. Available online: https://www.iso.org/iso-31000-risk-management.html (accessed on 12 July 2022).
- ISO/TR 31004; Guidance for the Implementation of ISO 31000. ISO: Geneva, Switzerland, 2013. Available online: https://www.iso.org/standard/56610.html (accessed on 12 July 2022).
- IEC 31010; Risk Management: Risk Assessment Techniques. IEC: Geneva, Switzerland, 2019. Available online: https://www.iso.org/standard/72140.html (accessed on 12 July 2022).
- ISO/IEC 27000; Information Technology—Security Techniques—Information Security Management Systems—Overview and Vocabulary. ISO/IEC: Geneva, Switzerland, 2018. Available online: https://www.iso.org/standard/73906.html (accessed on 12 July 2022).
- IEC 63154; Maritime Navigation and Radiocommunication Equipment and Systems: Cybersecurity—General Requirements, Methods of Testing and Required Test Results. IEC: Geneva, Switzerland, 2021. Available online: https://webstore.iec.ch/publication/61003 (accessed on 12 July 2022).
- IMO MSC-MEPC.2 Circ.12/Rev.2; Revised Guidelines for Formal Safety Assessment (FSA) for Use in the IMO Rule-Making Process. IMO: London, UK, 2018.
- Witherbys; BIMCO; ICS. Cyber Security Workbook for on Board Ship Use; Witherby Publishing Group: Scotland, UK, 2022. [Google Scholar]
- DNV-RP-0496; Cyber Security Resilience Management for Ships and Mobile Offshore Units in Operation. DNV: Oslo, Norway, 2021. Available online: https://www.dnv.com/maritime/dnv-rp-0496-recommended-practice-cyber-security-download.html (accessed on 27 June 2022).
- BIMCO; CSA; DCSA; ICS; INTERCARGO; InterManager; INTERTANKO; IUMI; OCIMF; WSC; et al. The Guidelines on Cyber Security Onboard Ships. 2020. Available online: https://www.ics-shipping.org/wp-content/uploads/2021/02/2021-Cyber-Security-Guidelines.pdf (accessed on 21 March 2022).
- MSC.1-Circ.1639; The Guidelines on Cyber Security Onboard Ships. IMO: London, UK, 2021.
- Sheraz, M. Cyber Kill Chain vs. MITRE ATT&CK. Available online: https://www.linkedin.com/pulse/cyber-kill-chain-vs-mitre-attck-muhammad-sheraz/ (accessed on 1 October 2022).
- Poston, H. Top threat modeling frameworks: STRIDE, OWASP Top 10, MITRE ATT&CK Framework and More. Available online: https://resources.infosecinstitute.com/topic/top-threat-modeling-frameworks-stride-owasp-top-10-mitre-attck-framework/ (accessed on 1 October 2022).
- Stack Exchange. Difference between STRIDE and Mitre ATTACK. Available online: https://security.stackexchange.com/questions/184083/difference-between-stride-and-mitre-attack (accessed on 1 October 2022).
- CyCraft Technology Corp. CyCraft Classroom: MITRE ATT&CK vs. Cyber Kill Chain vs. Diamond Model. Available online: https://medium.com/cycraft/cycraft-classroom-mitre-att-ck-vs-cyber-kill-chain-vs-diamond-model-1cc8fa49a20f (accessed on 1 October 2022).
- Strom, B.E.; Applebaum, A.; Miller, D.P.; Nickels, K.C.; Pennington, A.G.; Thomas, C.B. MITRE ATT&CK: Design and Philosophy; MITRE Corporation: McLean, VA, USA, 2020; Available online: https://attack.mitre.org/docs/ATTACK_Design_and_Philosophy_March_2020.pdf (accessed on 10 January 2022).
- Khodabakhsh, A.; Yayilgan, S.Y.; Abomhara, M.; Istad, M.; Hurzuk, N. Cyber-risk identification for a digital substation. In Proceedings of the 15th International Conference on Availability, Reliability and Security, ARES 2020, Virtual Event Ireland, 25–28 August 2020; Volkamer, M., Wressnegger, C., Eds.; ACM: New York, NY, USA, 2020; pp. 1–7, ISBN 978-1-4503-8833-7. [Google Scholar]
- He, T.; Li, Z. A model and method of information system security risk assessment based on MITRE ATT&CK. In Proceedings of the 2021 2nd International Conference on Electronics, Communications and Information Technology (CECIT), Sanya, China, 27–29 December 2021; IEEE: Piscataway, NJ, USA, 2021; pp. 81–86, ISBN 978-1-6654-3757-8. [Google Scholar]
- Amro, A.; Gkioulos, V.; Katsikas, S. Assessing cyber risk in cyber-physical systems using the ATT&CK framework. ACM Trans. Priv. Secur. 2021. [Google Scholar] [CrossRef]
- Oruc, A.; Gkioulos, V.; Katsikas, S. Towards a Cyber-Physical Range for the Integrated Navigation System (INS). J. Mar. Sci. Eng. 2022, 10, 107. [Google Scholar] [CrossRef]
- Carley, K.M. ORA: A Toolkit for Dynamic Network Analysis and Visualization. In Encyclopedia of Social Network Analysis and Mining; Alhajj, R., Rokne, J., Eds.; Springer New York: New York, NY, USA, 2014; pp. 1219–1228. ISBN 978-1-4614-6169-2. [Google Scholar]
- Altman, N.; Carley, K.M. ORA User’s Guide 2022; Carnegie Mellon University: Pittsburgh, PA, USA, 2022; Available online: http://www.casos.cs.cmu.edu/publications/papers/CMU-ISR-22-107.pdf (accessed on 1 October 2022).
- FIRST. Common Vulnerability Scoring System v3.1: Specification Document. Available online: https://www.first.org/cvss/v3.1/specification-document (accessed on 21 October 2022).
- IMO. A.1106(29) Revised Guidelines for the Onboard Operational Use of Shipborne Automatic Identification Systems (AIS); IMO: London, UK, 2015. [Google Scholar]
- IMO. SOLAS Chapter V Safety of Navigation: Regulation 19-1 Long-Range Identification and Tracking of Ships; IMO: London, UK, 2006. [Google Scholar]
- MITRE. Mobile Mitigations. Available online: https://attack.mitre.org/mitigations/mobile/ (accessed on 30 June 2022).
- MITRE. ICS Mitigations. Available online: https://attack.mitre.org/mitigations/ics/ (accessed on 30 June 2022).
Classification | Description |
---|---|
IT | Components that are hosted on a traditional IT system such as multipurpose computers or network devices. |
OT | Components that are involved in monitoring and controlling functions. |
Wireless | Components that are connected to a mobile network or communicate with an external infrastructure, such as Aids to Navigation, to acquire location-related information in the maritime domain. |
IT/OT | Dual-homed components that are hosted on a traditional IT system and are involved in monitoring and controlling functions. |
IT/OT/Wireless | Components that are classified as IT/OT and are connected to a mobile network or communicate with an external infrastructure. |
Component | Classification | Type | Platform | Technology | |
---|---|---|---|---|---|
IMO | Method | ||||
AIS | OT | IT, OT, Wireless | Sensor | radio, GPS | |
Anemometer | OT | IT, OT | Sensor | ||
BNWAS | OT | IT, OT | Sensor | ||
Central Alert Management HMI | OT | IT, OT | HMI | ||
Controls for main engine | OT | OT | Control Server | ||
Controls for main rudder | OT | OT | Control Server | ||
Controls for thruster | OT | OT | Control Server | ||
ECDIS | OT | IT, OT | Engineering workstation | OS | |
Echo Sounder | OT | IT, OT | Sensor | ||
GPS | OT | IT, OT, Wireless | Sensor | GPS | |
Gyro-Compass | OT | IT, OT | Sensor | ||
Heading Control System (HCS) | OT | IT, OT | Control Server | ||
Indicators | OT, IT | IT | HMI | ||
Magnetic Compass | OT | IT, OT | Sensor | ||
Multi Function Display (MFD) | OT | IT, OT | Engineering workstation | OS | |
Navigational Telex (NAVTEX) | OT | IT, OT, Wireless | Sensor | radio | |
RADAR | OT | IT, OT | Sensor | OS | radio |
ROTI | OT | IT, OT | Sensor | ||
Rudder pump selector switch | OT | OT | N/A | ||
Sound reception system | OT | IT, OT | Sensor | ||
Speed and Distance Measuring Equipment (SDME) | OT | IT, OT | Sensor | ||
Steering mode selector switch | OT | OT | N/A | ||
Steering position selector switch | OT | OT | N/A | ||
Track Control System (TCS) | OT | IT, OT | Control Server | ||
Transmitting Heading Device (THD) | OT | IT, OT | Sensor |
Component | Function | Data Flow |
---|---|---|
AIS | identifying ships, assisting in target tracking, assisting in search and rescue operation, information exchange, providing additional information to assist situation awareness | Sends to: RADAR |
Anemometer | detecting and indicating wind speed and direction | N/A |
BNWAS | monitoring bridge activity, detecting operator disability and then alerting automatically | N/A |
Central Alert Management HMI | reporting abnormal situation which requires an attention | Receives from: sensors connected |
Controls for main engine | Control buttons or levers of the main engine for different purposes such as rpm, load, emergency stop button, sailing mode selection button, and so on | N/A |
Controls for main rudder | commanding the rudder angel, activating the override mode | N/A |
Controls for thruster | commanding the thrusters such as starting, stopping, load/stage, etc. | N/A |
ECDIS | offering the functions of route planning, route monitoring and positioning for officers in ECDIS instead of paper charts | Receives from: GPS, gyro compass, SDME. If the ships are not equipped with gyro compass, ECDIS receives data from the transmitting heading device |
Echo Sounder | measuring the depth of water under the ship, and presenting graphically | N/A |
GPS | providing space-based positioning, velocity and time system | Sends to: AIS, RADAR, ECDIS, HCS, TCS, Gyro compass |
Gyro-Compass | determining the direction of the ship’s head in relation to geographic (true) north | Sends to: AIS, RADAR, ECDIS, HCS, TCS Receives from: GPS |
HCS | keeping the vessel in preset heading by using heading information | Receives from: Gyro compass or Transmitting Heading Device. Moreover, GPS or SDME |
Indicators | shows data or status information received from sensor | Receives from: Sensors connected. |
Magnetic Compass | determining and displaying the ship’s heading without any power supply | Sends to: THD |
MFD | A display unit presents information from more than a single function of the INS | depends on connected equipment |
NAVTEX | receiving and automatically printing or displaying Maritime Safety Information (MSI) | N/A |
RADAR | indication, in relation to own ship, of the position of other surface craft, obstructions and hazards, navigation objects and shorelines | Receives from: AIS, GPS, SDME Moreover, Gyro compass or Transmitting Heading Device |
ROTI | indicating rates of turn to starboard and to port of the ship to which it is fitted | Sends to: AIS |
Rudder pump selector switch | selection of primary and secondary (emergency) hydraulic or electrohydraulic pumps for rudder direction | N/A |
Sound reception system | offers the OOW who can hear and determine the direction of the sound signals of the vessels nearby | N/A |
SDME | measuring and indicating speed and distance of the vessel | Sends to: HCS, RADAR, ECDIS, TCS |
Steering mode selector switch | selection of steering modes, such as “Auto”, “Non-Follow Up”, or “Follow Up”. | N/A |
Steering position selector switch | determining the active steering workstation (i.e., port wing, starboard wing or center) | N/A |
TCS | Track control system keeps the vessel on a pre-planned track over ground by using position, heading and speed information of the vessel | Receives from: GPS, SDME, Gyro compass |
Transmitting Heading Device | indicating ship’s true heading by means of magnetic compass | Receives from: magnetic compass Sends to: AIS, HCS, TCS, ECDIS, RADAR |
Matrices | Failure Modes | Consequences | ||||||
---|---|---|---|---|---|---|---|---|
Operational | Reputation | Environmental | Safety | Information | Financial | Staging | ||
Mobile | Network Denial of Service | I2MF | EC | SC | ||||
impact | I2MF | EC | SC | |||||
IT | collection | ODC | ||||||
credential access | RC | ODC | ||||||
data encrypted for impact | OOI | RC | EC | SC | FC | |||
data manipulation | OOI | RC | EC | SC | FC | |||
discovery | ODC | |||||||
execution | OOI | RC | EC | SC | FC | ODC | ||
exfiltration | ODC | |||||||
firmware corruption | OOI | EC | SC | FC | ||||
initial access | ODC | |||||||
lateral movement | ODC | |||||||
system shutdown/reboot | OOI | EC | SC | FC | ||||
ICS | collection | ODC | ||||||
discovery | ODC | |||||||
execution | OOI | RC | EC | SC | FC | ODC | ||
initial access | ODC | |||||||
lateral movement | ODC | |||||||
loss of availability | OOI | RC | EC | SC | FC | ODC | ||
loss of control | I2CF | RC | EC | SC | FC | |||
loss of safety | OOI | RC | EC | SC | FC | |||
loss of view | I2MF | RC | EC | SC | FC | ODC | ||
manipulation of control | I2CF | RC | EC | SC | FC | |||
manipulation of view | I2MF | RC | EC | SC | FC | ODC |
Safety Criticality | Description | Score |
---|---|---|
None | No injury or insufficient data | 0 |
Minor | Single or minor injuries | 0.25 |
Significant | Multiple or severe injuries | 0.50 |
Severe | Single fatality or multiple severe injuries | 0.75 |
Catastrophic | Multiple fatalities | 1 |
Financial Criticality | Description (USD) | Score |
---|---|---|
None | No financial loss or insufficient data | 0 |
Minor | 1–10,000 | 0.25 |
Significant | 10,001–100,000 | 0.50 |
Severe | 100,001–1,000,000 | 0.75 |
Catastrophic | Financial loss > 1,000,000 | 1 |
Environ. Criticality | Description | Score |
---|---|---|
None | No environmental damage or insufficient data | 0.00 |
Minor | Oil spill size < 1 tonne | 0.20 |
Significant | Oil spill size between 1–10 tonnes | 0.40 |
Severe | Oil spill size between 11–100 tonnes | 0.60 |
Catastrophic | Oil spill size between 101–1000 tonnes | 0.80 |
Extreme | Oil spill size > 1000 tonnes | 1 |
Reputation Critical. | Description | Score |
---|---|---|
None | None | 0 |
Significant | Notification requirement to third parties | 1 |
Component | Samples for Mitigation Measures | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Account Use Policies | Active Directory Configuration | Antivirus/Antimalware | Application Developer Guidance | Application Isolation and Sandboxing | Audit | Behavior Prevention on Endpoint | Boot Integrity | Code Signing | Credential Access Protection | Data Backup | Data Loss Prevention | Disable or Remove Feature or Program | Do Not Mitigate | Encrypt Sensitive Information | |
AIS | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Anemometer | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
BNWAS | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Central Alert Management HMI | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Controls for M/E | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Controls for main rudder | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Controls for thruster | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
ECDIS | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 1 | 0 | 1 | 1 | 0 | 1 | 0 | 1 |
Echo Sounder | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
GPS | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Gyro-Compass | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
HCS | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Indicators | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Magnetic Compass | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
MFD | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 1 | 0 | 1 | 1 | 0 | 1 | 0 | 1 |
NAVTEX | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
RADAR | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 1 | 0 | 1 | 1 | 0 | 1 | 0 | 1 |
ROTI | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Rudder pump selector switch | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Sound reception system | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
SDME | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Steering mode selector switch | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Steering position selector switch | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
TCS | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Transmitting Heading Device | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Component | Information | SC | EC | FC | RC | OOI | Staging | |||
---|---|---|---|---|---|---|---|---|---|---|
IPC | DC | LIC | ODC | OCC | ||||||
AIS | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0.872174439 | 0.042 | 0.402362407 |
Anemometer | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
BNWAS | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
Central Alert Manageme. HMI | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
Controls for M/E | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0 | 0 | 0.25 |
Controls for main rudder | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0 | 0 | 0.25 |
Controls for thruster | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
ECDIS | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0.438221675 | 0 | 0.323036946 |
Echo Sounder | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
GPS | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0.7350904 | 0.208 | 0.407181733 |
Gyro-Compass | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 1 | 0.208 | 0.284666667 |
HCS | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0.301782611 | 0 | 0.133630435 |
Indicators | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
Magnetic Compass | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0.149697807 | 0.042 | 0.115282968 |
MFD | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0 | 0 | 0.25 |
NAVTEX | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0 | 0 | 0.25 |
RADAR | 0 | 0 | 0 | 0 | 0 | 0.5 | 1 | 0.735171456 | 0 | 0.372528576 |
ROTI | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0.177510045 | 0.042 | 0.119918341 |
Rudder pump selector switch | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
Sound reception system | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
SDME | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0.552742648 | 0.167 | 0.203290441 |
Steering mode selector switch | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
Steering position selector switch | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0 | 0 | 0.083333333 |
TCS | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0.438221675 | 0 | 0.156370279 |
Transmitting Heading Device | 0 | 0 | 0 | 0 | 0 | 0.5 | 0 | 0.156940387 | 0 | 0.109490065 |
Range | Level |
---|---|
0.00–2.18 | Low |
2.19–4.36 | Medium |
4.37–6.54 | High |
6.55–8.72 | Critical |
Component | Total Risk | Risk Level (Original) | Risk Level (Study) |
---|---|---|---|
AIS | 5 | 5 low | 3 low 1 medium 1 high |
Anemometer | 5 | 5 low | 5 low |
BNWAS | 5 | 5 low | 5 low |
Central Alert Management HMI | 41 | 41 low | 41 low |
Controls for M/E | 40 | 40 low | 35 low 5 medium |
Controls for main rudder | 40 | 40 low | 35 low 5 medium |
Controls for thruster | 40 | 40 low | 40 low |
ECDIS | 499 | 496 low 3 medium | 489 low 7 medium 1 high 2 critical |
Echo Sounder | 5 | 5 low | 5 low |
GPS | 5 | 5 low | 4 low 1 medium |
Gyro-Compass | 5 | 5 low | 5 low |
HCS | 40 | 40 low | 39 low 1 medium |
Indicators | 41 | 41 low | 41 low |
Magnetic Compass | 5 | 5 low | 5 low |
MFD | 499 | 497 low 2 medium | 492 low 3 medium 2 high |
NAVTEX | 11 | 10 low 1 medium | 9 low 1 medium 1 high |
RADAR | 504 | 501 low 3 medium | 492 6 medium 4 high 2 critical |
ROTI | 5 | 5 low | 5 low |
Rudder pump selector switch | 0 | ||
Sound reception system | 5 | 5 low | 5 low |
Speed and Distance Measuring Equipment | 5 | 5 low | 5 low |
Steering mode selector switch | 0 | ||
Steering position selector switch | 0 | ||
TCS | 40 | 40 low | 38 low 2 medium |
Transmitting Heading Device | 5 | 5 low | 5 low |
Total | 1850 | 1841 low 9 medium | 1805 low 32 medium 9 high 4 critical |
Matrix | MITRE ID | Techniques | Risk Number |
---|---|---|---|
ICS | T0858 | Change Operating Mode | 24 |
ICS | T0829 | Loss of View | 14 |
ICS | T0832 | Manipulation of View | 14 |
ICS | T0849 | Masquerading | 14 |
ICS | T0859 | Valid Accounts | 14 |
ICS | T0886 | Remote Services | 14 |
ICS | T0815 | Denial of View | 12 |
Enterprise | T1078 | Valid Accounts | 12 |
Enterprise | T1078.001 | Valid Accounts: Default Accounts | 12 |
Enterprise | T1078.002 | Valid Accounts: Domain Accounts | 12 |
Enterprise | T1078.003 | Valid Accounts: Local Accounts | 12 |
ICS | T0822 | External Remote Services | 10 |
ICS | T0856 | Spoof Reporting Message | 10 |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Oruc, A.; Amro, A.; Gkioulos, V. Assessing Cyber Risks of an INS Using the MITRE ATT&CK Framework. Sensors 2022, 22, 8745. https://doi.org/10.3390/s22228745
Oruc A, Amro A, Gkioulos V. Assessing Cyber Risks of an INS Using the MITRE ATT&CK Framework. Sensors. 2022; 22(22):8745. https://doi.org/10.3390/s22228745
Chicago/Turabian StyleOruc, Aybars, Ahmed Amro, and Vasileios Gkioulos. 2022. "Assessing Cyber Risks of an INS Using the MITRE ATT&CK Framework" Sensors 22, no. 22: 8745. https://doi.org/10.3390/s22228745