Full Text

Introduction

Maritime shipping has become a trillion dollar a year industry that now impacts the economy of virtually every country worldwide (Hellenic Shipping News 2018). A problem or system failure impacting a single shipping company (for example, the 2021 Suez Canal obstruction incident) can affect businesses and organizations in a variety of industries, many of which are not aware of the criticality of the maritime shipping businesses. Further complicating matters, many countries have spent billions of dollars building and developing a large number of ports but tend to concentrate a majority of shipping trade through only a handful of ports (Tomer & Kane 2015).

Hence, it is no surprise that the shipping industry and its associated infrastructure, including shipping ports, have become high-value targets for cybercriminals and state-sponsored cyberattacks (Lagouvardou 2018; Maritime Industry National Maritime Interagency Advisory Group 2016). For example, a cyberattack on Maersk, the world's largest shipping company, resulted in nearly S300 million in financial losses (Greenburg 2018). Similarly, a malware attack on the Mediterranean Shipping Company in April 2020 resulted in its data centre becoming unavailable for several days (Cimpanu 2020). In fact, the frequency and potential impact of cyberattacks on the shipping industry has resulted in both the European Union and the United States Department of Homeland Security (Committee on Homeland Security 2017; European Union Agency for Cybersecurity 2020) developing and publishing guidelines concerning cybersecurity countermeasures, in an effort to prevent these attacks.

The growing importance of the shipping industry, coupled with an increased number of cyberattacks results...