ORCID

Abstract

Malware, of varying degrees of sophistication, is a growingproblem for any and all computing devices. With computing devices becoming more integrated into daily life across all sectors, malware has amore diverse cyberspace to affect. There is existent research examiningthe problem of malware from various perspectives: Personal Computers, smartphones, Internet of Things devices, etc. The majority of thisresearch has, in the past, focused on Information Technology (IT) devices and IT issues. More recently, there is an emerging body of workwith a focus on Operational Technology (OT), in various domains, suchas power grids, communication infrastructure, and factories. Unlike IT,OT directly monitors and/or controls industrial equipment, assets, processes and events. There is a belief in some sub-communities that securityresearch and solutions for OT are no different to those for IT. We postulate that this is not true, and that there are some sectors where thedifference is more pronounced than others. In this paper, we present theconstruction of a relatively simple example of malware specifically designed to target cyber-physical vulnerabilities in maritime transport, todemonstrate how sector-specific information can be exploited to createan extremely high-impact incident.

Publication Date

2024-09-04

Publication Title

The Practice of Formal Methods: Essays in Honour of Cliff Jones, Part I

Volume

1

ISBN

978-3-031-66676-6

Keywords

Cyber-security, maritime cybersecurity, Malware

Share

COinS