{"689185":{"#nid":"689185","#data":{"type":"news","title":"Researchers Find Training Gaps Impacting Maritime Cybersecurity Readiness","body":[{"value":"\u003Cp\u003EWhether it\u2019s a fire or a flood, a ship\u2019s crew can only rely on itself and its training in emergencies at sea. The same is true for crews facing digital threats on oil tankers, cargo ships, and other commercial vessels.\u003C\/p\u003E\u003Cp\u003ENew cybersecurity research from the Georgia Institute of Technology, however, revealed that crews aboard commercial vessels were often not adequately prepared to manage cyberattacks effectively due to systemic training gaps.\u003C\/p\u003E\u003Cp\u003EThe findings are based on interviews conducted by researchers with more than 20 officer-level mariners to assess the maritime industry\u2019s readiness to handle cybersecurity attacks at sea.\u003C\/p\u003E\u003Cp\u003E\u0022Historically, cybersecurity research has focused heavily on cyber-physical systems like cars, factories, and industrial plants, but ships have largely been overlooked,\u201d said \u003Ca href=\u0022https:\/\/annaraymaker.dad\/\u0022\u003E\u003Cstrong\u003EAnna Raymaker\u003C\/strong\u003E\u003C\/a\u003E, Ph.D. student and lead researcher.\u003C\/p\u003E\u003Cp\u003E\u201cThat gap is concerning when more than 90% of the world\u2019s goods travel by sea. Recent incidents, from GPS spoofing to ships linked to subsea cable disruptions, show that maritime systems are increasingly part of the global cyber threat landscape.\u201d\u003C\/p\u003E\u003Cp\u003EThe researchers proposed four practical strategies to strengthen maritime cyber defenses and close the training gaps. Their findings were presented recently at the \u003Ca href=\u0022https:\/\/www.sigsac.org\/ccs\/CCS2025\/call-for-papers\/\u0022\u003EACM SIGSAC Conference on Computer and Communications Security (CCS).\u003C\/a\u003E\u003C\/p\u003E\u003Ch6\u003E1. Make Cybersecurity Training Actually Maritime\u003C\/h6\u003E\u003Cp\u003EMany of those interviewed for the study described current cybersecurity training as \u201cboilerplate\u201d \u2014 generic modules that don\u2019t reflect real shipboard risks.\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EResearchers recommend:\u003C\/p\u003E\u003Cul\u003E\u003Cli\u003ERole-specific instruction: Navigation officers should learn to detect and identify GPS spoofing. Engineers should focus on vulnerabilities in remotely monitored systems.\u003C\/li\u003E\u003Cli\u003EBridging IT and Operational Technology: Crews need to understand how attacks on IT systems can trigger physical consequences in operational technology \u2014 including collisions, groundings, or explosions.\u003C\/li\u003E\u003Cli\u003EHands-on delivery: Replace passive PowerPoints with drills and in-person exercises that build muscle memory.\u003C\/li\u003E\u003Cli\u003EAccessible standards: Training must account for the wide range of educational backgrounds across crews and be standardized across ranks.\u003C\/li\u003E\u003C\/ul\u003E\u003Ch6\u003E2. Move Beyond \u201cCall IT\u201d\u003C\/h6\u003E\u003Cp\u003EAt sea, crews can\u2019t simply escalate a cyber incident to a shore-based IT department and wait. Operational resilience requires onboard readiness.\u003C\/p\u003E\u003Cp\u003EResearchers recommend:\u003C\/p\u003E\u003Cul\u003E\u003Cli\u003EVessel-specific response plans: Ships need clear, actionable protocols for threats such as AIS jamming or radar manipulation.\u003C\/li\u003E\u003Cli\u003EMilitary-style drills: Adopting MCON (Emission Control) exercises \u2014 used by the U.S. Military Sealift Command \u2014 can train crews to operate safely without electronic systems.\u003C\/li\u003E\u003Cli\u003EStronger connectivity controls: High-bandwidth satellite systems like Starlink introduce new risks. Clear policies and network segregation are essential to prevent new entry points for attackers.\u003C\/li\u003E\u003C\/ul\u003E\u003Cblockquote\u003E\u003Ch6\u003ERelated Article: \u003Ca href=\u0022https:\/\/theconversation.com\/when-gps-lies-at-sea-how-electronic-warfare-is-threatening-ships-and-their-crews-278181\u0022\u003E\u003Cstrong\u003EWhen GPS lies at sea: How electronic warfare is threatening ships and their\u0026nbsp;crews\u003C\/strong\u003E\u003C\/a\u003E\u003Cstrong\u003E by Anna Raymaker\u003C\/strong\u003E\u003C\/h6\u003E\u003C\/blockquote\u003E\u003Ch6\u003E3. Create Unified, Ship-Specific Regulations\u003C\/h6\u003E\u003Cp\u003EMaritime cybersecurity regulations are often reactive and fragmented. Researchers argue the industry needs a cohesive, domain-specific framework.\u003C\/p\u003E\u003Cp\u003EKey recommendations include:\u003C\/p\u003E\u003Cul\u003E\u003Cli\u003EA unified global model: Like the energy sector\u2019s NERC CIP standards, a maritime framework could mandate baseline controls such as encryption, network segmentation, and anonymous incident reporting.\u003C\/li\u003E\u003Cli\u003ERules built for real crews: Regulations designed for large naval operations don\u2019t translate well to smaller merchant or research vessels. Standards must reflect actual shipboard conditions.\u003C\/li\u003E\u003Cli\u003EFuture-proofing requirements: Autonomous ships and remotely operated vessels expand the cyber-physical attack surface. Regulations must proactively address these emerging technologies.\u003C\/li\u003E\u003C\/ul\u003E\u003Ch6\u003E4. Invest in Maritime-Specific Cyber Research\u003C\/h6\u003E\u003Cp\u003EFinally, the researchers stress that long-term resilience requires deeper technical research focused on maritime systems.\u003C\/p\u003E\u003Cp\u003EPriority areas include:\u003C\/p\u003E\u003Cul\u003E\u003Cli\u003EReal-time intrusion detection systems tailored to shipboard protocols.\u003C\/li\u003E\u003Cli\u003EProactive security risk assessments of interconnected onboard systems.\u003C\/li\u003E\u003Cli\u003ECyber-physical modeling to better understand cascading failures in complex maritime environments.\u003C\/li\u003E\u003C\/ul\u003E\u003Ch6\u003EThe Bottom Line\u003C\/h6\u003E\u003Cp\u003ECyber threats at sea are no longer hypothetical. Mariners report real-world incidents ranging from GPS spoofing to ransomware that disrupts global trade.\u003C\/p\u003E\u003Cp\u003E\u201cThrough our interviews with mariners, I saw firsthand how much dedication and pride they take in their work,\u201d said Raymaker. \u201cOur goal is for this research to serve as a call to action for researchers, policymakers, and industry to invest more attention in maritime cybersecurity and support the people who risk their lives every day to keep global trade, food, and energy moving.\u0022\u003C\/p\u003E\u003Cp\u003E\u003Ca href=\u0022https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3744816\u0022\u003E\u003Cem\u003EA Sea of Cyber Threats: Maritime Cybersecurity from the Perspective of Mariners\u003C\/em\u003E\u003C\/a\u003E\u003Cem\u003E\u0026nbsp;\u003C\/em\u003Ewas presented at CCS 2025. It was written by Raymaker and her colleagues, Ph.D. students \u003Cstrong\u003EAkshaya Kumar\u003C\/strong\u003E, \u003Cstrong\u003EMiuyin Yong Wong\u003C\/strong\u003E, and \u003Cstrong\u003ERyan Pickren\u003C\/strong\u003E; Research Scientist \u003Cstrong\u003EAnimesh Chhotaray\u003C\/strong\u003E, Associate Professor \u003Cstrong\u003EFrank Li,\u003C\/strong\u003E Associate Professor \u003Cstrong\u003ESaman Zonouz\u003C\/strong\u003E, and Georgia Tech Provost and Executive Vice President for Academic Affairs \u003Cstrong\u003ERaheem Beyah\u003C\/strong\u003E.\u003C\/p\u003E","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003EResearch from the Georgia Institute of Technology shows that commercial ship crews are often unprepared for cyberattacks due to inadequate, generic training, despite rising threats like GPS spoofing and ransomware. Because ships must handle incidents independently at sea, researchers recommend more practical, maritime-specific training, stronger onboard response plans, unified global cybersecurity regulations, and increased investment in ship-focused cyber research. These steps are critical to protecting maritime operations, which carry over 90% of global trade.\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Research from the Georgia Institute of Technology shows that commercial ship crews are often unprepared for cyberattacks due to inadequate, generic training, despite rising threats like GPS spoofing and ransomware."}],"uid":"36253","created_gmt":"2026-03-25 16:47:20","changed_gmt":"2026-03-25 18:01:30","author":"John Popham","boilerplate_text":"","field_publication":"","field_article_url":"","location":"Atlanta, GA","dateline":{"date":"2026-03-25T00:00:00-04:00","iso_date":"2026-03-25T00:00:00-04:00","tz":"America\/New_York"},"extras":[],"hg_media":{"679738":{"id":"679738","type":"image","title":"Cyber Navy","body":null,"created":"1774461240","gmt_created":"2026-03-25 17:54:00","changed":"1774461240","gmt_changed":"2026-03-25 17:54:00","alt":"A graphic of a boat sailing across the globe with a cyber shield at its front. ","file":{"fid":"263933","name":"AdobeStock_1936842040.jpeg","image_path":"\/sites\/default\/files\/2026\/03\/25\/AdobeStock_1936842040.jpeg","image_full_path":"http:\/\/hg.gatech.edu\/\/sites\/default\/files\/2026\/03\/25\/AdobeStock_1936842040.jpeg","mime":"image\/jpeg","size":50518,"path_740":"http:\/\/hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/2026\/03\/25\/AdobeStock_1936842040.jpeg?itok=CQWC0YmI"}}},"media_ids":["679738"],"groups":[{"id":"47223","name":"College of Computing"},{"id":"1188","name":"Research Horizons"},{"id":"660367","name":"School of Cybersecurity and Privacy"}],"categories":[{"id":"153","name":"Computer Science\/Information Technology and Security"},{"id":"145","name":"Engineering"},{"id":"135","name":"Research"},{"id":"8862","name":"Student Research"}],"keywords":[{"id":"187915","name":"go-researchnews"}],"core_research_areas":[{"id":"145171","name":"Cybersecurity"},{"id":"39461","name":"Manufacturing, Trade, and Logistics"}],"news_room_topics":[],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003EJohn Popham\u003C\/p\u003E\u003Cp\u003ECommunications Officer II\u0026nbsp;School of Cybersecurity and Privacy\u0026nbsp;\u003C\/p\u003E","format":"limited_html"}],"email":["jpopham3@gatech.edu"],"slides":[],"orientation":[],"userdata":""}}}