Open Access

Cybersecurity Risks at Port

Mari-Liis Tombak

Mari-Liis Tombak

Estonian Maritime Academy, Tallinn University of Technology Tallinn, Kopli 101; TTK University of Applied Sciences Tallinn
Search for this author on
Sciendo|Google Scholar
Tombak, Mari-Liis
, 
Björn-Erik Zetterman

Björn-Erik Zetterman

Åland University of Applied Sciences MariehamnFinland
Search for this author on
Sciendo|Google Scholar
Zetterman, Björn-Erik
 and 
Ulla Pirita Tapaninen

Ulla Pirita Tapaninen

Estonian Maritime Academy, Tallinn University of Technology TallinnEstonia
Search for this author on
Sciendo|Google Scholar
Tapaninen, Ulla Pirita
  
Jun 16, 2025
Cybersecurity Risks at Port's Cover Image
About this article
Previous Article
Next Article
Cite
Download Cover
Published Online: Jun 16, 2025
Page range: 276 - 291
DOI: https://doi.org/10.2478/ttj-2025-0021
Keywords
© 2025 Mari-Liis Tombak et al., published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Ahokas, J., Kiiski, T., Malmsten, J., & Ojala, L. (2017) Cybersecurity in ports: A conceptual approach. In: Proceedings of the Hamburg International Conference of Logistics (HICL), Hamburg, October 2017. Hamburg: epubli, pp. 343-359. DOI: 10.15480/882.1448. Search in Google Scholar

Aiken, D. M. (2024) Transcending boundaries: Potentials of port innovation systems in the Caribbean. In M. S. L. Jarrett (Ed.), Portside Caribbean. What port managers should know. Vol. 5. Cole Kelman. Search in Google Scholar

Belmoukari, B., Audy, J.-F., & Forget, P. (2023) Smart port: A systematic literature review. European Transport Research Review, 15(1), 4. DOI: 10.1186/s12544-023-00581-6. Search in Google Scholar

Bolbot, V., Kulkarni, K., Brunou, P., Banda, O. V., & Musharraf, M. (2022) Developments and research directions in maritime cybersecurity: A systematic literature review and bibliometric analysis. International Journal of Critical Infrastructure Protection, 39, 100571. DOI: 10.1016/j.ijcip.2022.100571. Search in Google Scholar

Carr, M. (2016) Public–private partnerships in national cyber-security strategies. International Affairs, 92, 43–62. DOI: 10.1111/1468-2346.12504. Search in Google Scholar

Carr, M., & Lesniewska, F. (2020) Internet of Things, cybersecurity and governing wicked problems: Learning from climate change governance. International Relations, 34(3), 391–412. DOI: 10.1177/0047117820948247. Search in Google Scholar

NIS 2 Directive. (2024) What is the NIS 2 Directive? Available at: https://nis2directive.eu/what-isnis2/. Search in Google Scholar

De La Peña Zarzuelo, I. (2021) Cybersecurity in ports and maritime industry: Reasons for raising awareness on this issue. Transport Policy, 100, 1–4. DOI: 10.1016/j.tranpol.2020.10.001. Search in Google Scholar

DNV. (2023) NIS 2 Directive: From risk to opportunity. Available at: https://www.dnv.com/cybersecurity/cyber-insights/nis2-directive/. Search in Google Scholar

European Parliament and the Council. (2022) The NIS 2 Directive. Official Journal of the European Union. Available at: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022L2555&qid=1730102343856. Search in Google Scholar

European Union Agency for Cybersecurity. (2019) Port cybersecurity: Good practices for cybersecurity in the maritime sector. Publications Office. DOI:10.2824/328515. Search in Google Scholar

European Union Agency for Cybersecurity. (2020) Cyber risk management for ports: Guidelines for cyber security in the maritime sector. Publications Office. DOI:10.2824/671060. Search in Google Scholar

European Union Agency for Cybersecurity. (2023) ENISA threat landscape 2023: July 2022 to June 2023. Publications Office. DOI:10.2824/782573. Search in Google Scholar

Grafi, A. (2022) Why ports are at risk of cyberattacks. Available at: https://www.darkreading.com/cyberattacks-data-breaches/why-ports-are-at-risk-of-cyberattacks. Search in Google Scholar

Gunduz, M. Z., & Das, R. (2020) Cyber-security on smart grid: Threats and potential solutions. Computer Networks, 169, 107094. DOI:/10.1016/j.comnet.2019.107094. Search in Google Scholar

Gunes, B., Kayisoglu, G., & Bolat, P. (2021) Cyber security risk assessment for seaports: A case study of a container port. Computers & Security, 103, 102196. DOI: 10.1016/j.cose.2021.102196. Search in Google Scholar

Heilig, L., & Voß, S. (2017) Information systems in seaports: A categorization and overview. Information Technology and Management, 18(3), 179–201. DOI:10.1007/s10799-016-0269-1. Search in Google Scholar

International Association of Ports and Harbors (IAPH). (2021) IAPH cybersecurity guidelines for ports and port facilities (Version 1.0). Available at: https://sustainableworldports.org/wp-content/uploads/IAPH-Cybersecurity-Guidelines-version-1_0.pdf. Search in Google Scholar

Kechagias, E. P., Chatzistelios, G., Papadopoulos, G. A., & Apostolou, P. (2022) Digital transformation of the maritime industry: A cybersecurity systemic approach. International Journal of Critical Infrastructure Protection, 37, 100526. DOI: 10.1016/j.ijcip.2022.100526. Search in Google Scholar

Kelarestaghi, K. B., Foruhandeh, M., Heaslip, K., & Gerdes, R. (2018) Vehicle security: Risk assessment in transportation. DOI: 10.48550/arXiv.1804.07381. Search in Google Scholar

Kessler, G. C., Craiger, P., & Haass, J. C. (2018) A taxonomy framework for maritime cybersecurity: A demonstration using the automatic identification system. International Journal on Marine Navigation and Safety of Sea Transportation, 12(3), 429–437. DOI:10.12716/1001.12.03.01. Search in Google Scholar

Kotta, J., Fetissov, M., Kaasik, E., Väät, J., Štõkov, S., & Tapaninen, U. P. (2023) Towards efficient mapping of greenhouse gas emissions: A case study of the Port of Tallinn. Sustainability, 15(12), 9520. DOI:10.3390/su15129520. Search in Google Scholar

Kuerbis, B., & Badiei, F. (2017) Mapping the cybersecurity institutional landscape. Digital Policy, Regulation and Governance, 19(6), 466–492. DOI:10.1108/DPRG-05-2017-0024. Search in Google Scholar

Mohsendokht, M., Li, H., Kontovas, C., Chang, C.-H., Qu, Z., & Yang, Z. (2024) Decoding dependencies among the risk factors influencing maritime cybersecurity: Lessons learned from historical incidents in the past two decades. Ocean Engineering, 312(1), 119078. DOI:10.1016/j.oceaneng.2024.119078. Search in Google Scholar

National Institute of Standards and Technology. (2023) National Vulnerabilities Database. Information Technology Laboratory. Available at: https://nvd.nist.gov/vuln/categories. Search in Google Scholar

National Institute of Standards and Technology, & U.S. Department of Commerce. (2012) Guide for conducting risk assessments. NIST Special Publication 800-30 Revision 1. Available at: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf. Search in Google Scholar

Notteboom, T., Pallis, A., & Rodrigue, J.-P. (2022) Port economics, management and policy. London: Routledge. Search in Google Scholar

Punt, E., Monstadt, J., Frank, S., & Witte, P. (2023) Navigating cyber resilience in seaports: Challenges of preparing for cyberattacks at the port of Rotterdam. Digital Policy, Regulation and Governance, 25(4), 420–438. DOI:10.1108/DPRG-12-2022-0150. Search in Google Scholar

Rahman, R. (2023) Cyber-attack threatens release of Port of Lisbon data. Available at: https://www.porttechnology.org/news/cyber-attack-threatens-release-of-port-of-lisbon-data/. Search in Google Scholar

Schauer, S., Polemi, N., & Mouratidis, H. (2019) MITIGATE: A dynamic supply chain cyber risk assessment methodology. Journal of Transportation Security, 12(1–2), 1–35. DOI:10.1007/s12198-018-0195-z. Search in Google Scholar

Senarak, C. (2021) Port cybersecurity and threat: A structural model for prevention and policy development. The Asian Journal of Shipping and Logistics, 37(1), 20–36. DOI:10.1016/j.ajsl.2020.05.001. Search in Google Scholar

Senarak, C. (2023) Port cyberattacks from 2011 to 2023: A literature review and discussion of selected cases. Maritime Economics & Logistics, 26, 105–130. DOI:10.1057/s41278-023-00276-8. Search in Google Scholar

Soner, O., Kayisoglu, G., Bolat, P., & Tam, K. (2024) Risk sensitivity analysis of AIS cyber security through maritime cyber regulatory frameworks. Applied Ocean Research, 142, 103855. DOI:10.1016/j.apor.2023.103855. Search in Google Scholar

Tam, K., Hopcraft, R., Moara-Nkwe, K., Misas, J. P., Andrews, W., Harish, A. V., Giménez, P., Crichton, T., & Jones, K. (2022) Case study of a cyber-physical attack affecting port and ship operational safety. Journal of Transportation Technologies, 12(01), 1–27. DOI:10.4236/jtts.2022.121001. Search in Google Scholar

Tarala, J. (2020) How to present cyber security risk to senior leadership. Available at: https://youtu.be/_uCmvfOhR_E. Search in Google Scholar

Tsoukas, C. (2023) 2022—2023 Maritime cybersecurity attacks on the rise. Available at: https://marpoint.gr/blog/maritime-cybersecurity-attacks-on-the-rise/. Search in Google Scholar

Verdonck, Klooster en Associates, & Municipality of Rotterdam. (2022) Cyber assessment Rotterdam 2022. Available at: https://www.rotterdaminnovationcity.com/cyber-resilience/. Search in Google Scholar

Yoo, Y., & Park, H.-S. (2021) Qualitative risk assessment of cybersecurity and development of vulnerability enhancement plans in consideration of digitalized ship. Journal of Marine Science and Engineering, 9(6), 565. DOI:10.3390/jmse9060565. Search in Google Scholar

Zetterman, B.-E., Kaski, M., Eriksson, M., Bičkovs, D., Tombak, M.-L., Kotta, J., Merino, C., Rahko, M., & Skarpling, T. (2024) The sustainable flow digital tool procurement requirements. Cyber Security Requirements. Central Baltic Programme. (Unpublished internal document). Search in Google Scholar

Language:
English
Publication timeframe:
4 times per year
Journal Subjects:
Engineering, Introductions and Overviews, Engineering, other
Journal RSS Feed