Ciberseguridad: un marco general en el mundo marítimo y militar
DOI:
https://doi.org/10.25043/19098642.242Palabras clave:
ciberseguridad marítima, barcos – buques militares, gestión de riesgos marítimos, amenazas de ciberseguridadResumen
En los últimos años, multitud de trabajos de investigación relacionados con el tema de la ciberseguridad, han demostrado la necesidad de desarrollar capacidades de ciberseguridad y ciberdefensa, con independencia del ámbito de actuación (civil, militar, corporativo, industrial o gubernamental). Sin embargo, y a pesar de la aparición de nuevas políticas para contribuir a la protección de las amenazas de ciberseguridad, estás no han conseguido doblegar el creciente número de amenazas a las que se ven sometidos los sistemas, y que afectan a todas las organizaciones sin importar su tamaño. Por ello, en el presente artículo se analizan los lineamientos, políticas y entornos existentes dentro del marco internacional de la ciberseguridad en el entorno marítimo y se identifican como estas son implementadas, mediante medidas particulares a los entornos de unidades marítimas militares.
Descargas
Referencias bibliográficas
G. A. WEAVER, B. FEDDERSEN, L. MARLA, D. WEI, A. ROSE, AND M. VAN MOER, "Estimating economic losses
from cyber- attacks on shipping ports: An optimization-based approach," Transp Res Part C Emerg Technol, vol. 137, Apr. 2022, https://doi.org/10.1016/j.trc.2021.103423
A. AMRO, A. ORUC, V. GKIOULOS, AND S. KATSIKAS, "Navigation Data Anomaly Analysis and Detection," Information (Switzerland), vol. 13, no. 3, Mar. 2022, https://doi.org/10.3390/info13030104
P. H. MELAND, K. BERNSMED, E. WILLE, J. RØDSETH, AND D. A. NESHEIM, "A Retrospective Analysis of Maritime Cyber Security Incidents," 519-530, vol. 15, no. 3, pp. 519-530, 2021, https://doi.org/10.12716/1001.15.03.04
K. TAM AND K. JONES, "MaCRA: a model-based framework for maritime cyber- risk assessment," WMU Journal of Maritime Affairs, vol. 18, no. 1, pp. 129-163, Mar. 2019,https://doi.org/10.1007/s13437-019-00162-2
T. P. AVANESOVA, L. K. GRUZDEVA, R. A. IUSKAEV, D. YU GRUZDEV, AND M. L. SOMKO, "Analysis of cyber-security aspects both ashore and at sea," IOP Conf Ser Earth Environ Sci, vol. 872, no. 1, Oct. 2021, https://doi.org/10.1088/1755-1315/872/1/012024
W. C. LEITE JUNIOR, C. C. DE MORAES, C. E. P. DE ALBUQUERQUE, R. C. S. MACHADO, AND A. O. DE SÁ, "A Triggering Mechanism for Cyber-Attacks in Naval Sensors and Systems," Sensors (Basel), vol. 21, no. 9, May 2021, https://doi.org/10.3390/s21093195
INTERNATIONAL MARITIME ORGANIZATION, "The ISPS Code and Chapter XI-2 of the SOLAS Convention." https://www.imo.org/es/OurWork/Security/Paginas/SOLAS-XI-2%20ISPS%20Code.aspx (accessed Feb. 06, 2023).
INTERNATIONAL MARITIME ORGANIZATION, "ISM Code and Guidelines for Implementation of the ISM Code." https://www.imo.org/es/OurWork/HumanElement/paginas/ismcode.aspx (accessed Feb. 06, 2023).
OMI, "GUIDELINES ON MARITIME CYBER RISK MANAGEMENT," MSC- FAL 1-Circ 3.docx, Jul. 05, 2017.
S. PAPASTERGIOU, N. POLEMI, AND P. KOTZANIKOLAOU, "Design and validation of the Medusa supply chain risk assessment methodology and system," International Journal of Critical Infrastructures, vol. 14, no. 1, pp. 1-39, 2018, https://doi.org/10.1504/IJCIS.2018.090647
K. NEWMEYER, E. CUBEIRO, AND M. SANCHEZ, "Cyberspace, Cybersecurity and Cyberwarfare," 2015, Accessed: Jan. 23, 2023. [Online]. Available: https://repositorio.esup.edu.pe/handle/20.500.12927/113
ORGANIZATION OF AMERICAN STATES, "Executive Summary Maritime Cybersecurity ," MARITIME CYBERNETIC SECURITY IN THE WESTERN HEMISPHERE , vol. 1, pp. 9-10, 2021, Accessed: Mar. 13, 2023. [Online]. Available: https://www.oas.org/es/sms/cicte/docs/La-seguridad-cibernetica-maritima-en-el-Hemisferio-Occidental-introduccion-y-directrices.pdf
ORGANIZATION OF AMERICAN STATES, "OAS Cybersecurity Program," OAS : CICTE: Cybersecurity: Activities, Feb. 02, 2022. https://www.oas.org/es/sms/cicte/prog-ciberseguridad.asp (accessed Mar. 12, 2023).
D. HEERING, "Ensuring cybersecurity in shipping: Reference to Estonian shipowners," TransNav, vol. 14, no. 2, pp. 271- 278, Jun. 2020, https://doi.org/10.12716/1001.14.02.01
NORTH ATLANTIC TREATY ORGANIZATION - NATO, “NATO - A POLITICAL AND MILITARY ALLIANCE,” 2.1 A Political and Military Alliance, 2016. https://www.nato.int/nato-welcome/index_es.html (accessed Mar. 12, 2023).
IMO, “International Maritime Organization ,” 2020. https://www.imo.org/es/About/Paginas/Default.aspx (accessed Mar. 25, 2023).
B. XING, J. DAI, AND S. LIU, “Enforcement of opacity security properties for ship information system,” International Journal of Naval Architecture and Ocean Engineering, vol. 8, no. 5, pp. 423–433, Sep. 2016, https://doi.org/10.1016/j.ijnaoe.2016.05.012
INTERNATIONAL MARITIME ORGANIZATION, “MARITIME CYBER RISK MANAGEMENT IN SAFETY MANAGEMENT SYSTEMS ,” 2017. https://wwwcdn.imo.org/localresources/en/OurWork/Security/Documents/Resolution%20MSC.428(98).pdf (accessed Mar. 28, 2023).
OCIMF - Oil Companies International Marine Forum, “Tanker Management and Self Assessment 3 - A Best PracticeGuide,” 2014. https://www.ocimf.org/es/publicaciones-y-promoci%C3%B3n/publicaciones/libros/tanker-management-and-self-assessment-3 (accessed Mar. 27, 2023).
IMCA, “International Maritime Contractors Association,” 2022. https://www.imca-int.com/about-imca/ (accessed Mar.13, 2023).
IMCA, “Security measures and emergency response guidelines - IMCA,” 2021. https://www.imca-int.com/product/security-measures-and-emergency-response-guidelines/ (accessed Mar. 13, 2023).
COLOMBIAN MINISTRY OF NATIONAL DEFENSE, “Permanent DirectiveDIR2014-18, ”2014. https://marinanet.armada.mil.co/system/files/basicpagefiles/A_Directiva2014-18_SeguridadInformaci%C3%B3n.pdf (accessed Jan. 25, 2023).
NATIONAL NAVY OF COLOMBIA, "Manual de Seguridad Digital," MANUAL DE SEGURIDAD DIGITAL ARMADA NACIONAL, 2022, Accessed: Jan. 25, 2023. [Online]. Available: https://marinanet.armada.mil.co/system/files/basicpagefiles/Manual%20de%20Seguridad%20Digital%20Armada%20Nacional.%20Segunda%20Edicion.%202022.%20V.%20Final%20Preliminar%20%20%28FP.%2018NOV2022%29.pdf
R. TALAS, "Port security," Advanced Sciences and Technologies for Security Applications, pp. 161-172, 2020, https://doi.org/10.1007/978-3-030-34630-0_10
Ž. TURK, B. GARCÍA DE SOTO, B. R. K. MANTHA, A. MACIEL, AND A. GEORGESCU, "A systemic framework for addressing cybersecurity in construction," Autom Constr, vol. 133, p. 103988, Jan. 2022, https://doi.org/10.1016/j.autcon.2021.103988
IEC, "Spanish Standardization IEC 61162- 460:2018 ," 2018. https://www.une.org/encuentra-tu-norma/busca-tu-norma/iec?c=63097 (accessed Mar. 11, 2023).
The MITRE Corporation, "MITRE ATT&CK®." https://attack.mitre.org/ (accessed Mar. 26, 2022).
A. C. AMORIM, M. MIRA DA SILVA, R. PEREIRA, AND M. GONÇALVES, "Using agile methodologies for adopting COBIT," Inf Syst, vol. 101, Nov. 2021, https://doi.org/10.1016/j.is.2020.101496
ISACA, "COBIT | Control Objectives for Information Technologies | ISACA," Mar. 19, 2022. https://www.isaca.org/resources/cobit
"BSI - Federal Office for Information Security." https://www.bsi.bund.de/DE/Home/home_ node.html (accessed Mar. 27, 2023).
"OWASP Foundation, the Open Source Foundation for Application Security | OWASP Foundation." https://owasp.org/ (accessed Mar. 27, 2023).
... A. P.-R. general and undefined 2022, "La gestión de los riesgos cibernéticos en los sistemas de seguridad en buques y empresas navieras," armada.defensa.gob.es, Accessed: Jan. 23, 2023. [Online]. Available: https://armada.defensa.gob.es/archivo/rgm/2022/03/rgmmar2022cap03.pdf
Descargas
Publicado
Cómo citar
Número
Sección
Licencia
Derechos de autor 2023 Cotecmar
Esta obra está bajo una licencia internacional Creative Commons Atribución 4.0.
The authors who publish in this Journal certify that:
- The work submitted for publication in The Ship Science and Technology journal, was written by the author, given that its content is the product of his/her direct intellectual contribution.
- All data and references to material already published are duly identified with their respective credits and are included in the bibliographic notes and quotations highlighted as such.
- All materials submitted for publication are completely free of copyrights; consequently, the author accepts responsibility for any lawsuit or claim related with Intellectual Property Rights thereof, Exonerating of responsibility to The Science and Technology for the Development of Naval, Maritime, and Riverine Industry Corporation, COTECMAR.
- In the event that the article is chosen for publication by The Ship Science and Technology journal, the author state that he/she totally transfers reproduction rights of such to The Science and Technology for the Development of Naval, Maritime, and Riverine Industry Corporation, COTECMAR.
- The authors retain the copyright and transfer to COTECMAR the right of publication and reproduction of the work which will be simultaneously subject to the Creative Commons Attribution License (CC - BY), which allows the license to copy, distribute, display and represent the work and to make derivative works as long as it recognizes and cites the work in the manner specified by the author or licensor.
- For more information about the Creative Commons Attribution License (CC -BY) and his use and scope, please visit the following web page https://creativecommons.org/licenses/by-sa/4.0/legalcode
