Abstract
This study identifies the threats that affect the cyber security of the maritime critical infrastructure in Colombia. Specifically, four Colombian ports were analyzed. Based on a descriptive and qualitative analysis, the operational and security resources of this sample were compared with the guidelines and recommendations of the International Maritime Organization (IMO) contained in Circular 3 of 5 July 2017. The diagnosis shows negative results in terms of the current preparation of ports for possible cyber threats. It is proposed to adopt the IMO recommendations in harmony with the five strategic lines indicated by the Joint Cyber Command of the Colombian Military Forces (2017), and in compliance with the measures that regulate the navigation of ships in innocent passage through the Colombian territorial sea.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
RFID (Radio Frequency Identification) is a technology similar, in theory, to bar code identification, but this technology employs electromagnetic or electrostatic waves for the transmission of the signal containing the information. RFID is also known as DSRC (Dedicated Short Range Communications).
- 2.
OCIMF is an advisory body to the IMO, constituted as an international marine forum for oil companies to promote the safe and environmentally responsible transportation of oil and oil products.
- 3.
The aspects contained in the proposal, seek to be part of the aspects to require vessels to make use of the right of innocent passage in Colombian territorial waters, in a state of normal navigation. Its scope is given for the critical infrastructure of ships with components of OT/IT or hybrids and are based on the guidelines of the National Center for Critical Infrastructure Protection of Spain CNPIC, the twenty critical security controls SANS and the five functions of the NIST framework “Improving Critical Infrastructure Cybersecurity”, which are Identify, Protect, Detect, Respond and Recover, which is also adopted by the Joint Cybernetic Command of the General Command of the Military Forces of Colombia, in the first version of the publication of the National Plan of Protection and Defense for the Critical Cybernetic Infrastructure of Colombia.
- 4.
A company that owns the largest maritime databases in the world, developed from the Lloyd’s Register of Ships, which has been published continuously since 1764. It has extensive databases of ships, ship movement, casualties, ownership, ports and news, as well as research and consulting services.
References
BIMCO, CLIA, ICS, INTERCARGO, INTERMANAGER, INTERTANKO, IUMI, OCIMF and World Shipping Council: The Guidelines on Cyber Security Onboard Ships, Version 3. Homepage: https://www.bimco.org/products/publications/free/cyber-security (2018). último acceso 2019/12/11
Sen, R.: Cyber and information threats to seaports and ships. Marit. Secur., 281–302 (2016). https://doi.org/10.1016/b978-0-12-803672-3.00009-1
Organización Marítima Internacional: Código internacional para la protección de los buques y de las instalaciones portuarias y enmiendas de 2002 al Convenio SOLAS. Homepage: http://www.imo.org (2003). último acceso 2019/12/11
República de Colombia: Ministerio de Hacienda y Crédito Público, Decreto 2155 de 2014 (2014)
Organización Marítima Internacional: Circular 1525. OMI, London. Homepage: http://www.imo.org (2016). último acceso 2019/12/11
Organización Marítima Internacional: Guidelines on Maritime Cyber Risk Managment. Msc-Fal 1/Circ.3. OMI, London. Homepage: http://www.imo.org (2017). último acceso 2019/12/11
Organización Marítima Internacional: Directrices al sector marítimo sobre ciberseguridad a bordo de los buques vrs. No. 3. OMI, London. Homepage: http://www.imo.org (2019). último acceso 2019/12/11
Das, S.K., Krishna, K., Zhang, N.: Handbook on Securing Cyber-Physical Critical Infrastructure. In: Xue, M., Roy, S., Wan, Y., Das, S.K. (eds.) Morgan Kaufmann (2012). https://doi.org/10.1016/b978-0-12-415815-3.00037-6
Luque, A., Aponte, J.: Análisis de Riesgos y Amenazas Cibernéticas a las Líneas de Comunicaciones Marítimas Nacionales. Cartagena (2019)
Comando Conjunto Cibernético CCOC: Plan Nacional de Protección y Defensa para la Infraestructura Crítica Cibernética de Colombia. Imprenta de las FFMM, Bogotá, Colombia (2017)
Reiskind, A.: Seguridad Cibernética y Transporte Comercial Marítimo: ¿Todo está en Orden? Global Technologies for Defense and Security. Asociación Canadiense para la OTAN (NAOC) (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gamboa, Y.B.G., Ramírez-Cabrales, F., Jiménez, J.A.M. (2020). Cyber Security Vulnerabilities in Colombia’s Maritime Critical Infrastructure (MCI). In: Rocha, Á., Paredes-Calderón, M., Guarda, T. (eds) Developments and Advances in Defense and Security. MICRADS 2020. Smart Innovation, Systems and Technologies, vol 181. Springer, Singapore. https://doi.org/10.1007/978-981-15-4875-8_1
Download citation
DOI: https://doi.org/10.1007/978-981-15-4875-8_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-4874-1
Online ISBN: 978-981-15-4875-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)