Extended Operational and Trade Vocabulary
Maritime Cybersecurity, OT and IT glossary (page 2)
The cybersecurity vocabulary spanning operational and information technology: integrated automation systems (ABB Marinx), the ABS CyberSafety notations, access control lists, Active Directory in fleet offices, and the OT attack surfaces (ECDIS, engine control LANs). Grounds each term in the shipboard system or network control it protects.
308 defined terms.
Showing 58 on this page (page 2 of 2).
S
- SamSam
- Ransomware family used in targeted attacks including Port of San Diego and Atlanta city government.
- SANS ICS410
- Industrial control system cybersecurity training and certification.
- SCADA
- Supervisory Control and Data Acquisition system for distributed industrial processes.
- Security Bulletin MSIB 04-23
- USCG Marine Safety Information Bulletin on cyber issued in 2023.
- Security Level SL1 to SL4
- IEC 62443-3-3 capability levels from protection against casual to nation state adversaries.
- Security Operations Center (SOC)
- Centralized function monitoring and responding to security events.
- Segregation of Duties
- Control splitting tasks to prevent fraud or error.
- SIEM Security Information and Event Management
- Platform that aggregates and correlates log data for detection and reporting.
- SIRE 2.0
- Ship Inspection Report Programme, OCIMF, transitioned from VIQ7 to a behavior-based program in 2024.
- SMB Server Message Block
- File sharing protocol whose v1 was exploited by EternalBlue.
- SOAR Security Orchestration, Automation and Response
- Platforms automating SOC playbooks.
- SolarWinds Sunburst
- Trojanized Orion update discovered December 2020 affecting US federal agencies and global enterprises.
- SOLAS Chapter V
- Safety of Navigation.
- Spear-Phishing
- Targeted phishing against specific shore/ship staff.
- Spectec
- Maritime software supplier offering AMOS planned maintenance and fleet management.
- SSH Secure Shell
- RFC 4251 secure remote login protocol, replacing Telnet on shipboard switches.
- Stuxnet
- Worm disclosed 2010 targeting Iranian Natanz uranium enrichment centrifuges, the canonical ICS attack.
- Supply Chain Attack
- Compromise via a trusted vendor or component, as in SolarWinds and MOVEit.
- SYBAss
- Superyacht Builders Association, co-author of BIMCO cyber guidelines.
T
- Tabletop Exercise
- Discussion based exercise simulating an incident scenario.
- Tactics, Techniques and Procedures (TTPs)
- Behavioral fingerprint of a threat actor.
- Threat Actor
- Individual or group conducting cyber attacks.
- Threat Hunting
- Proactive cyber-defense practice in OT/IT networks.
- TLS Transport Layer Security
- RFC 8446 TLS 1.3 protocol securing data in transit.
- TMSA-3 Element 13
- OCIMF Tanker Management and Self Assessment third edition element on maritime security including cyber.
- Toll Group January and May 2020
- Australian logistics operator hit by Mailto in January and Nefilim ransomware in May 2020.
- Triton/Trisis/HatMan
- Malware targeting Schneider Electric Triconex safety instrumented systems, first observed at a Saudi petrochemical plant in 2017.
- TSA Maritime Security Directive
- Anticipated TSA cybersecurity directive for the maritime mode.
- TSA Security Directive 1580
- US Transportation Security Administration directive on pipeline cybersecurity issued 2021 and revised 2022.
- TSA Security Directive 1582
- TSA cyber directive for higher risk freight and passenger railroads.
- Tunneling
- Encapsulating one protocol within another, used legitimately for VPNs and maliciously for C2.
U
- Unidirectional Gateway
- See Data Diode.
- UR-E22, UR-E26, UR-E27
- See IACS entries.
- USB Control Policy
- Policy and technology limiting use of removable media on bridge and engine room computers.
- USB Drop Attack
- Leaving infected USB drives in public areas to be inserted by unwitting users.
- USCG
- United States Coast Guard, US flag and PSC authority.
- USCG MSIB 04-23
- 2023 Marine Safety Information Bulletin reinforcing cyber expectations for vessels and facilities.
V
- VDR (Voyage Data Recorder)
- SOLAS V/20 mandated black box per MSC.333(90).
- Veson IMOS
- Voyage management and commercial fleet platform from Veson Nautical.
- VIQ 7
- See OCIMF VIQ 7.
- VLAN Virtual LAN
- Layer 2 segmentation of a switched network.
- VPN Virtual Private Network
- Encrypted tunnel over a public network.
- VSAT (Very Small Aperture Terminal)
- Maritime broadband satcom.
- Vulnerability Assessment
- Systematic review identifying and prioritizing weaknesses.
W
- WAF Web Application Firewall
- Filter analyzing HTTP and HTTPS traffic for application layer attacks.
- WannaCry
- May 2017 ransomware worm exploiting EternalBlue, affected NHS, Renault and others.
- Watering Hole
- Compromise of a website frequented by a target community to deliver malware.
- Wibu CodeMeter
- Licensing dongle middleware that has been subject to multiple CVEs and used in ECDIS chart licensing.
- Wiper Malware
- Malware designed to destroy data, including NotPetya, Shamoon, HermeticWiper and CaddyWiper.
- Wireshark
- Open source packet analyzer used in network forensics.
- WSC
- World Shipping Council, co-author of BIMCO cyber guidelines.
X
- X.509
- ITU-T standard for public key certificates used throughout TLS and code signing.
- XDR Extended Detection and Response
- Platform unifying EDR, NDR and SIEM telemetry.
Y
- YARA
- Pattern matching tool for classifying and identifying malware samples.
Z
- ZCR Zone and Conduit Requirements
- IEC 62443-3-2 risk assessment outputs defining security zones and conduits.
- Zero Day
- Vulnerability unknown to the vendor at the time of exploitation.
- Zero Trust Architecture
- Cyber paradigm assuming breach; verifying every request.
- Zerologon
- See CVE-2020-1472.