Lost at Sea: Assessment and Evaluation of Rootkit Attacks on Shipboard Microgrids

Increased dependence of the maritime industry on information and communication networks has made shipboard power systems vulnerable to stealthy cyber-attacks. One such attack variant, called rootkit, can leverage system knowledge to hide its presence and allow remotely located malware handlers to gain complete control of infected subsystems. This paper presents a comprehensive evaluation of the threat landscape imposed by such attack variants on Medium Voltage DC (MVDC) shipboard microgrids, including a discussion of their impact on the overall maritime sector in general, and provides several simulation results to demonstrate the same. It also analyzes and presents the actions of possible defense mechanisms, with specific emphasis on evasion, deception, and detection frameworks, that will help ship operators and maritime cybersecurity professionals protect their systems from such attacks.