Scientia Militaria: South African Journal of Military Studies

A Critical Reflection on African Maritime Cybersecurity Frameworks

Tefesehet Hailu Sime — Thu, 18 Jan 2024 00:00:00 +0000

With a coastline of 26,000 nautical miles and 38 out of 55 African states being either coastal or island states, trading activities on the continent are facilitated by over a hundred port facilities in the region, which make up 90 per cent of African seaborne trade. These factors indicate that the continent is dependent on well-run ports, effective protection of its maritime resources, and regulated shipping. Regulating the maritime sector requires new technologies that come at the cost of cyber vulnerabilities. However, in Africa, there are very few legal instruments, both at national and at regional level, specifically addressing the issue of cyberattacks on ships and port facilities. Given the lack of attention given to maritime security and the lack of collective action from African states, the study on which this article reports, sought to provide a critical reflection on how cyber technology is affecting is affecting the African maritime domain; and the consequences that could manifest should the cybersecurity of ships, ports, and their critical infrastructure continue to be ignored. The aim of this study was to broaden the understanding of the maritime cybersecurity legal frameworks in Africa by using the ‘black letter’ methodology, which is a positivist approach described by academics as being the best avenue by which to assess the existence, meaning and application of a defined system of legal principles. In engaging with those conventions, policies, laws, and regulations that are currently guiding the area of maritime cybersecurity, the study sought to identify the gaps in the legal frameworks on the continent and to provide policy recommendations.

Investigating the Intersection of Maritime and Cyber Crime in the Gulf of Guinea

Elsie Amelia Tachie-Menson — Thu, 18 Jan 2024 00:00:00 +0000

As technology expands and spreads worldwide, the maritime industry and maritime crime are rapidly evolving While the heightened adoption of digital technologies has positively impacted the efficient and prompt execution of tasks like maritime surveillance, policing, monitoring, and early warning systems, it has also brought about significant challenges that impact the interconnected network of maritime actors. This dilemma can be attributed to geographical location, surveillance, and navigation systems of ports, vessels, and other state intuitions. With the emergence of cyber threats, West Africa is poised to face a dual-pronged threat at its ports and shores, affecting the broader security environment of coastal states as actors in the maritime domain are increasingly using digital technologies. Moreover, these threats demonstrate a path for maritime criminals to evolve into maritime cybercriminals. The central theme of this article is the connection between cybercrime and maritime crimes, and the cybercrimes that have found a lucrative avenue in the maritime industry. It also discusses cybercrime in maritime criminal activities occurring in West Africa, and the implications for the maritime and cyber landscape of the region. Finally, the article concludes with approaches for dealing with the risks posed by maritime cyber risks.

The African Shipping Sector, the Need for and Means to Achieve Effective Cyber Risk Management

Chris Myers — Thu, 18 Jan 2024 00:00:00 +0000

The African shipping sector is a significant enabler of trade within Africa and trade between Africa and the world. African countries are sourcing and integrating technical solutions from foreign suppliers and service providers within their maritime domain. Such technologies are embedded within and enable functionality within transportation systems, port and navigation infrastructure, telecommunications infrastructure, downstream oil and gas infrastructure, and various national defence and security systems. Unfortunately, while providing the required functionality, these technical solutions create security vulnerabilities that place the African shipping sector and national interests at risk if security within the maritime cyber domain is taken for granted. The study on which this article is based firstly sought to identify and deconstruct the technology and associated vulnerabilities within the African maritime domain. Secondly, the research attempted to determine how national strategy and policy could be used to manage these security vulnerabilities to raise awareness of maritime cybersecurity in the context of the African shipping sector and propose pragmatic steps to achieve it.

Vulnerability of South African Commodity Value Chains to Cyber Incidents

Brett van Niekerk — Thu, 18 Jan 2024 00:00:00 +0000

A commodity value chain can be considered the ‘route’ from the source (provider) to the destination (client), including the various modes of transportation. This will often include some form of road or rail to a port for export to a destination country. Due to the rise in cybercrime and state-backed cyber operations, these commodity value chains may be disrupted, having a cascading effect down the value chain. Previous research has considered this a form of economic information warfare, and has indicated that statesponsored cyber operations to disrupt a commodity intentionally will most likely fall below the threshold of a ‘use of force’ or ‘attack’ under international law. Subsequently, two pertinent instances of cyber incidents at ports have occurred: the disruption of a major Iranian port, and a ansomware incident at a major South African freight and logistics state-owned enterprise.

Following the disruption resulting from the ransomware incident affecting South African freight organisations, there is a need to analyse the vulnerabilities of the freight transportation sector further, in particular the ports and associated railways in terms of malicious cyber interference. Expanding previous research, this article provides a specific view of the major commodity value chains in South Africa that are supported by the freight transportation infrastructure, their possible vulnerability to cyber incidents, and the potential implications thereof. In addition, publicly available information on the responses to the ransomware incident will be discussed to gauge national readiness in terms of crisis management of a major disruption to the primary trade mechanisms in the country. The article focuses on identifying single points of failure within the commodity value chain, and employs hypothetical scenarios to illustrate possible ramifications of a major incident. The port of Durban is shown to the most critical single point of failure overall. Recommendations include the introduction of a sector-specific computer security incident response team for the freight transportation sector.

Fighting the Fleet: Operational Art and Modern Fleet Combat

Dries Putter — Thu, 18 Jan 2024 00:00:00 +0000

No Abstract

The Naval War in South African Waters, 1939–1945

Andre Wessels — Thu, 18 Jan 2024 00:00:00 +0000

No Abstract

President Mandela’s Admiral: The South African Navy’s Story of the 1990s: Challenging Politics, Radical Transformation, Ambitious Voyages and the Quest for New Ships and Submarines

Leon Steyn — Thu, 18 Jan 2024 00:00:00 +0000

No Abstract

A Century of South African Naval History: The South African Navy and its Predecessors, 1922–2022

Allan du Toit — Thu, 18 Jan 2024 00:00:00 +0000

No Abstract

Die Affäre Patzig: Ein Kriegsverbrechen für das Kaiserreich?

Tilman Dedering — Thu, 18 Jan 2024 00:00:00 +0000

No Abstract

Human Intelligence: Supporting Composite Warfare Operations in Africa

Hussein Solomon — Thu, 18 Jan 2024 00:00:00 +0000

No Abstract

IOT and IIOT Security for the South African Maritime and Freight Transport Sectors

Barend Pretorius — Thu, 18 Jan 2024 00:00:00 +0000

The advent of the Fourth Industrial Revolution (4IR) has seen a rapid increase in connected smart devices known as the Internet of Things (IoT). While this ‘revolution’ is most noticeable in commercial devices, there has also been an evolution in industrial devices, known as the Industrial Internet of Things. As Africa – and in particular South Africa – is racing to compete in the 4IR, various sectors, including the transport sector, are introducing innovative projects. However, the Internet of Things and the Industrial Internet of Things present cybersecurity risks. Cybersecurity itself is also considered a key component of the 4IR; yet, organisations often neglect to consider the security implications of the Internet of Things.

The current research aimed to evaluate and prioritise cyber threats, vulnerabilities, and risk related to the Internet of Things and the Industrial Internet of Things in the South African physical transport sector. This article focuses on the responses to a questionnaire to obtain quantitative data from those with experience in the related fields. The threats and vulnerabilities of concern are illustrated, and the risks are evaluated based on the perceived impact of such risks and the likelihood of the Internet of Things and the Industrial Internet of Things being compromised. While no clear leaders of risk were found, the top three risks based on the perceived severity and ikelihood are unavailability of Internet of Things and Industrial Internet of Things devices and/or networks, damage to reputation, and cyberespionage.

Guest Editorial

Francois Vrey, Denys Reva — Thu, 18 Jan 2024 00:00:00 +0000

No Abstract