Page 1 of 4

ICT – Maritime Information Communication and Technology with Cyber Security

Course
ICT – E13 Cyber security threats and vulnerabilities
Activity Code

Briefing 30 minutes

Execution 2 hours
Duration
Debriefing 30 minutes

Total Time 3 hours

N/A
STCW Table
N/A
Function
N/A
Competence
N/A
KUPs

Cyber security threats and vulnerabilities

Activity Title
CO4: Interpret cyber security risk management plan for shipboard and shore
Course outcome application
LO6.1 Describe the different cyber security threats to on-board operation and
vulnerabilities with regards to the motivation and objectives and the mode of
attacks
LO6.2 Describe the stages of a cyber-attack in terms of their effect to the
Learning outcome ICTinfrastructure and detectability
LO6.3 Cite examples of cyber-attacks to computer and computer networks
and itseffect to on-board operation

Computer Laboratory / Classroom

Activity Area
Cardstock (Cartolina) or Manila Paper
Materials Needed
Description Class activity on a creation of memory matrix for the different cyber security
threats and vulnerabilities especially those related to maritime and shipping.

Briefing Items to be discussed during briefing:

 Objective of the activity (Relate prior discussion)
 Description of the activity and any general instructions
 Performance criteria and standards
Instructor’s Action INSTRUCTOR’S COPY ONLY
1. Conduct briefing.
2. Form the class into groups with three to four members.
3. Facilitate the groups in choosing the cyber attack to tackle. They can also cite
outside of the given list..
4. Facilitate the groups in filling up the memory matrix.
5. Facilitate the group presentation.
6. Conduct debriefing.
Student’s Action 1. Fill up the memory matrix on cyber security threats and types of cyber-attacks.
2. Present the memory matrix to the class.
Debriefing Items to be discussed during debriefing:
 What went well
 What went wrong
 Summary and significance of the activity

Performance Criteria Performance Standards Score

UCLM CONTROLLED DOCUMENT

 Page 2 of 4

Performance Criteria Performance Standards Score

Content 1. Correctly describe the motivations of the different security
10
threat actors / groups
2. Correctly describe the objectives of the different security
10
threat actors / groups
Presentation 1. Regular/constant eye contact,
2. The audience was engaged, and presenters held the
10
audience’s attention.
3. Appropriate speaking volume & body language.

Marking guide
Scoring Method

Re-sit
Appeals and
Objections

UCLM CONTROLLED DOCUMENT

 Page 3 of 4

Cyber security threats

Group Motivation Objective

Activists (including disgruntled employees)

Criminals

Opportunists

States

State sponsored organisations

Terrorists

UCLM CONTROLLED DOCUMENT

 Page 4 of 4

Types of cyber attacks

 Malware  Water holing  Social engineering  Denial of Service (DoS)  Subverting the supply
 Phishing  Scanning  Brute force  Spear phishing chain

Type of cyber attack

Untargeted / targeted?

Example of an actual event

Description

Stages of the cyber attack

UCLM CONTROLLED DOCUMENT