Source: Adapted from IAPH (2021) Cybersecurity Guidelines for Ports and Port Facilities, Version 1.0, International Association of Ports and Harbors, Tokyo.
Cyberattacks are undertaken by various agents, each having its own motivations and objectives. The core motivation remains financial gains undertaken by specialized criminal groups with the use of ransomware on the rise. Using emails sent to accounts within an organization, the goal is to trick at least one recipient into opening an attachment or opening an embedded link. Once this happens, the malware is activated and tries to propagate through the internal network, infecting as many computers as possible. For ransomware, files on infected computers are encrypted, leaving the system unable to function with a message that offers decryption if a payment is made to a specific cryptocurrency wallet.
Other emerging forms of cyberattacks are by activist groups that try to disrupt the IT system of a target organization judged to be representative of a cause it wishes to fight for. This can involve denial of service (DoS) attacks where a server is overwhelmed with multiple requests. In this case, the motivations are not financial, but to damage the reputation of an organization and even disrupt its operations. Since cyberattacks continue to evolve in nature, an organization must continuously adapt to new threats, train personnel, and upgrade its information technology systems.