Whether it’s a fire or a flood, a ship’s crew can only rely on itself and its training in emergencies at sea. The same is true for crews facing digital threats on oil tankers, cargo ships, and other commercial vessels.

New cybersecurity research from the Georgia Institute of Technology, however, revealed that crews aboard commercial vessels were often not adequately prepared to manage cyberattacks effectively due to systemic training gaps.

The findings are based on interviews conducted by researchers with more than 20 officer-level mariners to assess the maritime industry’s readiness to handle cybersecurity attacks at sea.

"Historically, cybersecurity research has focused heavily on cyber-physical systems like cars, factories, and industrial plants, but ships have largely been overlooked,” said Anna Raymaker, Ph.D. student and lead researcher.

“That gap is concerning when more than 90% of the world’s goods travel by sea. Recent incidents, from GPS spoofing to ships linked to subsea cable disruptions, show that maritime systems are increasingly part of the global cyber threat landscape.”

The researchers proposed four practical strategies to strengthen maritime cyber defenses and close the training gaps. Their findings were presented recently at the ACM SIGSAC Conference on Computer and Communications Security (CCS).

1. Make Cybersecurity Training Actually Maritime

Many of those interviewed for the study described current cybersecurity training as “boilerplate” — generic modules that don’t reflect real shipboard risks. 

Researchers recommend:

• Role-specific instruction: Navigation officers should learn to detect and identify GPS spoofing. Engineers should focus on vulnerabilities in remotely monitored systems.
• Bridging IT and Operational Technology: Crews need to understand how attacks on IT systems can trigger physical consequences in operational technology — including collisions, groundings, or explosions.
• Hands-on delivery: Replace passive PowerPoints with drills and in-person exercises that build muscle memory.
• Accessible standards: Training must account for the wide range of educational backgrounds across crews and be standardized across ranks.

2. Move Beyond “Call IT”

At sea, crews can’t simply escalate a cyber incident to a shore-based IT department and wait. Operational resilience requires onboard readiness.

Researchers recommend:

• Vessel-specific response plans: Ships need clear, actionable protocols for threats such as AIS jamming or radar manipulation.
• Military-style drills: Adopting MCON (Emission Control) exercises — used by the U.S. Military Sealift Command — can train crews to operate safely without electronic systems.
• Stronger connectivity controls: High-bandwidth satellite systems like Starlink introduce new risks. Clear policies and network segregation are essential to prevent new entry points for attackers.

Related Article: When GPS lies at sea: How electronic warfare is threatening ships and their crews by Anna Raymaker

3. Create Unified, Ship-Specific Regulations

Maritime cybersecurity regulations are often reactive and fragmented. Researchers argue the industry needs a cohesive, domain-specific framework.

Key recommendations include:

• A unified global model: Like the energy sector’s NERC CIP standards, a maritime framework could mandate baseline controls such as encryption, network segmentation, and anonymous incident reporting.
• Rules built for real crews: Regulations designed for large naval operations don’t translate well to smaller merchant or research vessels. Standards must reflect actual shipboard conditions.
• Future-proofing requirements: Autonomous ships and remotely operated vessels expand the cyber-physical attack surface. Regulations must proactively address these emerging technologies.

4. Invest in Maritime-Specific Cyber Research

Finally, the researchers stress that long-term resilience requires deeper technical research focused on maritime systems.

Priority areas include:

• Real-time intrusion detection systems tailored to shipboard protocols.
• Proactive security risk assessments of interconnected onboard systems.
• Cyber-physical modeling to better understand cascading failures in complex maritime environments.

The Bottom Line

Cyber threats at sea are no longer hypothetical. Mariners report real-world incidents ranging from GPS spoofing to ransomware that disrupts global trade.

“Through our interviews with mariners, I saw firsthand how much dedication and pride they take in their work,” said Raymaker. “Our goal is for this research to serve as a call to action for researchers, policymakers, and industry to invest more attention in maritime cybersecurity and support the people who risk their lives every day to keep global trade, food, and energy moving."

A Sea of Cyber Threats: Maritime Cybersecurity from the Perspective of Mariners was presented at CCS 2025. It was written by Raymaker and her colleagues, Ph.D. students Akshaya Kumar, Miuyin Yong Wong, and Ryan Pickren; Research Scientist Animesh Chhotaray, Associate Professor Frank Li, Associate Professor Saman Zonouz, and Georgia Tech Provost and Executive Vice President for Academic Affairs Raheem Beyah.

Five Georgia Tech computer science (CS) students have been named Squarepoint Foundation Scholars, receiving merit- and need-based scholarships for their undergraduate studies. The Squarepoint Foundation is providing $100,000 to fund the awards, which offer $10,000 per year for two years to rising third-year students. 

Now in its second year of supporting the College of Computing, the Squarepoint Foundation continues to expand opportunities, enabling students to focus fully on their studies and pursue activities outside the classroom.  

A selection committee led by Mary Hudachek-Buswell, interim chair of the School of Computing Instruction (SCI), chose this year’s cohort.  

“These students exemplify the curiosity, talent, and determination we strive to cultivate in computer science,” Hudachek-Buswell said. “The Squarepoint Foundation Scholarships will give them the opportunity to focus fully on their studies while pursuing research and projects that have the potential to make a real-world impact.” 

The scholars have demonstrated strong leadership across campus, with all five serving as teaching assistants (TAs) and earning faculty honors. The cohort is also engaged in research and study abroad opportunities. 

Founded in 2021, the Squarepoint Foundation supports STEM education and research while partnering with organizations worldwide to expand opportunity and access.  

“We are proud to continue our partnership with Georgia Tech, as we extend our support to a number of students working towards achieving their academic goals,” said Allison Henry, Squarepoint Foundation manager.  

“The Squarepoint Foundation aims to increase access to education, ensuring that all individuals have the opportunity to pursue the degree of their choice, no matter their circumstances. We wish these talented students the best of luck as they undertake their studies and recognize them for their hard work and dedication to the STEM field."

Meet the Scholars

Maria Cymbalyuk 

Cymbalyuk studies Cybersecurity and Information Internetwork threads, focusing on how technical systems shape who is protected or exposed in digital environments. She’s interested in supporting public defenders and improving access to justice through technology. 

“This scholarship made this semester feel less financially stressful and more like I can focus on building the skills and experiences I care about,” Cymbalyuk said. “I want to use my skills to build tools and do research that supports public interest organizations.” 

Marziah Islam 

Since 2020, Georgia Tech has partnered with Sandia National Laboratories, a federally funded research and development center focused on national security. In February, the two institutions renewed their collaboration with a new Memorandum of Understanding (MOU), reaffirming a relationship that has already strengthened research capabilities on both sides.

The partnership has driven progress in areas ranging from hypersonics to bioscience, while also deepening institutional ties beyond research. Joint faculty appointments — such as Anirban Mazumdar, who holds roles at both Sandia and the George W. Woodruff School of Mechanical Engineering — demonstrate how closely the organizations work together. The collaboration has also expanded student talent pipelines, providing more avenues for Georgia Tech students to pursue careers at the national lab.

“At its core, this partnership is about people,” said Tim Lieuwen, executive vice president for Research at Georgia Tech. “Sandia and Georgia Tech share a commitment to discovery and developing the talent, creativity, and collaboration our nation needs.”

The renewed MOU, he said, “strengthens connections between our researchers, opens new doors for our students, and builds meaningful career pathways into national service. When our communities work together to address national priorities, we not only accelerate technological advances — we expand opportunities for the people who will shape the future of our nation’s security.”

Under the new MOU, Sandia and Georgia Tech will focus on integrated research across key national security‑aligned areas, including secure artificial intelligence and computing, quantum technologies, critical minerals, advanced manufacturing, energy and grid resilience, and hypersonics. The partnership emphasizes connecting manufacturing, computation, and systems approaches directly to national security applications.

“Together, we have been solving new and unprecedented challenges in science and engineering, and now we have a great opportunity to develop this partnership,” said Dan Sinars, Sandia’s deputy chief research officer. “Our research benefits both national security and national prosperity, and keeps the country at the forefront of the world.”

With this strengthened connection, the partners aim to grow their shared research footprint through increased funding, publications, and faculty-led startups. Over the long term, Georgia Tech intends to become one of Sandia’s top hiring pipelines, ensuring that talent developed through joint research continues into national security careers.

History of the Partnership

The Institute’s collaboration with Sandia began in the mid‑2010s, when the labs selected Georgia Tech as one of its partner institutions. The first MOU, signed in 2015, formalized the relationship and outlined initial technical focus areas. 

In 2018, George White, executive director of strategic partnerships, and Olof Westerstahl,  senior director strategic initiatives in the Office of Corporate Engagement, helped expand the partnership. They launched “Sandia Day,” an event designed to introduce Georgia Tech faculty to Sandia researchers and spark new collaborations. By 2020, the organizations signed a second MOU that expanded the partnership’s technical focus areas to include energy and grid security, materials and nanotechnology, advanced electronics, advanced manufacturing, advanced computing, cyber and information security, bioscience, hypersonics, quantum information science, and engineering sciences.

The results have been substantial. Since 2018, Sandia has sponsored $35 million in research collaborations with Georgia Tech. Researchers from both institutions have co-authored 450 publications since 2016. Research activity continues to accelerate, with $1.6 million in new contracts in the past year alone. As of August 2025, Sandia employs 325 Georgia Tech alumni — a testament to the impact of the growing talent pipeline.

“We view our work with Sandia as the model for engagement with other national labs,” said White. “With the new MOU, we will continue to grow the Sandia partnership. I would like to see our footprint double in scope in the next five years.”

 

The College of Computing is forging new relationships with Atlanta’s venture capital community to advance entrepreneurial opportunities for students.

Nearly two dozen venture capital (VC) leaders based in Atlanta and the Southeast participated in a half-day summit at the College on Jan. 21.

Co-hosts Dean of Computing Vivek Sarkar and Noro-Moseley Partners General Partner Alan Taetle organized the invitation-only summit. Their goals were to:

• Showcase the College’s research strengths and entrepreneurial culture
• Deepen connections between academic innovation and startups
• Explore opportunities for collaboration, commercialization, and startup growth

The summit’s guest list included founders, partners, and leaders from VC firms. Many of these firms focus on early-stage startups in SaaS, fintech, cybersecurity, and other emerging technology markets.

Research With Commercial Impact

Sarkar outlined the College of Computing’s academic mission and research priorities during his opening remarks. He emphasized the College’s role in advancing innovation in cybersecurity, artificial intelligence (AI), and other emerging research areas.

“One of the College’s strategic pillars is what I call ‘X to the power of Computing’,” Sarkar said. “Look at any discipline or industry X to see where they're innovating and where their advances are being made, and that’s where Computing meets that discipline.”

Along with remarks from the dean, the summit featured presentations highlighting Georgia Tech’s entrepreneurial ecosystem and College-led research initiatives with strong commercialization potential.

Expanding Support for Student Founders

Jen Whitlow leads Community Partnerships at Fusen, a global platform for student founders created by Atlanta philanthropist Christopher W. Klaus. She described Klaus’s support for student entrepreneurship, including GT Computing’s annual Klaus Startup Challenge. In 2025, Klaus awarded five winning teams $150,000 each to cover startup costs.

Whitlow also updated guests on Klaus’s commitment, announced in May 2025, to covering the incorporation costs for any graduating student who aspires to launch a startup.

“More than 600 graduates from last year’s Spring and Fall Commencements have accepted the gift, and more than 225 recent graduates have completed their incorporation to date,” Whitlow said. She added that a second cohort of Fall 2025 graduates is being processed over the next few weeks.

Offering an enterprise-level view, CREATE-X Rahul Saxena presented recent updates to commercialization at Georgia Tech and efforts to streamline entrepreneurial processes.

Saxena emphasized the launch of Velocity Startups, an accelerator that provides the resources and infrastructure student startups need to bring their innovations to market.

Building the Pipeline From Research to Startup

Following these updates, GT Computing faculty delivered lightning-round presentations highlighting the College’s research strengths in AI, cybersecurity, and high-performance computing.

“The tighter the local investing community is with Georgia Tech, the better off both are,” said Taetle, who has been a member of the College’s Advisory Board for more than 20 years.

“It’s critical in this super-competitive world that we do everything that we can to support this fantastic university.”

Taetle added that the summit was part of a broader effort to strengthen the College’s entrepreneurial pipeline.

“There are some really big ideas here, which could turn into really big companies,” he said. “We’ve made some great strides on the commercialization front, but we still have that opportunity and challenge in front of us.”

The afternoon concluded with a discussion of next steps and engagement opportunities, led by Sarkar and Jason Zwang, GT Computing’s senior director of development. The discussion focused on research partnership opportunities, startup formation, and student involvement.

Zwang emphasized the importance of investing in Atlanta’s innovation ecosystem, citing the city’s strong fundamentals and pro-growth climate for entrepreneurship.

“This gives us a unique opportunity to start working more closely with the local VC community, and it’s also great for our students,” Zwang said.

Sarkar agreed, saying, “There’s no downside for students to get involved in a startup. It might take off and be a bonanza. If not, the experience makes you a more competitive hire because of the breadth of experience you gain at a startup.”

To foster these opportunities for students, Zwang said that a key priority is to establish earlier, more intentional connections among students, startups, and investors.

“This is a pivotal moment,” he said. “We can determine how to connect students with the VC and startup community earlier and ensure these investors remain involved with the College.”

College leaders said the summit underscored Computing’s commitment to fostering an entrepreneurial culture and to building lasting relationships that can help accelerate the real-world impact of its research beyond the Institute.

“Georgia Tech is a force multiplier for entrepreneurship,” said Sarkar. “We’re here to change the world. We want to inspire a culture of bold, big entrepreneurial thinking, and look forward to the next steps that will follow this VC summit.”

Fan Zhang, an assistant professor in the George W. Woodruff School of Mechanical Engineering’s Nuclear and Radiological Engineering and Medical Physics (NREMP) program, has been named to the American Nuclear Society’s (ANS) 40 Under 40 list.

The list, published in the November issue of Nuclear News magazine, recognizes early career professionals who have made significant contributions to the nuclear field and are poised to shape its future. The 40 honorees are featured in a special section highlighting their accomplishments, leadership, and impact on the industry.

Zhang said the ANS recognition is both meaningful and motivating.

“It’s a humbling reminder that the work I’m passionate about—making nuclear systems safer, more efficient, and more secure—matters to the broader community,” she said. “It motivates me to give back and keep mentoring and inspiring the next generation and make a global impact.”

Zhang directs the Intelligence for Advanced Nuclear (iFAN) Lab, where her research primarily focuses on nuclear cybersecurity, robotics, anomaly detection, digital twin, machine learning and artificial intelligence.

“We create solutions to make nuclear systems safer, more efficient and secure,” she said.

Read Full Story on the ME Newspage

Robotic systems are currently deployed in sectors ranging from industrial manufacturing to healthcare to agriculture, adding benefits in production times, patient outcomes, and yields. This trend towards greater automation and human robot collaborative work environments, while providing great opportunities, also highlights a critical gap in cybersecurity research. These systems rely on network communication to coordinate movement, meaning that security breaches could result in the robot acting in ways that may endanger people and property.

Current cybersecurity approaches have been shown to be insufficient in blocking sophisticated attacks aimed at networked robotic motion-control systems.

To address this gap, Jun Ueda, Professor and ASME Fellow in the George W. Woodruff School of Mechanical Engineering at Georgia Tech, has been awarded approximately $700,000 by the National Science Foundation to establish methods to enhance cybersecurity for networked motion-control system. The research will focus on the unique geometric vulnerabilities in networked robotic systems and stealthy false data injection attacks that exploit geometric coordinate transformations to maintain mathematical consistency in robotic dynamics while altering physical world behavior.

Using an interdisciplinary approach that will combine research methodology from system dynamics, control, communication, differential geometry and cybersecurity engineering, Ueda hopes to establish new mathematical tools for analyzing robotic security and develop safer networked robotic systems that successfully repel system intrusion, manipulation attacks, and attacks that mislead operators. 

 

 

This article refers to NSF Program Foundational Research in Robotics (FRR) Award # 2112793 
A Geometric Approach for Generalized Encrypted Control of Networked Dynamical Systems

Research Communications Program Manager

Klaus Advance Computing Building 1120E | 266 Ferst Drive | Atlanta GA | 30332

christa.ernst@research.gatech.edu