Secure at Sea: The Growing Pains of Cyber-Security
By Corey D. Ranslem
**This Column originally appeared in The Triton Nautical Newspaper (https://www.the-triton.com/2018/06/secure-at-sea-the-growing-pains-of-cyber-security/)**
When I heard about it, I was amazed but not surprised. The high-roller database at a major casino recently had been completely compromised. The attack vector: the IoT (Internet of Things) temperature control system on the fish tank in the lobby. The attackers were able to download more than 10 gigabytes of critical client information.
How in the heck do you stop, or even contain, this ever-growing problem?
Five years ago, you couldn’t get five people to a cyber security seminar; today, it’s standing room only. Expert companies are popping up all over the world, offering a plethora of cyber-related services for the maritime industry. This is reminiscent of the many maritime security companies that came into being during the high days of piracy nine years ago. Many of those companies now have moved on or are out of business.
Cyberattacks of various types are taking place at alarming rates within the maritime industry. Both state and non-state actors are perpetrating attacks for control of systems, theft of critical data and financial gain. Several criminal organizations are specifically targeting this industry because of they perceive there is little or no system protection. Their assumptions aren’t far off. Although owners of large yachts go to great lengths to protect the various aspects of their lives, yacht IT systems usually get very little focus.
This month, I will illustrate some of the more common cyberthreats. Remember, there is no single “magic bullet” strategy to completely mitigate cyber-related issues. If you are looking for that single piece of software or technology to completely mitigate your cyber issues, you won’t find it.
The most popular attack within the large yacht industry has been a “man in the middle” attack. The attackers secretly insert themselves into the communication between two parties. They eventually take over the identity of one of the parties within the communication. They will then typically alter details of a transaction so that payments between the parties are made into the attackers’ bank accounts. The transaction is almost untraceable, and the jurisdictional issues make this an easy crime.
Another popular attack is the compromise of sensitive data through an APT, or advanced persistent threat. Yacht owners typically will conduct business transactions while on board. Computer viruses can easily be introduced into an onboard network by crew members, guests or the owners themselves by opening emails with unknown files that launch the attack. Once the virus is within the network, it is easy for hackers to take control and gain whatever information they want, or to connect with and use any device within the network.
One of the most concerning types of attacks on board a large yacht would be the hack and compromise of the vessels control and navigation systems. This type of attack concerns the maritime industry, the aviation industry and self-driving cars (as that technology develops). The hack has been demonstrated in laboratory-type settings under almost perfect conditions. While possible, this type of attack isn’t as high on the scale as a man in the middle attack or an attack to compromise data and shut down systems. Specific attacks on a vessel’s control and navigation system would typically be directed against specific vessels/individuals.
The final hack I mention this month – and probably one of the most concerning for just about everyone – is the hack of the worldwide Global Positioning System (GPS) satellites. Millions of GPS devices exist and assist in our day-to-day lives. Most smartphones have some type of GPS and mapping software. Navigation systems onboard aircraft and vessels rely on GPS for safe movement. This type of hack attack, which can be done locally or through the satellites, is happening in different parts of the world. The U.S. Coast Guard and other organizations have received several reports of GPS system anomalies, specifically in the Eastern Mediterranean.
Next month, I will look at hacking a vessel’s VSAT, crypto-jacking and some of the ways you can protect your vessel and IT systems on board from these potential types of attacks.
Corey D. Ranslem is the CEO IMSA and a recognized expert on maritime security. He hosts the companies weekly Maritime Video Blog on You Tube. He has been in maritime security and law enforcement for over 24 years; serving eight years with the U.S. Coast Guard. You can follow him on Twitter.