Cyber security for ships and shipping


#1

This is a very relevant subject in these days of increased dependence on internet connected devices on ships and for shipping in general. The subject pops up in different places on the forum. Time it get it’s own thread.

Starting with this article from Marex today:


#2

Appears to be a domain whitelisting service. Not perfect (nothing is) but applicable for static networks when the only legitimate traffic is between the ship and home. Of course the crew may complain since they will no longer be able to surf the web :grinning:

Cheers,

Earl


#3

As was alluded to in that other thread, security is not something you add onto your IT systems. Rather, basic system design is the most important aspect of securing your IT infrastructure. Has something like ITIL been developed specifically for ships? A solid best practices library focusing on strict segregation of mission critical systems must be the place to start.


#4

Cyber security is hot topic in the shipping world:
https://www.marinemec.com/news/view,denmarks-cyber-security-strategy-underscores-need-for-early-ism-compliance_56512.htm


#5

This thread reminded me of an unassuming edit I made on Wikipedia:

Since the advent of Software Defined Radio, GPS simulator applications have been made available to the general public. This has made GPS spoofing much more accessible, meaning it can be performed at limited expense and with a modicum of technical knowledge.

I cited this Defcon talk as a reference, and it’s worth your time if you find this issue interesting. The gist of it is that creating a signal with false information is no longer on the cutting edge of military technology, but something pretty much anyone can do. With a bit of rudimentary programming, you could create a position stream based on AIS data from a target ship and beam it aboard with a directional antenna, walking it off its intended track and pretty much taking it where you want.

Given how much trust we put in a gps derived position, I’m afraid that bad thing will happen before effective countermeasures are put in place.


#6

And if you did that, satellite and locally received AIS would show the target vessel in the expected position rather than the actual one. And I’m guessing that if the actual position was reasonably far away from the expected one, nearby chart displays would hold its position as outside the current display limits of the chart; so the guy on the bridge with his binoculars would simply assume that the vessel he was looking at had its AIS transponder broken.


#7

With the increasing dependence or reliance only on GPS, this is a serious problem.
GPS is controlled by one nation and could be turned off, or be returned to a scrambled system at will by that nation. That is why there are more than one SatNav system already available. (And more coming soon)
Or could all such systems be spoofed simultaneously with the same simple and cheap method?

Second question; could not an attempt to divert a ship by this method be detected by either the navigators on board, or by shore based monitors if autonomous??


#8

AFAIK, spoofing a glonass signal shouldn’t be any more difficult than a GPS signal, but the GPS standard is very well understood in the hacker community. I don’t know how many years of research will be needed before they put a glonass simulator out there.

The only way to detect this would be to monitor different sources of heading and positional data, and consider those sources more reliable. It’s that last bit that worries me. If there’s a discrepancy between gyro derived / magnetic heading and your track / satellite heading, which source would you trust? If the sun rises on an unexpected bearing, do you challenge the GPS data or your expectation of where the sun should rise? I’m sure that some sailors would spot the error, but equally sure that a lot of bridge teams would be very vulnerable to this.


#9

Human ability to detect anything like this is limited by their knowledge, training and consent ration span, which has already been proven time and again
So you need to stay on top of the “spoofers” by having multiple sources of SetNav and multiple ways of detecting any interference.

There are already several SatNav systems in operation and more coming according to Wikipedia:

UK should be added to the list of nations that MAY develop their own system:

PS> Directional antenna means you have to be pretty close to your target right??


#10

I was thinking hand held yagi or gyro stabilized parabolic reflector working in line of sight. The problem is not getting the signal on board, since the GPS signal is very weak, but avoiding interfering with everyone else’s GPS signal (a sure way to get detected). I suppose if you want to take a ship for a long walk, you’d want the transmitter onboard to avoid having to keep the attack craft in visual range.

You could theoretically detect interference by SNR anomalies, but I think it would be very difficult to do so reliably in practice without lots of false positives.


#11

DNV-GL approve Cyber Security type approval to Naval Dome:
https://www.hellenicshippingnews.com/dnv-gl-awards-naval-dome-secure-endpoint-cyber-security-type-approval-certification/


#12

Cyber Security is getting a lot of attention lately.
Here is a an invitation to take part in an IHS Markit survey I received by e-mail today:
http://app.ihs.com/e/es?s=1770935282&e=581908&elqTrackId=86b7f4d057894b6bba0e97689b51778f&elq=58495c9ba12341828600f65c69f56cfc&elqaid=78072&elqat=1
Feel free to participate.