Combatting Maritime Cyber Security Threats
The U.S. Executive Branch has declared that the cyber threat is one of the most serious economic and national security challenges we face as a nation, and that America’s economic prosperity in the 21st century will depend on effective cyber security. Before the maritime industry sounds the danger signal, it needs to monitor other industries and branches of the government and take proactive preventative measures. There is no better place to prepare future and current mariners for these challenges than in maritime simulators.
Cyber security refers to the technologies and processes designed to protect computers, networks and data from unauthorized access, vulnerabilities and attacks delivered via the Internet by cyber criminals. With the advent of computers, network devices and telecommunications that make transport of data via radio frequency common place, it has opened a new world of vulnerabilities to hackers to tap, steal, destroy or alter data. This has led into a new area of potential maritime threats that go well beyond physical piracy such as the Maersk Alabama. With the recent GPS spoofing of a yacht by students at the University of Texas, the maritime sector has entered into a new arena that must be addressed as Maritime Cyber Security.
The U.S., as a world leader and major target for terrorism in early 2013, through the Executive branch signed an Executive Order (EO) 13636 to Improve Critical Infrastructure (CI) cyber security and Presidential Policy Directive 21 – Critical Infrastructure Security and Resilience (PPD-21). It established an All Hazards approach to critical infrastructure security and resilience. The cyber security EO establishes a requirement for federal agencies to collaborate with their respective industry sectors to identify Critical Infrastructure that can be impacted by cyber activity.
This initial foray by the federal government has led other departments and agencies to take initial steps to address the growing issues with cyber threats.
The U.S. Department of Transportation, Maritime Administration (MARAD) being one of those proactive organizations has recently teamed with the Ship Operations Cooperative Program (SOCP) to cooperatively develop Information Systems Security Awareness Computer-Based Training (CBT) on cyber threats in the maritime environment. This is a first for the U.S. maritime community to recognize and take action to assist vessel owners and operators with training U.S. mariners on best practices to reduce the risks and vulnerability associated with information systems and devices.
Newly developed cyber training will provide mariners with a comprehensive overview of the range of threats that information systems and devices are subject to, and the practices recommended to minimize those vulnerabilities. Best practices that are addressed in the training include a wide range of topics, from maintaining security for networks, to personal use of workplace computers, good password practices, and issues concerning the use of social media like Facebook and Twitter. This training also addresses issues for mariners working aboard vessels, such as specific log-in policies and rules surrounding working with sensitive information.
Department of Homeland Security (DHS), through the United States Coast Guard (USCG), has also taken to task these growing threats and has determined that American ports, terminals, refineries, vessels and support industries are vital to the safekeeping of the nation’s infrastructure, security and our economy.
In short, there are as many potential avenues for cyber damage in the maritime sector as there are cyber systems. While only some cyber-attack scenarios in the maritime sector could credibly lead to a Transportation Security Incident, we must identify and prioritize those risks, take this threat seriously, and work together to improve defenses.
Security and Survival at Sea
Will the next hacker chess match take place on the high seas with oil tankers, container ships and other specialized vessels that transport approximately 90 percent of the goods moved around the world?
Many devices are connected online which makes them more vulnerable to attack. As the maritime and offshore energy industries connect ships and oil rigs to computer networks, they expose considerable weaknesses that hackers can exploit. For example, it was discovered that pirates off the coast of Somalia and other key piracy areas hand pick their shipping targets by tracking online the navigation track of the vessel through AIS, ECDIS and radar. In the oil industry, hackers have committed much turmoil including the tilting of an oil rig, causing it to be shut down, as well as the penetration of the networked computing systems on another rig with malware that took trained personnel almost three weeks to clear. Other events have included smugglers hacking into networked systems to be able to locate containers with drug contraband and cleanly confiscate the drugs without being detected. They even went so far as attempting to delete the data for the shipment. While data on the extent of the maritime industry’s exposure to cyber-crime is hard to come by, a study of the related energy sector by insurance companies recently indicates that much of it maybe insurable.
As the energy and oil industry has been targeted for some time, statistics are available that indicate this is already have a billion dollar impact on the world economy. In the maritime industry, the number of known incidents appears to be low due to either the companies being unaware of the cyber-attacks or because of the desire to keep such news from reaching the press with potential detrimental business impact to the company.
There are few documented reports that hackers have compromised maritime cyber security. But scientists indicate they have determined areas in three key systems that mariners use to navigate: GPS, Automatic Identification System (AIS), and the system for viewing digital nautical charts Electronic Chart Display and Information System (ECDIS).
Increasingly, the maritime domain and energy sector has turned to technology to improve production, cost and reduce delivery schedules. These technological changes have opened the door to emerging threats and vulnerabilities as equipment have become accessible to outside entities.
As vessels continue to increase in size, the crewing continues to decrease, with the paramount shift in vessel operations, ship owners and yards have increasingly added more automation and remote monitoring systems to vessels. This has led to a dilemma, as more systems and devices on vessels might enhance productivity and safety on one hand, but on the other it presents more systems for hackers to compromise and control. It is fairly well-known that a significant proportion of computing and network devices are connected to the internet using serial ports with poor security. Devices range from simple traffic items such as stop light which have been proven that they can be controlled remotely by hackers, to complex items for the oil and gas industry that monitor and control oil rigs.
It has been reported that some ships switch off their AIS systems when passing through waters where pirates are known to operate, or fake the data to make it seem they’re somewhere else. Some shipping companies are now taking cyber risks as true credible threats and taking necessary measures to beef up network and telecommunications security. Recent studies of U.S. ports have determined that very few have conducted cyber assessments and even fewer have developed a response plan. Very little federal money has been allocated to the maritime industry for cyber security projects or training.
This lack of cyber security preparation by U.S. ports actually carries over to the shipping companies where it has been discovered that most have substantial security issues. However the good point is that the maritime industry has had limited compromising of its computing and network systems. This may be tied to the factor that they have not been a high priority and have not been on the radar screen of hackers.
What should concern many in the maritime industry is that the main ship navigation systems including GPS, AIS and ECDIS receive data via radio frequency transmission at sea and as such are extremely vulnerable to hacking. AIS and ECDIS are now mandatory on larger commercial and passenger vessels per the recent IMO 2010 Manila Amendments. This new requirement has increased the need for shipping companies to come with security measures and protocols to protect these devices from intrusion by outside sources.
It has also been known for some time that ECDIS systems and the required software update downloads can be compromised by hackers with severe repercussions. This came to light last year with the grounding of a U.S. naval vessel in the Pacific Ocean where it was reported that the ECDIS charts were incorrect and may have had an impact on the accident. A related discovery has been the widespread abuse of AIS by the maritime sector. Many ships deliberately transmit incorrect AIS position data attributable to security reasons in certain parts of the world including off the coast of Somalia, in the Caribbean smugglers do it to avoid tracking and arrest by law enforcement and even fishermen do it for financial gain by fishing in areas that are not permitted. Of paramount importance is the need for the maritime community to understand the principles of information systems and cyber security and it how it applies to on-board equipment before they can implement changes and conduct training so that personnel are aware and can act accordingly. Several areas that the maritime industry will need to come to speed on are the following:
There are many recent stories portending to GPS spoofing, including the June 2013 project at the University of Texas where they employed GPS spoofing as they hacked and manipulated the software to disorient the navigation system on a luxury yacht. Upon cloaking the device and transmitting the false signal, the yacht changed course abruptly when it received the false signal. Although this occurred because a system linked to the ECDIS handled the steering and not a helmsman, it still did happen. This opened up a new dilemma for the world for navigation on how to verify the accuracy and correctness of GPS signals.
GPS has vulnerabilities that pose potential risks. In 2008 in response to presidential direction the U.S. government announced that they would establish a nationwide resilient terrestrial based system to augment GPS, and it would be named eLoran. This new system would build upon and modernize the old Loran-C system, while being less expensive to operate and be much more precise. The U.S. is not alone in recognizing GPS vulnerabilities; numerous other countries including most of Europe, India, Russia and China have installed or will install eLoran systems. Unfortunately the US government via the Department of Homeland Security had planned on dismantling the remains of the old LORAN-C infrastructure even though it is feasible to use it for the new eLoran. The good news is that there are currently plans in place to resurrect and enhance the old system and turn it into a state of the art electronic terrestrial based system that will complement and backup GPS.
It was recently reported that prominent aids to navigation on the approach and within San Francisco harbor have now been added into the electronic aid to navigation (eATON) system. San Francisco has become the Beta port in the U.S. as it is the first one to begin using this unique system.
This is not a costly process to implement as it does not require the U.S. Coast Guard to install electronic transmitters on the aids to navigation. Due to the fact that the aids to navigation are located in fixed positions in the ocean or on land or fixtures such as the Golden Gate Bridge, they have their own electronic identification assigned to them which is added into the Automatic Identification System (AIS). With the Golden Gate Bridge the center span is marked by a RACON, and the bridge towers are marked by eATON digital markers.
This system in the San Francisco area is also being used in conjunction with reporting points in the Traffic Separation Scheme (TSS) including the San Francisco “SF” buoy that serves as the embarkation point for the Bar Pilots.
It has been reported by the USCG that eATONs will not replace the actual physical navigation aids but will supplement the existing technology as well as add a virtual layer of aids to navigation in areas that previously were physically impossible to do or impractical in nature. This now allows the USCG to place an eATON in the TSS where it was too deep before to do as well as mark a bridge tower that was practically needed most in reduced visibility not in day light.
This technology eventually will allow the USCG to install transmitters on buoys so that the prudent mariner will be able to track where the buoy actually is as opposed to where it should be per a nautical chart.
In a conflicting statement it was also recently reported that certain aids to navigation will be removed off the coast of California. This decision was tied to the presumption that all vessels are equipped with Electronics Chart Display and Identification System (ECDIS) which has been required by the IMO 2010 Manila Amendments to be installed on most vessels (tied to class and size) over a six year period starting in 2012.
This could lead to disastrous consequences because a significant segment of the maritime industry including towing, fishing and recreational are not required to be ECDIS equipped. Additionally even for the blue water international commercial fleet reliance on ECDIS and GPS alone can be dangerous especially in light of the recent GPS spoofing phenomenon. Prudence and situational awareness dictates that the professional mariner needs to rely on visual aids to navigation within sight of land. Additionally what happens when you have an electronics failure and loose an ECDIS or both of them on a commercial vessel?
It is thought that ECDIS has some underlying software security vulnerabilities that could lead to disastrous results for ships at sea.
The basis of ECDIS is a navigation based charting system that use a computing system to digitally display nautical charts along with the exact location and track of own ship. This is a dramatic alternative and improvement to paper charts and the current system of hand plotting positions. ECDIS’s are installed on the bridge of a vessel and larger vessels are required to have two of them, one as a backup. When they are properly used with an ENC chart they can take the place of paper nautical charts. This is an increasing trend in the maritime industry. Where the problems arise is not when the ECDIS’s are in standalone mode but when they are networked together and when data is downloaded via an external source, whether through a USB port via a memory stick or via the net. Through the recently released IMO 2010 Manila Amendments regulations were implemented that now requires EDCIS to be installed on all commercial vessels of a certain size. This will slowly eliminate the reliance on paper charts and take the maritime industry on a journey into the electronic world where the next evolution will be the use of portable smart devices by navigators. Safe guards need to be put in place for ECDIS data updates as well as external security breaches when they are operated in a networked setting.
When AIS is operated as intended it is a useful navigational aid that can be instrumental in collision avoidance. As has been published due to the configuration of the system much of the transmitted data can be manipulated or distorted. This has been confirmed recently by several sources including the Israeli’s. They have noted that vessels transmitting AIS spurious signals were nowhere near their actual location and on other occasions they also had phantom ships appear that could not be found. This system along with GPS and the recent spoofing episode needs to be enhanced to include some type of signal authentication process so that erroneous signals will not be displayed.
Smart ships are on the horizon and it has been predicted between 2020 and 2030 that we will see such a ship going about its normal business at sea without a crew and being totally monitored from shore. Shipyards are already constructing vessels that are fully sensored so that they can be monitored after it is delivered and while it is at sea for maintenance and servicing purposes. These vessels can take two forms either autonomous or unmanned. Autonomous is defined as a vessel primarily guided by automated on-board decision systems but controlled by a remote operator in a shore based control facility. Unmanned is one step beyond autonomous and is totally controlled from a shore based control station. Key features would be the standard maritime policy of having redundant systems and emergency backups on board. Where does this new technology take us in the maritime simulation world? Possibly as is done with USAF we will have ship drone training and certification. This could tie into the scenario with a fully integrated navigation suite of GPS, eLORAN, EATON and a digital visual sensor system that can be fully controlled and monitored 24/7/365.
Maritime simulation is important as it imitates the operation of a real-world vessel in a safe environment. The act of simulating cyber threats and scenarios will allow us to focus on these new cases of spoofing and jamming through the mariner’s heavy reliance on Radio Frequency (RF) transmissions that can potentially be comprised. Simulation can be used to show the eventual real effects of alternative conditions and courses of action on the vessel. Simulation is of utmost importance specifically where we need to interact in congested waterways, narrow channels, dense traffic and many other restrictions including dangerous cargoes. What simulation will allow us to do is introduce many of these potential cyber threats in a real life environment and let the mariner interact with the exercise and respond in real time. In developing the next wave of maritime education it is a logical evolution to go beyond Vessel Security Officer (VSO) and create a new role for a Vessel Cyber Security Officer (VCSO) in a Maritime Cyber Security (MCS) program. This position could be an extension of the VSO or a new certification. In either direction it is necessary to have crew members with these skill sets who can act as the responsible officer(s) on each ship. As the go to personnel, they would be responsible for all levels and details of cyber security and defense. Through the recently released STCW 2010 Amendments IMO has already proactively moved forward with the introduction of the Electro Technical Officer (ETO) and an Electro Technical Rating (ETR).
How does the industry move forward and get to that logical level of training and preparedness? First it needs to review existing maritime simulation to determine the equipment and systems we are using. Next step is determine how they are integrated, as well as built-in security in place. From this we can start the journey on determining how cyber threats could attack, destroy or disable the equipment … or in the worst case scenario … take command of it. In the end it is through the awareness training and education that mariners will be able to thwart these infiltrations.
Another source of mariner awareness and training must be the use of the internet and the download of potentially corrupt data through viruses, worms, phishing, spoofing and hacking. This may happen due to improper or lack of training or some circumstances an oversight due to fatigue but nevertheless it must be avoided. A similar path applies to the use of vessel email and the threat of receiving spear phishing emails purported from reliable sources with click-able links to websites that are fraudulent and will take control of your computer back door or install a virus.
In summary as we move forward we need to incorporate in the syllabi of all maritime simulation courses the basics of Maritime Cyber Security (MCS) as it is and ever present threat that will not go away. It is only through diligence and proper training and awareness that seagoing mariners will be prepared and ready to take appropriate actions when warranted.
Emil Muccin holds the current position of Assistant Department Head, Maritime Business Division of Marine Transportation Department and is also an Associate Professor of Nautical Science at the United States Merchant Marine Academy. He previously was the Marine Transportation Department STCW Coordinator. Additionally he is the Faculty Advisor to the Cyber Defense and Propeller Clubs. Emil graduated from the USMMA with a BS in Nautical Science and from Pace University with an MBA in Information Systems. He sailed for many years as the Master of paddle wheelers on the Hudson River.
(As published in the June 2015 edition of Maritime Reporter & Engineering News - http://magazines.marinelink.com/Magazines/MaritimeReporter)