In recent months, we witnessed a tragedy in Ukraine. In military operations, we noticed the capabilities of hackers. They could damage power grids, supply chains, banking systems, water treatment, and communications. Targets of maritime interest were transportation infrastructures and ports. As per a report by Microsoft, the success of such cyber-attacks is achievable through social engineering. This practice allows targeting careless or untrained employees. In addition, several studies on cyber-attacks highlighted real ship navigation risks. Some with navigation interests are:
- AIS Denial-of-Service (DoS), spoofing
- Message flooding
- GPS spoofing
- RADAR antenna exploitation
- ECDIS image freezing
You can find details of the latest papers and examples of such attacks below.
Some published notable cases are the below:
Cyber-warfare Examples
• In February 2022, intelligence information on the Ukrainian military offices and government networks leaked.
• On January 15, 2022, a ransomware attack, targeted the government, non-profit organizations and IT institutions based in Ukraine
• On January 24, 2022, a cyber-attack that disrupted the operations of the railway system in Belarus slowed down the movement of Russian forces.
• On June 19, 2021, an online ship-tracking site showed that a British warship and a Dutch frigate were close to Sevastopol in Crimea, which escalated tension between Russia and Britain. Both ships were roughly 300 km away.
However, similar military operations have been worldwide such as:
• In Operation Orchard, the Israeli air force attacked a Syrian radar system without being noticed. It is believed that an Electromagnetic Attack triggered preinstalled malicious software on the Syrian radar.
• The famous case of the Stuxnet malware attack at an Iranian Facility in 2010 showed that sophisticated attacks might require the cooperation of highly qualified human resources from different technical fields. However, a hacker’s cooperation with a marine professional should not be seen as a distant scenario. Moreover, the Stuxnet case revealed a USB stick’s damage even to an isolated facility.
• In 2015, a cyber-attack caused a blackout for several hours in western Ukraine and part of Kyiv.
Maritime Cyber Security Regulations
The International Maritime Organization (IMO) presented the MSC.428 (98) as a reaction to cyber-crime. Its enforcement date was in 2021. To comply with the ship, managers should revise their strategies to address ship and company cyber-attacks. This means ships’ security plans and safety management systems need revisions (MSC.1/Circ.1526). The IMO is likewise working with the International Electrotechnical Commission (IEC) the IEC 63154 “Online protection General Requirements, Methods of Testing and Required Test Results.”
What is the Current Status in the Maritime Industry?
A 2021 paper revealed several technical and training cyber issues in merchant ships. Since then, several studies have shown vulnerabilities in ship navigation systems. As a result, it is clear that the ship’s networks and data are targets today.
Top ship threats are Malware Injection in a target system (i.e., a radar computer or an ECDIS computer connected to an AIS receiver). This can occur by exploiting removable media vulnerabilities or even supply chain attacks. Let us consider navy cases to get an idea of preinstalled malware threats. The USA Navy warships and CIA drone operations were reportedly implanted with microchips to enable hacking. In addition, it is believed that Trojan horses have already compromised the US Navy’s systems. This happened due to the service’s legacy use of “open” commercial systems.
Maritime Cyber Security Incidents
Current military operations allow us to think about cyber threats on ships. Modern ships have similar technologies, including ECDIS, AIS, ERP Software and VOIP communications. These devices, combined with weak procedures and lack of awareness, generate multiple cyber threats on ships.
Pelorus Maritime Education 