"A Maritime Disaster Waiting to Happen"
Since the founding in 2016, cyber defence company Naval Dome has won awards for its Endpoint cyber defense system and achieved the highest level of security certification from classification society DNV GL, helping to protect merchant ships, cruise ships and yachts from cyber-attack.
In 2019, Naval Dome optimized Endpoint with a “Dashboard” App, providing maritime users with a clear picture of the cyber status of all critical systems on board the ship, designed to allow users to quickly determine which systems are protected and those that are susceptible to unauthorized penetration.
The importance of securing a ship’s navigation, bridge and machinery systems from the nefarious activities of the cyber-criminal cannot be under played, especially in an age characterized by a rise in religious, environmental and political activism/terrorism.
If a commercial ship ceded control to outside forces, the ramifications far transcend damage to the ship and crew, and in fact global trade can be disrupted, economies affected, marine environments and eco-systems heavily polluted in addition to human casualties..
“The maritime industry is just not prepared for terrorists to use ships in the same way that they were able to infiltrate the civil aviation sector,” said Itai Sela, Naval Dome’s CEO. “As a $4 trillion industry responsible for transporting 80% of the world’s energy, commodities and goods, any activity that disrupts global trade will have far reaching consequences.”
There have already been well documented incidents where shipping companies have been hacked but it is less known that the navigational equipment aboard a fleet of 15 tankers has also been hacked.
“It is easy to understand why shipping is now in the cross-hair of the terrorist,” said Sela. “The easiest way for hackers to penetrate a ship is to attack systems at the ship manager or original equipment manufacturer’s head office. All a hacker has to do is infiltrate these systems and wait until some someone sends an infected email to someone onboard ship – the attack is delivered. It spreads. It’s autonomous.”
Once ship systems have been infected, it’s open season for the criminal/activist terrorist. Navigational systems can be controlled, resulting in the vessel being shown in a false position, or radar targets being hidden or corrupted, leaving the ship vulnerable to grounding, collision. In extreme cases, the whole integrated bridge system could be disabled, passing control of the ship to an external computer.
Machinery systems can be accessed. Valves remotely closed or opened to render the vessel motionless, cause pollution or to raise system pressures and temperatures to result, in the case of tankers or chemical carriers, in explosion.
It doesn’t end there.
Itai Sela, Naval Dome’s CEO. Photo: Naval Dome
Ship’s fire-fighting and safety systems can be attacked, as can the processing systems onboard rigs, platform, FPSOs, and drilling ships.
“Cruiseships are an especially attractive target,” suggests Sela. “We have already seen the global response to the Viking Sky’s engine failure, which resulted in complete loss of power and the ship drifting in harsh Norwegian seas. While I am not suggesting in anyway that this was a cyber event, imagine the consequences and the global response if it was.”
Naval Dome has demonstrated the maritime industry’s nightmare security scenario with a series of cyber penetration tests on systems in common use aboard tankers, containerships and cruise ships.
Test results revealed with startling simplicity the ease with which terrorists can access and over-ride ship critical systems.
With the permission and under the supervision of system manufacturers and owners, Naval Dome’s cyber engineering team hacked into live, in-operation systems used to control a ships’ navigation, radar, engines, pumps and machinery.
While the test ships and their systems were not in any danger, Naval Dome was able to shift the vessel’s reported position and mislead the radar display. Another attack resulted in machinery being disabled, signals to fuel and ballast pumps being over-ridden and steering gear controls manipulated.
Commenting on the first wave of penetration tests, on the ship’s Electronic Chart Display and Information System (ECDIS), Asaf Shefi, Naval Dome's CTO, the former Head of the Israeli Naval C4I and Cyber Defense Unit, says: "We designed the attack to alter the vessel’s position at a critical point during an intended voyage - during night-time passage through a narrow canal. During the attack, the system's display looked normal, but it was deceiving the Officer of the Watch. The actual situation was completely different to the one on screen.”
According to Shefi, the Naval Dome hack was able to alter draft/water depth details in line with the spurious position data displayed on screen.
In a second wave, the test ship’s radar was hit. While the radar is widely considered an impregnable, standalone system, Naval Dome's team used the local Ethernet Switch Interface - which connects the radar to the ECDIS, Bridge Alert System and Voyage Data Recorder – to hack the system.
“The impact of this controlled attack was quite frightening,” says Shefi. "We succeeded in eliminating radar targets, simply deleting them from the screen. At the same time, the system display showed that the radar was working perfectly, including detection thresholds, which were presented on the radar as perfectly normal.”
A third controlled attack was performed on the Machinery Control System (MCS), which was connected to the Voyage Data Recorder. In this case, Naval Dome's team chose to penetrate the system using an infected USB stick placed in an inlet/socket.
"Once we connected to the vessel's MCS, the virus file ran itself and started to change the functionality of auxiliary systems. The first target was the ballast system and the effects were startling. The display was presented as perfectly normal, while the valves and pumps were disrupted and stopped working. We could have misled all the auxiliary systems controlled by the MCS, including air-conditioning, generators, fuel systems and more.”
Shefi furthers that the virus infecting ship systems can also be unwittingly transferred by the system manufacturer.
“As manufacturers themselves can be targeted, when they take control of onboard computers to carry out diagnostics or perform software upgrades, they can inadvertently open the gate to a cyber-attack and infect other PC-based systems onboard the ship. Our solution prevents this from happening.”
One company that has been quick to respond to the threat is bridge systems supplier Totem Plus. Under an agreement inked in February, Naval Dome licensed the OEM to integrate its software with their hard drives across several hundred systems in the Totem Plus portfolio. The arrangement provides the highest level of cyber protection at the system build stage, prior to shipment to end-users. “The Totem Plus systems leave the factory fully cyber protected by Naval Dome,” said Sela.