back to article Leaky security could scuttle global ship-tracking system

Security researchers have found a major flaw in the Automatic Identification System (AIS), a mandatory tracking system for ships, which could leave the 400,000 vessels currently using it globally wide open to terrorists or pirates. Trend Micro’s Kyle Wilhoit and Marco Balduzzi and independent researcher Alessandro Pasta …


This topic is closed for new posts.
  1. tony2heads

    Sounds just like false lights frome wreckers

    Now this is real e-piracy, not some petty copyright infringement

  2. frank ly

    GPS spoofing

    If you wanted to cause a ship to alter course, wouldn't it be easier to spoof local GPS signals? This would have to be done slowly and carefully in a sneaky way, which is quite possible.

    I wonder when the AIS system was designed and its methods and protocols decided on. If it was some years ago, then the 'modern' security concerns of terrorism and piracy would have been hardly considered if at all.

    I also wonder if the mandatory AIS system has IP that is owned and licensed by a cosy cartel that keeps on milking its cash cow and has no interest in spending money to make it better. After all, why did it need Trend Micro to figure all this out and do experiments and investigations.

    1. SkippyBing

      Re: GPS spoofing

      'If you wanted to cause a ship to alter course, wouldn't it be easier to spoof local GPS signals?'

      Depends on what your goal was. If you want to create an alteration of course in a limited geographic area it's probably a better bet to inject a ghost ship into AIS as the ship's reaction is fairly predictable, it'll turn right*. GPS would work if you wanted it to end up somewhere different at the end of its voyage, i.e. it'd be quite noticeable if you made such a large shift that it made a 10 degree alteration of course within a few miles. Depending on your target vessel of course, you'de have to have fairly unobservant crew to not notice a tanker avoiding a non-existent ship.

      *Slightly simplified but this is the general solution for all give way vessels in the international regulations for avoiding collision at sea. Give way vessels are the ones that have to give way to the stand on vessel and to make things easy, if you can see the other boats red navigation lights you're the give way vessel.

    2. sniperpaddy

      Re: GPS spoofing

      GPS spoofing of marine vessels was demonstrated last year.

  3. Destroy All Monsters Silver badge

    Ships full of Terrists! Pirates! Podophiples!!

    ...and last but not least the "Iranian ships with nukes" ... an Israeli Propaganda Pump Production if there ever was one.

    I would say selectively dropping "under the Radar" would arrange "Western" governments quite nicely. Unless they ship their arms by way of planes (like recently the late Ghadaffi's weaponry to Syria's Al Qaeda franchise).

    1. James Micallef Silver badge

      Re: Ships full of Terrists! Pirates! Podophiples!!

      I'm sure they could spoof a ship with Iranian registration, but where the hell does the "with nukes" come form? Does the ship-tracking system publish ship's manifests as well?

      1. Anonymous Coward
        Anonymous Coward

        Re: Ships full of Terrists! Pirates! Podophiples!!

        I believe a rough description of the cargo (including any dangerous items) is listed so that emergency services know how to respond to the ship if it is in trouble.

        a ship sinking with a cargo of wood needs a completely different response to a ship sinking full of oil etc etc

        1. Anonymous Coward
          Anonymous Coward

          Re: Ships full of Terrists! Pirates! Podophiples!!

          No sir, they both just require a match (well, you'd probably have more luck with a Very pistol)

        2. Don Jefe

          Re: Ships full of Terrists! Pirates! Podophiples!!

          Improved emergency responses are part of the idea behind transmitting the cargo data, but the entire concept was fatally flawed from day 1.

          Publicized cargo manifests are so (in)famously inaccurate that they are generally regarded as fiction. On any given cargo vessel from any country there is a near certainty that things and/or people are on the ship that aren't supposed to be. Nobody in the industry takes those things seriously and any concerns about accuracy fall of in direct proportion to the size of the destination port.

          As far as open water assistance goes, it isn't like calling the police to a known address. 'Official' first responders on the surface can take days to reach a vessel in distress. They'll fly over and wave, and tell you how fucked you are, but timely, organized responses can't be counted on. At sea you depend on a lot of serendipity and the goodwill of anyone nearby. When responding to distress calls you assist anyone and everyone regardless of what's on their ship. By the time official people arrive everything will be known about the cargo already.

          Regardless, as everyone knows the manifests are bullshit anyway, any boarding is done with a worst case scenario mentality. The entire idea of 'well informed' first responders on the open sea was dumb from the get go.

  4. Yet Another Commentard

    "The Afghan"

    by Frederick Forsyth has a low-tech version of this as its central premise.

  5. This post has been deleted by its author

  6. Dodgy Geezer Silver badge

    The Security Service ran out of reasons to exist in the 1990s, when the Russian Cold War threat vanished.

    Since then they have been making up threats to justify their existence. One of the subjects they made a big song and dance about (and got a big budget from the Treasury for) was 'Responsibility for securing the Critical Infrastructure' of this country.

    This country has been a maritime nation for all of its history. We are the headquarters of the International Maritime Organisation, which is the body that requires AIS. In fact, the IMO is about half a mile up the Thames from the Security Service headquarters. Maritime security IS part of the Critical Infrastructure of our country.

    I wonder whether Security Service should have been doing their job and ensuring that security was considered in any of the big international infrastructure projects we run... but perhaps that's just naive

    1. Stretch

      They exist to provide a handy embezzlement mechanism, hence all the billions sent to them to be spent with no accountability. Very useful indeed for siphoning public money off into your bank accounts.

      Hmm maybe this should have been anonymous....

  7. Anonymous Dutch Coward

    Invented before the internet

    So AIS was "invented before the internet" and therefore its architecture does not have security in mind. Could be plausible, except... when exactly was GPS invented then? Before or after the internet?

    I'm a bit suspicious here.

    1. streaky

      Re: Invented before the internet

      AIS was never intended to be secure as far as I'm aware - GPS is also open to spoofing too frankly. There's no entry requirements to messing around with either but for the ability to transmit radio. Okay GPS is slightly tougher to hurt the military aspect and anything you do without massive power is going to be fairly local but still..

  8. Anonymous Coward
    Anonymous Coward

    An "intresting" use case for AIS message spoofing would be for a smuggler or other person wanting to avoid the coast guard would be to fake an emergency message or three inside the same station area they are passing through, and when the coast guard or similar body investigates the messages just go on through with a sailboat or similar.

    1. Alfred

      Given that it has been possible to spoof Mayday messages easily by use of a radio for decades, this has been possible already for decades.

  9. Alfred

    More scare story nonsense

    AIS was knocked together a bit over a decade ago (well into the internet age) with the intentions of collision avoidance and, secondarily, sending of meta-data about the ship. It's not meant to be used for secure communications. It's meant to be used to save lives (and ships).

    Sure, we could encrypt everyone's outgoing messages. Except how would that help anyone? If I can't decrypt it, I don't know where they are so how can I avoid running into them? The only way it can work is to broadcast a ship's position, course and speed in the clear. I suppose I could have some kind of big database of known vessels that I trust, but that's insane; if I get a signal from an unknown ship that we're about to collide, I'm going to take action. The fact that I don't have them on my list of trusted ships becomes irrelevant.

    AIS is simply not meant to be a secure communications system. It works by everyone being able to tell everyone else within VHF range their position, course and speed. The cost of making it universally readable is that someone can spoof it (although when I look out the window and see that actually there isn't a ship out there to collide with, I think I might guess it was a bad signal, so it's really not an issue).

    1. Don Jefe
      Thumb Up

      Re: More scare story nonsense

      You are absolutely correct. AIS is a 'convenience' technology meant to make a few things easier but it is not, nor has it ever been, a primary or secure system.

      Even the dodgiest Indonesian Captain still relies on charts, compasses and radio transmissions for every aspect of vessel operation. This is a bunch of scare mongering garbage and the people who came up with all these scary scenarios are certainly the same idiots that blindly follow their satnav directions over a cliff or onto a runway. Bad ship operators wouldn't fall for a spoofed signal, much less high caliber crews.

  10. bwalzer

    We have already had this pointless discussion...

    We have already had to listen to this kind of nonsense with respect to the ADS-B system as used for aviation. So I suppose that we will have to endure this every time some "security researcher" becomes aware of a new broadcast position reporting system.

    Such systems are inherently susceptible to spoofing due to the nature of what they do. The researchers tend to suggest that a secure system is possible without actually proposing anything. The implication here is that every sailboat in the world could be registered in some system and that the credentials for such a system could somehow be kept secure in hardware that the owner has access to. That is obvious nonsense. The users of such systems are aware of their shortcomings and do not allow information derived from such systems to force them to do dangerous things. That is in the same way that they are expected to be able to withstand incorrect information from any navigation aid.

    The stuff about making an Iranian "nuclear boat" appear somewhere is particuarly dumb. Plot elements from terrible action adventure movies should not appear in security reports.

    Next the security researchers will be publicly appalled at how easy it is to spoof navigation lights. It only requires access to coloured flashlights! ... and marine radios... anyone can buy a marine radio and generate all the false distress calls and position reports that they want! This is obviously because lights and radios were invented before there was an internet ... or something...

    1. Anonymous Coward
      Anonymous Coward

      Re: We have already had this pointless discussion...

      Have to agree with everything you said there, looks like the security research business is the next big trough for marketers and other bottom feeders to stick their snouts in.

      (sorry about the mixed metaphors)

  11. Mike Banahan

    Yep, it's mostly bollocks

    For those who don't know - AIS basically broadcasts in plain text a vessel's position, heading, speed, ID and a couple of other ancillary bits of stuff. You typically view it on a chart plotter when navigating busy traffic lanes so that the collision-avoidance software can put flashing red circles on the chart to warn you where your collision risks are. Of course you can capture the information and use it for other stuff if you really want to. It goes out at low power on VHF radio.

    It was EXTREMELY useful the last time I sailed over to the Channel Isles in a small yacht because the kit is cheap and simple to install and when you are on a 35' long vessel that may not be easily visible from the bridge of the supertanker 10 miles away, it adds an extra layer of safety. We could plainly see the vessels on collision course with us altering course a degree or two to avoid us (as we were under sail, not power). I have a man-overboard AIS transmitter sewn into my lifejacket just in case it's needed - very helpful to lifeboat crew and the search and rescue people in an emergency.

    Once when the skipper ran us aground in the Thames Estuary an incoming bulk carrier saw that we were located not moving over a sandbar and called the coastguard (embarrassingly, I must say) on our behalf. Te be fair it was blowing a gale and the sea was rough, if we hadn't got off quickly the boat could easily have broken up, the coastguard were quite a lot more concerned than we were, as we'd actually got 30m off the sandbar but chucked the anchor over to stop us getting aground again until the tide had risen a metre or so.

    Yes, any muppet could fake those signals, though it's hard to see what they would gain from it apart having a bit of a laugh with the coastguard - or maybe to confuse those on the bridge of vessels receiving the information. But you augment what you can see on AIS with the mk 1 eyeball and binoculars, you don't RELY on it, unlike GPS.

    AIS is a cheap and easy aid to safety, as I see it. Not a lot more. Oh, and very, very handy in fog when you need all the help you can get.

  12. phantomchaser

    Nothing to see here...

    Totally agree with the previous comments.. more nonsense by security researchers who clearly don't understand the intended application of the technology they are "investigating".

    As for the mention of "".. anybody who has had even a cursory look at the site (of which I'm a frequent user) will see the rather prominent warning:

    "Vessel positions may be up to one hour old or incomplete. Data is provided for informational reasons only and is not related by any means to the safety of navigation."

    In other words.. it's here for fun, don't rely on it, and if you do.. tough! are effectively "crowd sourcing" their data from enthusiasts with AIS receivers at their properties and an internet connection.

    The only thing these "security researchers" have done is come up with a more complex way to achieve something that could be much more easily done by other methods (such as simply buying an AIS transceiver and feeding it the desired GPS/NMEA data to "spoof" your phantom ship.. wow.. how high-tech!!).

    Clearly some security researcher was running short of CEH points for their recertification!! Groan....

  13. Graham Marsden

    Prior art...

    ... see Superman III for details.

    (Actually, don't, it's a pretty crap film!)

  14. Anonymous Coward
    Anonymous Coward

    Ever heard of multilateration?

    Same spoof technique is also possible for ADS-B. So what?

    It is easy to detect and locate the spoofer... Any decent VTS should be capable of doing so. Go ahead, make their day..

This topic is closed for new posts.

Other stories you might like