Not quite...
Not quite IoT but still 5h17 :-(
Years-old security issues mostly stamped out in enterprise technology remain in maritime environments, leaving ships vulnerable to hacking, tracking, and worse. A demo at the Infosecurity Europe conference in London by Ken Munro and Iian Lewis of Pen Test Partners (PTP) demonstrated multiple methods to interrupt and disrupt …
...and PTP will be there to break them !`
I was at a conference the other week where PTP were presenting, and their guy broke out the Svakom Siime Eye as the last victim of the talk.
I just watched a show which was looking at the world's biggest container freight ship and part of it's maiden voyage was through the Suez Canal. It had only a couple of feet to spare across the canal width. Imagine tampering with a ship like that as it's going through the canal - the canal would have damage and would have to be closed.
It's quite hard to do damage in a situation like this by just changing the vessels direction. The only way I could see to close the canal for more than a very short period of time would be to scuttle it in a way it was hard to refloat and that's quite hard. You would have to rip out a large section and as the Suez canal isn't hard lined, well it wasn't the last tome I went through it. You really need to look at taking out the locks on something to create long term damage. So if you see a vessel called HMS Campbeltown that's the time to worry!
I think the example with modifying rudder commands is a cheap shot. Modifying rudder commands sent over the NMEA0183 network is not really a problem in itself. These networks are intended to be physically secure, just like any old analog control cable for your rudder or engine would be.
Sure, if someone modifies a signal on a control cable (or pours water in your diesel tank or throws a wrench in your cooling pump), that will have consequences. But these low-level control networks were never intended to be more than a "sophisticated control cable". And that's what they are - so they use plain text commands and that is not a problem.
If you plug your NMEA network onto the internet, you are in as much trouble as if you gave direct public access to any other older control cable. But this is not a problem with the NMEA technology in itself. Just like most other control connections, it was not intended to be internet connected.
And that's of course the problem; putting insecure devices on two separate networks that were never intended to be near one another; the public internet *and* your NMEA network.
The crew has to do something during the months it takes to between China and Europe and back again.
I would be amazed if they didn't have lots of video games on board. And I guess they would plug into the ship's network to gain internet access and play multi-user games.
And so I wouldn't be surprised to find that you could connect over a gaming link to a ship on the high seas, and from there into the rest of the network. I don't suppose the Filipino crew and officers have ever had any maritime IT Security training....
From a relative of mine who works offshore, yes, they often have consoles set up for gaming. There's also often a thriving film/tv piracy scene going on, where crew members swap videos back and forth to keep themselves occupied.
As for internet access, it depends. Usually these days they get enough for text based communications, and the odd picture. Some of the really fancy new boats have enough bandwidth to do VoIP (with a huge and almost unusable latency). For online gaming though you're pretty much limited to play-by-email.
I assume ships in places like the Channel can probably pick up on-shore mobile networks and get 3/4G coverage though.
Yep. Sounds like a godsend for Somali pirates. Why chase down a ship in a tiny speedboat with people spraying water (and sometimes bullets) when you can take over steering control and sail the ship onto your nearest beach.
That's never going happen right? Its got CRC protection. Ha ha. Might as well have used ROT13.
The only part of this I find amazing/surprising/whatever (Not quite sure what the right word for "is a thing, but really is in no way surprising because the world is chronically depressing in this manner" is.) is how often researchers "discover" things that have already been reported dozens of times in the past. Is doing a Google search not a part of the research procedure?
Also somewhat disappointed in the IoT buzzword usage, as if routers (from long before IoT) did not commonly have the same problem (and still do!) and if not nearly every PC before then also had the same problem (have you looked at the sticky note on the monitor or under the keyboard) ... up to the point when computers had any form of security at all. Nothing new under the sun.
Heck, I would not be surprised to find some ships today still relying on a C=64 for some reason.
I'm currently in this industry, can confirm cybersec is a complete joke. Half the owners don't even know what they have on the vessel that's connected. I've seen automatic software updates (that were enabled) completely brick a device that left the ship stuck in Port for 2 weeks (costing a small fortune to do so and in lost revenue). That these ships aren't being pwnd and crashed into harbours on a daily basis still amazes me and it's probably one of the reasons they are not doing much about it yet....