Hack A Vessel: Warnings Over Serious Flaws In Shipping Industry Comms

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Shocking vulnerabilities in shipping communications protocols could be targeted by pirates and terrorists, researchers warn

Researchers have warned of gaping security holes in one of the shipping industry’s communications standards that leave them in danger of hacks from pirates or terrorists.

The vulnerabilities, discovered by Trend Micro researchers Kyle Wilhoit and Dr. Marco Balduzzi, working with independent researcher Alessandro Pasta, were resident in the Automatic Identification System (AIS), a vessel tracking system used by all commercial ships weighing over 300 metric tons.

Shipping - © Shutterstock - EvrenKalinbacak

Shipping hacks

A first set of flaws were found at the AIS Internet providers that collect AIS data and distribute them publicly. Attackers could intercept the data and manipulate it to change the apparent position, course, speed and name of the ship, amongst other details.

They could even create fake vessels, buoys, lighthouses and marine aircraft such as search and rescue helicopters.

There were also flaws in the AIS protocol itself, which was “designed with seemingly zero security considerations”, according to Trend. These could allow an attacker to impersonate a marine authority and permanently disable the AIS system.

“This can also be tagged to a geographical area e.g. as soon as ship enters Somalia sea space it vanishes of AIS, but the pirates who carried out the attack can still see it,” Trend Micro said in a blog post.

Amongst the specific vulnerabilities in AIS were lack of authentication and zero validation to check where a message came from. Everything was sent in unencrypted and unsigned form, meaning intercepting and tampering were effortless.

It would be cheap for the attacker too. “While all the attacks we described above were carried out in our dedicated test lab setup – where we used specific software defined radio equipment – we have also proven that an attacker is able to carry out such attacks using a modified standard, easy to obtain VHF radio which costs approximately €150,” Trend added.

The company disclosed its findings to all the relevant parties, but said it would be difficult to fix the deep-seated problems with AIS. It would need to be updated across all vessels, whatever the cost, Trend added.

Earlier this year, Claudio Guarnieri, a researcher at Rapid7,  showed TechWeekEurope how he was able to track naval vessels using very similar techniques. After just four hours of work, he was able to .track 34,000 boats, many belonging to law enforcement and national governments, thanks to flaws in communications between ships.

What do you know about Internet security? Find out with our quiz!