Terrorists and Criminals Can Remotely Hijack Ships and Insert Malware to Make “Zombie Attacks” on Ports
Fierce storms and lashing seas are no longer the greatest threats to maritime commerce. Today’s biggest threats are stealthy, invisible and almost impossible to detect.
They are called “cyber-attacks,” and they can be carried out with growing ease by astute terrorists and other adversaries who have the technical know-how to take remote control of—or interfere with the operations of—large ships, ports and oil rigs.
“Maritime cyber-attacks are no longer the stuff of science fiction. They are happening now, and the threats are growing,” says Professor Fred Roberts, director of CCICADA, a homeland security research group that is helping to lead a national effort to find solutions to this problem. “CCICADA is making this threat one of its top research priorities.”
CCICADA, a US Department of Homeland Security (DHS) University Center of Excellence, is currently working with maritime cyber-security experts around the world to research, analyze and find ways to thwart the growing threat of cyber-attacks on North American military and industrial targets.
This is an urgent task, particularly in the area of education and training, as many shippers, port operators and sea-based oil drillers have little knowledge of these threats or how to deal with them. The US Government Accountability Office underscored the seriousness of the threat in a report on Maritime Critical Infrastructure Protection, urging the DHS to take actions to better protect American sea ports from cyber-attacks.
In what is believed to the first event of its kind, CCICADA and the American Military University are joining forces March 2-3, 2015, to host the Maritime Cyber-security Learning Seminar and Symposium at Rutgers University.
Among the speakers will be Captain David B. Moskoff, a US Merchant Marine Academy professor who is a national expert on the subject. He is deeply concerned about the lack of awareness of this threat, particularly in the world of maritime commerce. The upcoming learning seminar and symposium is designed to start closing that awareness gap.
Moskoff notes that modern vessels—from supersize tankers and container ships to luxury cruise liners—are heavily dependent on complex computer systems and radio-based cyber communications. This makes them exceedingly vulnerable to such attacks.
“Our increasing reliance on these systems and equipment makes us more vulnerable should they be lost or compromised,” Moskoff said in a recent article on maritime cyber-security. “Being ahead of vulnerabilities affecting navigation, machine and engine control, cargo operations and communications is a challenge. Striving to protect all exposures to any type of event which might negatively impact such operations is paramount.”
At a July 2014 CCICADA seminar, Moskoff discussed in detail one particular threat—the denial-of-service attack—which uses jamming technology to interrupt Global Positioning Satellite (GPS) communications and capabilities. GPS technology is widely used in the maritime industry for commercial ship navigation, port operations and related activities. It is also used by the US Coast Guard to support its protection of the nation’s maritime borders. Capt. Moskoff says GPS jamming could close a major port for days, resulting in a billion dollars or more in economic losses.
In an August 2014 CCICADA teleconference and seminar, Canadian Naval Captain Peter Crain said the threat of cyber-attacks in the maritime industry is not only real, but could also have a severe impact on commerce and the economy. More than 90 percent of the world’s trade in goods is transported by ship, and in the US, shipping ports handle more than $1.3 trillion in cargo annually.
Real or potential maritime cyber-attacks have been well documented. Here are a few examples:
In a “zombie attack,” a Chinese manufacturer stands accused of implanting malware in inventory scanners to steal supply chain intelligence.
- Hackers recently shut down a floating oil rig by tilting it.
- University of Texas researchers used a custom-made device to spoof the GPS of an $80 million yacht, throwing it off course.
- Low-cost GPS jammers available on the Internet can wreak havoc with ship navigation systems and shut down ports.
- Hackers are targeting ERP software platforms that are at the heart of most shipping companies’ critical data and processes.
- Somali pirates now view navigational data online to help select their targets, prompting ships to turn off their navigational devices.
- Criminals hacked into the cargo handling system in the Port of Antwerp, located specific containers, made off with smuggled items, and deleted evidence of the container’s presence.
For modern ships there has been a developing dependence on the proliferation of sophisticated technology that is subject to cyber-attack through radio frequency (RF) interference whether intentional, unintentional or by natural causes. These technologies include:
- ECDIS (Electronic Chart Display and Information System)
- AIS (Automatic Identification System)
- Radar/ARPA (Radio Direction and Ranging) (Automatic Radar Plotting Aid)
- Compass (Gyro, Fluxgate, GPS and others)
- Steering (Computerized Automatic Steering System)
- VDR (Voyage Data Recorder –”Black Box”)
- GMDSS (Global Maritime Distress and Safety System)
The dramatic dependence on these computer-run systems increases the vulnerability of today’s massive ships. For instance, the Triple E Maersk, soon to be launched, will be the world’s largest container ship. It will be 400 meters long and have capacity to carry 18,000 containers. Yet, it is designed to run with a crew of 13 people.
“Without question, maritime cyber-security is one of the greatest ‘unknown’ challenges currently faced by the homeland security community,” says CCICADA Director Roberts. “We need to address this issue now to protect our ports, ships and maritime transportation system.”