Walter Winchell, the notorious radio commentator of the 1930s and 1940s, used to start his gossipy broadcasts by saying, “Good evening Mr. and Mrs. America, from border to border and coast to coast and all the ships at sea. Let’s go to press.” Hearing this (in old movies… I’m not THAT old…), I used to wonder why he included the ships at sea in his spiel. Sailors must have been sitting by their radios on board their ships, listening to who was getting up to no good at The Stork Club in Manhattan.
Today, the ships at sea are wired for a lot more sophisticated communication, and that’s a problem. Modern ships are connected to the Internet, making them vulnerable to cyberattacks. This is not a hypothetical risk. We’ve seen ships crash due to GPS spoofing, a variety of alarmingly successful pen tests done on ships and suspicious maritime safety incidents that can best be explained by cyber mischief—even if no one is willing to say so in public. In response, cyber security vendors are coming forward with solutions.
Why Cyber Vulnerability Matters at Sea
Should we be concerned that ships are vulnerable to hackers? Aren’t they just like any other type of system that’s exposed to cyber risk? Yes and no. For one thing, their sheer size is an issue. A cargo ship weighing 100,000 tons crashing into another ship or a pier is a potentially lethal event. Then, there’s the money. Hundreds of millions worth of dollars of cargo could be at risk on a large freighter.
And, of course, there’s the risk of war. Attacks on shipping are a well-established casus belli.
Putting shipping in danger also puts national economies at risk. Israel, for example, imports 95% of the goods in its economy via the sea. The United States, along with virtually every other nation on earth, depends on safe, secure marine transportation for its economic viability. And, of course, there’s the risk of war. Attacks on shipping are a well-established casus belli. So, there is no such thing as an innocent cyberattack on a commercial sea-going vessel. The stakes are quite high.
Recognizing the Risks
Capt. Azriel Rahav, PhD served as a merchant marine officer for over 20 years before founding Totem Plus, which makes software for operating large ships. The 25-year-old company provides systems for navigation, collision avoidance, on-board systems automation, hull stress monitoring, closed-circuit television (CCTV) and more. Chances are, when you see a big container ship, there are Totem Plus systems running on its bridge.
“If the wrong person takes control over the computer, he or she can cause mayhem on the ship.”
“You can think of a ship as a collection of independent systems, though each is usually connected to some kind of control at the bridge,” Rahav explained. “There’s a system for running the engine, a system for navigation, for the radar and so forth.” As cyber threats began to become more serious, Rahav realized that shipboard systems are vulnerable to attack. “Each system is computer-controlled,” he said. “If the wrong person takes control over the computer, he or she can cause mayhem on the ship. We realized we needed to address this risk before it came knocking on our door.”
As an experienced maritime commander, Rahav knew that being prepared was the best defense in the age of cyberthreats. “We decided to find a partner with whom we could develop a comprehensive cyber protection solution for ships.” They turned to Naval Dome.
Cyber Defense for Ships at Sea
Naval Dome, which was founded by people with decades of experience as officers in the Israeli Navy and cyber defense organizations, offers solutions for maritime cyber security. With their backgrounds, the Naval Dome team recognized the cyber risks faced by commercial shipping companies. To prove their point, they devised a number of tests to demonstrate just how vulnerable commercial ships could be.
With the permission of ship operators, Naval Dome easily took control of critical systems on board target ships.
With the permission of ship operators, Naval Dome easily took control of critical systems on board target ships. They were able to distort the computerized charting software and create the dangerous illusion that the ship was further offshore than it actually was. They manipulated the software that ran the ship’s radar and made many nearby obstacles disappear from view. They attacked the ship’s pump, ballast and fuel systems, showing officers on the bridge false data on the condition of those systems.
The ship owners got the message. They were in serious danger. “In addition to revealing their vulnerabilities,” said Itai Sela, Naval Dome’s CEO, “we showed them how hackers could get access.” They pointed out the extensiveness of the average ship’s attack surface. “You’ve got communications from satellite connections,” Sela added. “You have system updates, or data presenting itself as such. You have maintenance people with access to on-board systems when you’re in port. You have insiders, perhaps—who really knows who’s on a crew at any given time?”
Working with Totem Plus, Navel Dome now offers a multi-layered cyber defense solution for mission-critical onboard systems. Their solution is able to block both internal and external threats to ship-board systems. Any access to systems must first pass through Naval Dome, which “signs” the communication in question. Anything that’s unsigned gets blocked. That way, for example, if a maintenance person tries to insert a USB stick into the engine control computer, it will be rejected.
Naval Dome monitors all maritime systems. It issues alerts on suspicious activities. Officers on board, as well as personnel on land, can see a ship’s cyber security status in real time. For commercial shipping companies, the Totem Plus-Naval Dome solution enables fleet-wide security and awareness. “You can see how 100 or more ships are doing, cyber wise, through one dashboard,” Sela explained.
The solution also provides real time anomaly detection. “We know what each system is supposed to be doing, the kind of data it’s supposed to generate when it’s doing its job,” Sela shared. “We will know right away if something’s not right. We notify the people on the ship as well as the ship’s owner, so they can take action. If they need to escalate, our solution provides context for the incident so they can remediate before disaster strikes.”