A CRITICAL ANALYSIS OF SECURITY VULNERABILITIES AND
COUNTERMEASURES IN A SMART SHIP SYSTEM
Dennis Bothur, Guanglou Zheng, Craig Valli
Security Research Institute, School of Science, Edith Cowan University, Perth, Western Australia
d.bothur@ecu.edu.au, g.zheng@ecu.edu.au, c.valli@ecu.edu.au
Abstract
It is timely to raise cyber security awareness while attacks on maritime infrastructure have not yet gained
critical momentum. This paper analyses vulnerabilities in existing shipborne systems and a range of measures
to protect them. It discusses Information Technology network flaws, describes issues with Industrial Control
Systems, and lays out major weaknesses in the Automated Identification System, Electronic Chart Display
Information System and Very Small Aperture Terminals. The countermeasures relate to the concept of
“Defence-in-depth”, and describe procedural and technical solutions. The maritime sector is interconnected
and exposed to cyber threats. Internet satellite connections are feasible and omnipresent on vessels, offshore
platforms and even submarines. It enables services that are critical for safety and rescue operations, navigation
and communication in a physically remote environment. Remote control of processes and machinery brings
benefits for safety and efficiency and commercial pressure drives the development and adaptation of new
technologies. These advancements include sensor fusion, augmented reality and artificial intelligence and will
lead the way to the paradigm of “smart” shipping. Forecasts suggest unmanned, autonomous ships in
international waters by 2035. This paper is the starting point for future research, to help mapping out the risks
and protect the maritime community from cyber threats.
Keywords: maritime cyber security, smart shipping, autonomous shipping, vulnerabilities, and countermeasures
INTRODUCTION
Geographical isolation exposes mariners to a set of unique challenges such as navigating through rough weather
and evading pirate attacks. Technology on ships plays a significant role to help manoeuvring through those
conditions and it enables communication in situations of emergency and distress. Unfortunately, any type of
technology has the potential to be used for malicious purposes. Cyber security awareness and culture is new on
the agenda of the maritime community, but it must be taken seriously to avoid catastrophic consequences.
Universal satellite and data connectivity is one of the major advancements in seafaring, but this brings along a
myriad of new risks. For instance, many critical systems on board rely on the Global Navigation Satellite
System (GNSS) for safe navigation, communication, emergency response, and traffic control. However,
disrupted or manipulated Global Positioning System (GPS) signals can send ships off their course and cause
collisions, groundings, and environmental disasters. In 2016, multiple ships outbound from the United States
(U.S.) reported GPS interferences which prompted the US Coast Guard to issue “Safety Alert 01-16 – GNSS –
Trust, but Verify. Report Disruptions Immediately” (United States Coast Guard, 2016). In 2017, reports
emerged of more than 20 vessels which noticed spoofed GPS signals that placed them about 25 nautical miles
inland (Hambling, 2017). The source of the attack was attributed to tests performed by a nation-state.
Adversaries are “testing the waters” but they already have the knowledge, tools, and motivation to launch
attacks with potentially devastating outcomes. It is very alarming when we consider that this applies to naval
vessels carrying advanced weaponry as well as the commercial shipping sector, which is part of the critical
infrastructure and accounts for more than 90% of cargo transported globally (National Institute of Standards and
Technology, 2017).
A host of weak spots in ship- and shore-based cyber systems has already been exposed by research conducted in
the field. Unawareness or ignorance of these flaws leads many organisations to taking shortcuts in regard to
applying and policing appropriate security measures. Additionally, rapid cycles of product development,
implementation, maintenance, and decommissioning are overwhelming for the majority of maritime
stakeholders.
The following section outlines critical vulnerabilities in common IT systems and Industrial Control Systems
(ICS) on board. It explains the risks related to the heavy reliance on navigation and communication systems
such as the Electronic Chart Display Information System (ECDIS), the Automated Identification System (AIS),
and Very Small Aperture Terminals (VSATs). The section Countermeasures lays out current procedural and
technological strategies to protect maritime infrastructure from malicious attacks and it describes the concept of
Defence in Depth.
Proceedings of the 15th Australian Information Security Management Conference
