Read Seaways online at http://www.nautinst.org/seaways May 2019 | Seaways | AIS is a vital part of today’s maritime world – and threats to it should be taken seriously
Electronic warfare
in the digital age
Dr Christopher Lavers
I
n 2017 more than 50 cyber-security incidents were detected
in the Norwegian oil and gas sector alone. Perhaps the most
familiar mode of attack involves GPS spoofing. In 2013 a team
led by Professor Todd Humphreys of the University of Texas in
Austin, USA, spoofed GPS equipment on a $80 million yacht, moving
the recorded position several hundred metres without ship systems
detecting the change. In February 2017 hackers allegedly took control
of navigation systems on a German-owned 8,250 ton container vessel
for 10 hours as it sailed from Cyprus to Djibouti. Jamming of GNSS/
GPS directly affects navigation-related systems such as ECDIS, AIS,
autopilot and VTS. However, subtle tampering with AIS and other
systems may be more effective as a method of attack, as maritime users
may not even know they are being manipulated.Availability – expectations and reality
Since the mid-2000s companies have detected AIS transmissions with
satellite-based receivers (S-AIS). Using satellites solves the VHF limited
range problem, as a ship’s identity is recorded and decoded by satellite
and sent to more distant ground stations for processing and distribution
beyond line of sight. This method significantly increases the number of
potential vessels coming within a satellite’s footprint.
As part of Plymouth University’s ongoing assessment of the maritime
sensors market, maritime professionals in Qatar were asked to assess
the importance of AIS capabilities to their organisation’s operations.
AIS was considered either important or very important by 89% of
respondents; the remaining 11% considered it ‘somewhat important’
[see Figure 1]. This is especially relevant when considering how AIS
data provision affects data frequency expectations.Government users of AIS have expressed a belief that they can
reasonably expect near-real-time space-based SAR updates every few
seconds! SAR providers, however, produce updates to more modest
time-frames.
The same survey produced some responses concerning ‘persistency’,
defined as ‘the ability to provide continuous maritime and littoral
surveillance of any chosen area’. Comments underlined both the
sheer scale of AIS data being generated and the need for algorithms
to handle it. For example: ‘A valid problem of persisting without AIS
algorithms... [is that this] would provide too much data for us to
meaningfully interpret.’ A common criticism was ‘We do not have the
capacity to process data faster than weekly, except in crisis conditions
following a piracy incident’. Such comments raise the prospect of
hostile actors attacking AIS by altering or stopping the AIS algorithm
function, making meaningful interpretation impossible, or by
overwhelming the system with excessive quantities of data.AIS exposed vulnerabilities and attacks
AIS was made mandatory in 2002 for all newbuild ships of more than
300gt and all passenger ships regardless of size. Future installations,
including those on leisure vessels and other applications, are expected
to exceed a million. The scope for a potential attack is huge.
AIS can be exploited by various subversive players, because
earlier AIS protocols were designed with almost no obvious security
considerations.
There are two main routes of attack:
O Protocol-specific attacks [RF] or ‘messing with in-built commands’.
These attack the system through flaws in the AIS protocol, as
transponders use instructions sent through VHF gateways.
O Software-specific attacks [SW] – or ‘messing with the data’. These
‘implementation threats’ exploit vulnerabilities in the AIS internet
provider systems, attacking the collection and visualisation of
vessel information. This is highly relevant because data is routinely
collected via mobile phone apps, software and formatted emails.
Attacks may take a variety of forms, as set out below.Ship spoofing [SW/RF]
Threats include spoofing online providers to ships or aids to navigation
(AtoN). False routes are programmed that force ships to follow
incorrect tracks. Attacks of this kind may deceive target vessels up to
20km away.
AIS hijack [SW/RF]
A route gateway can be hijacked, making the vessel appear to be
somewhere other than in its true location. In 2013, researchers
Balduzzi and Wilhoit ‘moved’ the Eleanor Gordon from the Mississippi
River in southern Missouri to a lake in Dallas. MMSI numbers can
inadvertently be entered incorrectly and algorithms can be used to
distinguish between two vessels broadcasting with the same identity,
but wireless hijackers can also hack cargo, speed and location data.11%0% 0%42%47%Qatar: How important are AIS
capabilities
123 45Feature: Electronic warfare in the digital age