DATA BREACHES

Data Security: Why ocean vessels are vulnerable to attack

TeamRed
Jul 13, 2018
5 min read

It is relatively simple to breach an ocean liner’s data security, thanks to vulnerabilities found within their networks.

21 years ago, the idea that a large ocean vessel could be taken over by hackers was only possible within the script of an action movie. A movie like Speed 2: Cruise Control comes to mind.

Thanks to the advancements in modern technology, there are very few things that are still left in the realm of fiction.

Ship vulnerabilities were brought to light last year, when security consultants flagged that the move from isolated networks to always-on models opened vessels up to a myriad of security problems. Ships are, in essence, becoming giant IoT devices using software and hardware that are hopelessly outdated.

Key factors include:

  • Old firmware that hasn’t been updated
  • Administrator usernames and passwords that weren’t changed from default settings

A security researcher, Ken Munro, was able to quickly break into a ship’s network and find its exact location and the direction it was headed in. He was also able to get the full name of a crewman that was online at the time and was able to use that to find his Facebook profile. All this while enumerating network configuration details for other possible attack vectors.

It’s so simple, in fact, that it was possible to replicate the same hack even today: 

Data security is important for ocean liners, but it's easy to breach.

An online ship tracker tool exists today that allows interested parties to view live locations of ships enabling vessel owners and charterers to track their ships in a convenient way. However, this also means a malicious actor could utilize this same technology in unison with the above data in order to enumerate a vessel.  We’ve taken a screenshot to show what that looks like.

Live ship locations around the world.

Malicious actors have already tried their hand at testing ship vulnerabilities – including one incident that saw a ship’s navigation system taken over for 10 hours.

This highlights a common problem prevalent in all devices and services that are constantly connected to the internet. Security is often an afterthought, and at times network device manufacturers put little thought behind updating their firmware, because it can be too expensive. This isn’t an issue limited to the devices that power ships, it’s also something that affects devices like webcams.

TeamRed