13 February 2015 14:14

Forget pirates in gunboats, criminals armed only with a laptop and an internet connection are predicted to become a serious threat to navies and the global shipping industry – a new report has revealed.

As maritime logistics becomes increasingly reliant on information and technology sea-faring vessels, and associated infrastructure such as ports, are more vulnerable to malicious cyber-attacks.

Software obsolescence, increased automation of ship control systems, cloud computing, and the deception and bribery of key staff and crew through social media are just some of the emerging potential weaknesses that online criminals and agents could exploit.

The ‘Cyber Operations in the Maritime Environment’ report by academics at Lancaster University’s Security Lancaster – an Academic Centre of Excellence in Cyber Security Research – highlights that this heightened vulnerability will require navies and shipping companies to adopt new defensive measures to mitigate against cyber-attacks.

“In years gone by only those who had the capacity to build expensive ocean-going vessels had the ability to secure sea lanes and exploit the maritime landscape for profit,” says Oliver Fitton of Security Lancaster and one of the report’s authors. “For the first time in maritime history the positive correlation between capital spent and power is undermined, cyber-attacks are low-cost alternatives to physical attacks, which have the ability to cripple maritime operations.

“The whole maritime industry must reassess its spending on long-term platforms (ships and other vessels).

“Ship builders especially must consider whether it is right to spend billions of pounds on platforms, and physical defensive systems, when they have the potential to be nullified by a single well-informed individual, thousands of miles away, with an internet connection and a few browser tabs open.

“Money may be better spent in cyber offence and defence. Another question that should be asked at the dawn of the age of cyber weaponry is – will you always need to be at sea to secure and exercise command in it?”

The report highlights how the ending of support for software such as Microsoft’s XP operating system – a user-friendly and robust system that could be adapted to a wide range of uses at sea – after 13 years means there will be no further official security updates. However, ships using the software are designed with much longer lifespans.

Due to short software lifespans like these, the report recommends that navies will have to ‘fundamentally rethink’ how they use technology on the commissioning of expensive vessels such as the Royal Navy’s new aircraft carriers that are currently under construction.

“It is impossible to imagine that these ships will maintain their effectiveness in 50 years’ time if they continue to use their inaugural computer systems,” says Mr Fitton. “Software will continue to have a dramatically shorter lifespan than hardware (ships). In the maritime environment hardware will continue to be designed and built to last for decades. Whereas software will only last until a vulnerability is developed to attack it, until the vendor (software company) decides not to support it or until the vendor goes out of business.”

The report says the trend towards increased automation of shipping operating systems –enabling smaller crews, which reduces costs – also presents opportunities for malicious attackers.

“As the trend for greater automation continues new vectors of attack will be created,” says Mr Fitton. “The trend to integrate technology makes sense when efficiency and economy are under consideration but not necessarily when security threats are taken into account.”

The report predicts that off-the-shelf standard technology will become widespread – making it easily obtainable by criminals and leading to increased opportunities for attacks. Subcontractors maintaining these software systems could also be a potential threat vector.

As sea-faring vessels will be increasingly connected to the internet, another key vulnerability will be people on-board being targeted through their social media accounts and criminals or agents using methods such as social engineering, deception, identity theft, bribery and blackmail.

Mr Fitton said: “Friend and contact lists allow attackers to build up a picture of acquaintances, colleagues, friends and family members for use against the target maybe in the form of an identity theft attack or in the form of blackmail – which is especially effective when an individual is thousands of miles away from his or her loved ones. Each connection in a social network is a potential vector for social attack.

“For many years crews were isolated from the rest of the world while at sea but technology is changing that. Already US naval ships have their own Wi-Fi networks and private firms are attracting the best crew they can by offering comprehensive connectivity to employees.

“This means that new individuals who were once unreachable are now targets for remote attackers.”

The report stresses the need for policies and procedures to be put in place to reduce the risk of employees coming under attack.

The ‘Cyber Operations in the Maritime Environment’ report was produced in response to an identification of a lack of understanding of the cyber threat within British Maritime Doctrine – the National Strategy for Maritime Security and commercial maritime operators. It was written by Mr Oliver Fitton, Dr Basil Germond, Dr Mark Lacey and Dr Daniel Prince.

More information about Security Lancaster is available by visiting http://www.security-centre.lancs.ac.uk/