Last year’s terrorist attacks and thwarted plots in the Suez Canal highlight the ever-present threat to the maritime industry from continuing deliberate assaults of all kinds. The attacks of Sept. 11, 2001, USS Cole just the year before, and the tanker Limburg the year after, ushered in a new era of concern for the world and specifically the global maritime industry. In recent years, we have been reminded that our ports, terminals, rig fields and vessels of all types are susceptible not only to deliberate attacks, but also to natural events, mishaps and accidents, and other unintentional acts.
Not much more than a decade ago, the words “maritime security” represented a new concept, especially for the commercial industry. Since then, the maritime community has responded with terrorism and piracy awareness campaigns, training for seafarers and new personnel responsible for onboard vessel, facility and company-wide security. Today, with the ever-expanding advances in technology, another spotlight needs to shine — this time on maritime cyber security (MCS). The maritime preface to cyber security stems from cyber characteristics unique to the maritime sector, especially transfer of data by radio frequency (RF) rather than hardlines (fiber or copper) or directed microwaves.
Arguably, the maritime sector’s evolving technologies and inter-connectivity has become a double-edged sword similar to other industries. Our increasing reliance on these systems and equipment makes us more vulnerable should they be lost or compromised. Being ahead of vulnerabilities affecting navigation, machine and engine control, cargo operations and communications is a challenge. Striving to protect all exposures to any type of event which might negatively impact such operations is paramount. A continuous process for MCS readiness should be employed by everyone involved. If a four-step scenario, the first step should be awareness.
Cyber security awareness in the maritime sector has been at a relatively low level, according to industry feedback, various white papers and academic reports. Understandably, awareness of cyber vulnerabilities has been lacking in the marine industry for many, as they go from day to day just trying to keep up with routine operations. But today, this has begun to change as both government and private industry segments are focusing in on some of the issues. For example, in April, the House passed legislation to preserve infrastructure for a Positioning, Navigation and Timing (PNT) system which could supplement GPS through powerful land-based signals. The Ship Owners Cooperative Program (SOCP) is releasing a new computer-based training (CBT) tool to promote MCS awareness funded through a grant from the U.S. Maritime Administration. The ISSA (Merchant Mariner Information Systems Security Awareness) CBT covers a wide range of topics from workplace computers to network security to strong password practices. Some shipping companies have recently been upgrading their cyber threat matrices and refining their programs. The University of Texas, under Assistant Professor Todd Humphreys, has demonstrated spoofing potentials which have been well-publicized.
The second step, identification and assessment, should be accomplished on a case-by-case basis for both vessel and facility surveys leading to full determination of known cyber vulnerabilities for each cyber system. The U.S. Coast Guard announced its 2014-2015 Proceedings issue will focus on cyber security and concurrently issued COMDTNOTE 5510 on “Cyber Security and the Marine Transportation System (MTS).” In a statement to all personnel in March, the Coast Guard said, “Captains of the Port (COTPs) should encourage vessel and facility operators to inventory their cyber systems, identify those that could potentially contribute to a Transportation Security Incident (TSI), and evaluate the degree to which such systems could be protected from attack, misuse, or failure.”
Vulnerabilities exist at all levels in all areas. Criminals have already learned how to compromise RF tracking systems of cars, containers and other cargo. Rigs and drillships exchange massive amounts of RF data with shoreside partners to conduct operations. State and non-state actors, including hacker organizations, have vowed to attack all forms of energy production worldwide. RF jamming has intensified globally. North Korea has proven the effectiveness of long-range jamming by its relentless attacks on South Korea in recent years. Iran and Iraq are also expert state jammers, among many others. The proliferation of RF jammers has been raising concerns worldwide and increasing the likelihood of serious maritime sector jamming incidents.
Vessel positioning and navigation operations depend on global navigation satellite systems (GNSS) such as GPS. Interference with weak GPS RF signals, whether through natural (i.e. solar) events, unintentional or intentional actions, will likely compromise electronic charting (ECDIS/ECS) systems, automatic identification systems (AIS) used for collision avoidance, as well as any GPS receivers and GPS compasses, unless a secondary positioning source is immediately available which is unaffected. For example, on April 1, the Russian GNSS GLONASS suffered an unprecedented total disruption of its entire system where positioning was valueless for almost 11 hours. Reports that it was an error by a GLONASS engineer are challenged by others questioning if it was the result of a cyber attack or a powerful solar flare that erupted at about the same time.
A thorough cyber assessment of navigation bridges may show that GPS signal loss, jamming or spoofing could result in some or all of the other navigational units being affected including gyrocompasses, steering systems, radar/ARPAs, echo sounders, DSC VHF radios, etc. Mitigations might include having manufacturers provide signal strength alarms on new GPS receivers, employment of inertial navigation systems, RF jamming detectors and alternate positioning systems like enhanced Loran (eLoran). The eLoran positioning system is already well-proven, highly jam-resistant, accurate as GPS and fills GNSS voids in areas like urban canyons, inside dense structures and tunnels, underground and underwater. A robust terrestrial system like eLoran is not susceptible to extreme space weather (ESW) like satellite systems.
Threat identification supports the third step: to train personnel while improving systems, equipment and processes toward industry resilience. As MCS vulnerabilities are identified and quietly shared throughout industry and law enforcement, combined threat awareness among the many stakeholders will mature. Consequently, enhancements for development of risk assessment, impact potentials and solutions should improve.
This third step could include compiling MCS response plans, conducting drills (including unannounced drills) and implementing new systems to help accomplish the mission or provide redundancy such as eLoran to complement GPS and other GNSS PNT systems (such as GLONASS, Galileo and Compass).
Finally, the fourth step is to ensure the MCS readiness process is properly functioning and continuously improving. This follow-up step is critical toward optimal preparedness. The industry must be ever vigilant and prepared as possible to deal with known and unknown maritime cyber threats.
————-
Capt. David B. Moskoff is a professor in the Marine Transportation Department at the U.S. Merchant Marine Academy. He is an expert on maritime cyber security. He holds a U.S. Coast Guard unlimited master license and has commanded steam and diesel ships. Moskoff is president of Maritech, a marine consulting and services firm. The views expressed are his own and do not reflect the views of any government entity.
