ISRAELI cyber security company Naval Dome says its hacked - with owner's permission - into live,
operational systems used to control ship's navigation, radar, engines, pumps
and machinery.
With the permission and under the
supervision of system manufacturers, Naval Dome's cyber engineering team hacked
into computer systems owners are legally obliged to use to control their ships.
Naval Dome software engineers say
they were able to shift the vessel's reported position and mislead the radar
display.
Another "attack" resulted
in machinery being disabled, signals to fuel and ballast pumps being
over-ridden and steering gear controls manipulated.
"We succeeded in penetrating
the system simply by sending an email to the captain's computer," said Naval
Dome chief technical officer Asaf Shefi.
"We designed the attack to
alter the vessel's position at a critical point during an intended voyage -
during night-time passage through a narrow canal," said Mr Shefi, former
head of the Israeli Naval C4I and cyber defence unit.
"During the attack, the
system's display looked normal, but it deceived the officer of the watch. The
actual situation was completely different to the one on screen.
If the vessel had been operational,
it would have almost certainly run aground," he said.
The Naval Dome hack was able to
alter water depth in line with the false position data displayed on screen.
"The vessel's crucial
parameters - position, heading, depth and speed - were manipulated in a way
that the navigation picture made sense and did not arouse suspicion," he
said.
"This type of attack can easily
penetrate the antivirus and firewalls typically used in the maritime
sector," Mr Shefi said.
"The captain's computer is regularly
connected to the internet through a satellite link, which is used for chart
updates and for general logistic updates. "
The attacking computer file was
transferred to the electronic chart display and information system (ECDIS) in the
first chart update.
The attacking file then identified
the disk-on-key use for update and installed itself. So once the officer had
updated the ECDIS, the attack file immediately installed itself on to his
system."
In a second attack, the test ship's
radar was hit. While the radar is widely considered an impregnable, standalone
system, Naval Dome's team used the local Ethernet Switch Interface - which
connects the radar to the ECDIS, Bridge Alert System and Voyage Data Recorder -
to hack the system.
"The impact of this controlled
attack was quite frightening," said Mr Shefi. "We succeeded in
eliminating radar targets, simply deleting them from the screen. At the same
time, the system display showed that the radar was working perfectly, including
detection thresholds, which were presented on the radar as perfectly
normal."
A third controlled attack was
performed on the machinery control system (MCS). In this case, Naval Dome's
team chose to penetrate the system using an infected USB stick placed in an
inlet/socket.
"Once we connected to the
vessel's MCS, the virus file ran itself and started to change the functionality
of auxiliary systems. The first target was the ballast system and the effects
were startling. The display was presented as perfectly normal, while the valves
and pumps were disrupted and stopped working. We could have misled all the
auxiliary systems controlled by the MCS, including air-conditioning,
generators, fuel systems and more."
Said Naval Dome CEO Itai Sela
warned that the virus infecting ship systems can also be unwittingly
transferred by the system manufacturer.
Said Naval Dome CEO Itai Sela:
"Manufacturers themselves can be targeted, when they take control of
onboard computers to carry out diagnostics or perform software upgrades, they
can inadvertently open the gate to a cyber attack and infect other PC-based
systems onboard the ship. Our solution can prevent this from happening."
Source : HKSG.
Tidak ada komentar:
Posting Komentar