Menu
Vessel-tracking system vulnerable to denial-of-service, other attacks, researchers say

Vessel-tracking system vulnerable to denial-of-service, other attacks, researchers say

Attackers could disable Automatic Identification System communications over large areas or send fake localization information to ships

The Hack in the Box 2014 security conference takes place in Amsterdam May 29 - 30.

The Hack in the Box 2014 security conference takes place in Amsterdam May 29 - 30.

Inexpensive equipment can be used to disrupt vessel-tracking systems and important communications between ships and port authorities, according to two security researchers.

During the Hack in the Box conference in Amsterdam Thursday, Marco Balduzzi, a senior research scientist at Trend Micro, and independent security researcher Alessandro Pasta described three new attacks against the Automatic Identification System (AIS), which is used by over 400,000 ships worldwide.

AIS supplements information from marine radar systems and sends a ships's identity, type, position, course, speed, navigational status and safety-related information to other ships, shore stations and aircraft. Port and coastal authorities also use the system to send important traffic information and other data back to the ships.

Balduzzi and Pasta warned last year that the lack of authentication and integrity-checking in the AIS communication protocol could allow pirates, terrorists or other attackers to create ghost vessels or spoof information received by the ships.

It's also possible to disable AIS communications over a large region, Balduzzi said Thursday. An attacker could impersonate a port authority and tell all AIS systems -- on ships, in shore stations, etc. -- to stop transmission for a number of minutes, and then repeat the command when that interval passes in order to prolong the downtime, he said.

Balduzzi and Pasta experimented on land with a self-built AIS transmitter and power amplifier and achieved a signal range of 20 km, but at sea the range would be bigger because there are less obstacles. Using more power can also significantly boost the range.

The equipment used by the researchers cost US$600, but they said that an AIS transmitter could be built with cheaper components for under $100.

AIS communications can also be used as a channel to exploit vulnerabilities in the software running on the back-end systems that process and collect AIS data. For example, the researchers found an SQL injection vulnerability in a system used by ship captains to store weather forecasts received over AIS.

The vulnerability could be exploited to insert bogus weather information into the database or even delete the whole database, Balduzzi said.

The impact of using AIS to attack back-end systems depends on what those systems are designed to do and what kind of vulnerabilities they potentially have. If the system stores information about ship traffic in a harbor for example, inserting bad information into its database or deleting it can have serious consequences, the researcher explained.

A third attack presented Thursday involves the spoofing of Differential Global Positioning System (DGPS) information sent over AIS. DGPS data improves the accuracy of GPS-based localization from meters to centimeters.

A constant stream of spoofed DGPS data could make a ship deviate from its course, Balduzzi said. The result would be similar to that of a GPS spoofing attack demonstrated by researchers from the University of Texas at Austin last year, he said.

According to the International Maritime Organization (IMO), the United Nations agency responsible for the safety and security of shipping, the installation of AIS is required on all ships of 300 gross tonnage or more that are engaged on international voyages and for all passenger ships regardless of size.

The IMO did not immediately respond to a request for comment about the AIS attacks revealed Thursday at Hack in the Box.

According to Balduzzi and Pasta, AIS providers and maritime authorities generally acknowledged in the past that the lack of authentication and integrity checking in AIS is a problem, but said that captains are instructed to correlate information from multiple systems and not rely on AIS data alone.

"To me, if you have a system that's supposed to enhance the previous systems, but is not secure and can report wrong information, then it's useless," Balduzzi said.

Completely fixing the problem would require redesigning the communication protocol to build in security, and then upgrading or replacing the AIS hardware installed on ships, in ports and ground stations. However, that's not feasible in the short term, the researchers said. Using specialized software to detect anomalies in the AIS data can be a temporary solution, but won't protect against all possible attacks like the denial-of-service ones, they said.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securityfraudphysical securitydata protectiontrend microintrusionAccess control and authenticationExploits / vulnerabilitiesInternational Maritime Organization

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments