AIS concern – serious vulnerability to hacking
That AIS system you have such faith in may not be so secure after all. Hundreds of thousands of vessels, including many sailing boats worldwide, rely on the Automatic Identification System (AIS) for sharing vessel movements. Now the system has shown to be easily vulnerable to hacking. As reported by Sail-World.com
Published 10 years ago, updated 4 years ago
Researchers have announced at a conference in Kuala Lumpur that they have found that it is possible to cause fake vessels to appear, real ones to disappear, and to issue false emergency alerts using cheap radio equipment.
Researchers with the computer security company Trend Micro discovered the problem, which stems from a lack of security controls in AIS, a system used by an estimated 400,000 vessels worldwide.
AIS is an easy target because the signals don’t currently have any authentication or encryption mechanism, making it simple to use software to craft a signal designed to do mischief, says Marco Balduzzi, Trend Micro researcher. ‘All the ships out there are affected by this problem; it’s not tied to the hardware but to the protocol.’
International Maritime Organization rules make AIS mandatory on passenger vessels and on cargo ships over a certain size. Lighthouses, buoys, and other marine fixtures also transmit their location using the system.
We were really able to compromise this system from the root level,’ says Kyle Wilhoit, a researcher with Trend Micro’s Future Threat Research team. By purchasing a 700-euro piece of AIS equipment and connecting it to a computer in the vicinity of a port, the researchers could intercept signals from nearby craft and send out modified versions to make it appear to other AIS users that a vessel was somewhere it was not.
Using the same equipment and software, it is possible to force ships to stop broadcasting their movements using AIS by abusing a feature that lets authorities manage how nearby AIS transmitters operate. AIS transmissions could also be sent out that make fake vessels or structures such as lighthouses or navigational buoys appear, and to stage spoof emergencies such as a ‘man in the water’ alert or collision warning. No direct attacks were staged on any real vessels.
The researchers showed that their spoof signals were faithfully reproduced on the maps provided by online services that monitor AIS data.
One online service was fooled into showing a real tugboat disappearing from the Mississippi and reappearing on a Dallas lake, and (see photo left) depicting a fake vessel traveling off Italy on a course that spelled out the hacker term for a compromised system: ‘pwned.’
Read the rest of this story at www.Sail-World.com