I’ve blogged already about how superyachts are the homes, the offices, the play areas for their owners. However, they are also the charge of the captains and homes of the crew, most owners simply see themselves as guests on the captain’s yacht, so what do you the captain and crew need to think about?
We know we can find a locate the yacht in real time with AIS and can compromise the Satcom, but what about your navigation? You will be using an Electronic Chart Display and Information Service (ECDIS) to allow you to navigate your yacht, this will rely on your GPS systems to accurately pin point your location. All good so far, however, running separate cabling around the yacht is costly and ineffective, what most integrators will do is use serial to IP convertors to convert signals from your GPS to travel over a normal network. Sounds great right… Wrong. This network is the same network that the owners VOIP calls are being made on, the same network that their connected lighting or smart TV is on. It’s the same network the crew connect their laptops and tablets to on rest days. Can you be sure all of the devices are secure?
So why is this an issue for you? If I can compromise your owners always on VOIP service and use that as a doorway on to the ship, what is to stop me impacting critical services such as ECDIS. Most yachts will have a server rack where all the key services are stored, these will include firewalls, network switches, VOIP, connected audio, WiFI, etc. Then network cables will run to the key services like your GPS antenna and the ECDIS. Attached to these will be serial to IP converters. These are little magic boxes that convert the data from the GPS antenna to data that can travel over a normal network. There will be another one to covert it back to something your ECDIS will understand. These are simple to compromise, allowing me to confuse your ECDIS. What if I can tell you your ship is 10 miles from where you think you are? No big deal right, you can look out the window and use your paper maps… you do still have paper maps don’t you?
Obviously compromising your ECDIS like this is a significant issue, therefore most system integrators will implement separation. The server rack will implement technology to separate network traffic so that they can’t cross over. Your crew/client WiFi won’t be able to access your ECDIS, the owners voice conferencing service won’t see your AIS traffic… In theory… We have lost count of the number of times we have found installers rush to get a job done and just ‘make it work’ in the shortest possible time. This leads to the wrong kit plugged in to the wrong networks and your owners hacked devices accessing your navigation systems. Can you be certain that has been implemented securely and correctly?
As yachts get ever larger and complex the systems you use to pilot them get ever more complex, you aren’t starting the motor by hand and physically moving the rudder, this will be performed by industrial control systems (ICS) that take your inputs and provide an action at the component being controlled. How is that happening? Through the onboard networks. Your auto pilot systems will interact between your ECDIS and this ICS network. But remember I can control your ECDIS… How will your autopilot fare if it doesn’t accurately know where you are?
Your crew didn’t used to carry much technology, then the smart phone was invented and now your crew need to charge devices, connect to WiFi, video call their family and can upload your exact coordinates to Facebook and Twitter all using the technology on board that ensures the yacht is runs smoothly and the owner makes the best use out of their investment. Do you know if their devices are running up to date operating systems, free from malware and bandwidth restricted? We have seen in the aviation industry and the maritime industry staff connecting their phones to safety critical systems just to charge them!
When you consider your clients, if you are a charter captain you might not know who the clients and their guests are, could they be tampering with systems or installing rogue systems to compromise future clients? It’s really important to understand what ‘normal’ looks like and periodically check systems for ‘abnormal’ devices otherwise you could allow an attacker to impact your yacht.
The yacht will have all the technology provided by a system integrator who will likely also provide support should you need it. There are rarely centralised security controls in place, it’s likely to be just you and a remote support organisation, sure they should be able to connect over the satcom to fix issues, but the support contract you have may not prioritise security and even if it does, some issues such as keeping systems up to date will really only be possible when at a dock and may impact the service while updating. The problem is that the devices need updating in the same way your phone does to fix security issues. Do you allow time for this to happen? What about the passwords for all the systems? Who is responsible for setting these securely? Or have you just gone with the default? We have shown how easily these can be compromised over satellite links.