The explosive growth in communications services over the last two decades has dramatically changed the way that businesses operate in all sectors, improving efficiency and providing new opportunities. In the maritime sector, we can see this from the original adoption of VHF a hundred years ago for ship communication through to more recent safety technologies such as AIS and satellite communication. However, the limited bandwidth and high cost of these technologies has historically limited the sector’s ability to leverage them in many of the ways seen in other industries.
Notably, when adding new technologies or capabilities into existing systems, it’s important to consider any additional risk that may be presented; this can be both from vulnerabilities in the underlying technologies themselves, or from the way in which they can interact with or expose other capabilities. Where risks are identified, mitigations should be put in place to reduce them to an acceptable level. Below we explore some of the ways in which this can be done, and some examples for widely used maritime technologies.
Risk assessment for new technology deployments
Before deploying any additional technology into an operational platform, it is vital to ensure that an assessment has been done of the risks this may introduce - both those implicit in its design and those which come about from the ways in which it may have been configured and installed.
A standard way to assess these risks is to consider the confidentiality, integrity and availability of information being transferred, with regard to the requirements for that information. In the context of communications technology, these can be defined as:
Confidentiality: The risk an adversary can eavesdrop or intercept communication and decode its contents.
Integrity: The risk an adversary can intercept and tamper with information such that the recipient is tricked into acting differently.
Availability: The risk an adversary can prevent information being transferred or received.
Automatic Identification System – AIS
AIS (Automatic Identification System) is a VHF radio-based system which allows ships to broadcast their current GPS-obtained location to nearby vessels.
Confidentiality: AIS information is publicly reported, so no requirement for confidentiality.
Integrity: Information can sometimes under certain conditions be used by other vessels for collision avoidance, so it is important they can trust it to be accurate.
Availability: AIS supplements other technologies, so availability issues can be worked around but safety and efficiency may be impacted.
Key risk: Since AIS lacks any mechanism for validating messages are being broadcast correctly, it is possible to spoof messages to present as a different vessel, or ‘fake’ a vessel location. This is often used to conceal illegal activity such as illegal fishing or evading international sanctions. Additionally, since AIS is used to generate collision-avoidance warnings, spoofing locations could be used to ‘force’ a vessel off course and into dangerous waters.
Global Maritime Distress and Safety System - GMDSS
GMDSS (Global Maritime Distress and Safety System) is a suite of procedures, protocols and communications systems designed to assist with rescuing vessels in distress. The key components are HF-radio and Satellite based transmitters.
Confidentiality: GMDSS messages are intended to be received by multiple authorities and other vessels, so no requirement for confidentiality.
Integrity: Information is relied upon by rescuers, but unlikely that it could be tampered with.
Availability: Issues with message transmission may lead to lives being lost, so this is key.
Key risk: Given GMDSS’ key role in saving lives, ensuring its constant availability is crucial. While it could be possible to disrupt radio communications via jamming, the set of technologies used should mean other channels continue to work. A risk is its reliance on a single operator for satellite communications, but other providers are likely to be approved in the next few years.
Satellite communication has become the main way of transferring information when a vessel is at sea, and can allow for the transmission of voice, internet and other data. Although traditionally high-cost, new operators and satellite launches mean bandwidth is becoming cheaper and more widely available.
Confidentiality: In some satellite systems the data transmitted can be read by those with the right equipment. The requirement for confidentiality is dependent on the information being transmitted, and encryption should be applied where it is required.
Integrity: It may be possible in some situations to affect the integrity of information, so extra steps such as message-signing should be used where guaranteed integrity is required.
Availability: Communications could be disrupted through jamming.
Key risk: The development of software-defined radio technology means that radio signals of the frequencies used by satellite communication systems can be received and analysed cheaply. If sensitive information is being transmitted in plain text, then it may be possible to intercept it. Older satellite equipment (e.g. terminals) may also be at risk of direct attacks over the internet.
VHF radio is the most commonly used marine communication system, found on everything from large vessels to small recreational craft. It uses simple analogue FM modulation to transmit a voice signal which can be received by anyone in range of the transmitter.
Confidentiality: There is no confidentiality protection in VHF messages, anyone can receive them.
Integrity: No specific protection, but difficult to affect the integrity of transmitted messages without tampering with equipment.
Availability: VHF is easy to disrupt through jamming, but would only affect a local area.
Key risk: Due to its broadcast nature and simple analogue modulation the lack of confidentiality means that VHF should not be used to transmit sensitive information. In practise, its use for general ship-to-ship and ship-to-shore communications means this is unlikely to occur.
Mobile networks are increasingly used for voice and data communications when a ship is either at dock or sailing inshore because of its lower cost and latency than satellite. Often, the same equipment is used to access both internet and 3G/4G services.
Confidentiality: Data and voice transmitted over 3G and 4G mobile networks is encrypted, but information may then pass over the internet where no confidentiality can be guaranteed.
Integrity: The 3G and 4G network standards have controls in place to ensure message integrity.
Availability: Communications could be disrupted through jamming, but authorities would be quick to react to mobile network outages.
Key risk: With the availability of cheaper, faster internet access, usage will increase and the risk of malicious documents or software being downloaded onto onboard devices will also increase.
WIFI networks are used for connecting devices within a ship, port or office environment so they can access the internet and other network resources.
Confidentiality: Earlier WIFI protocols (such as WEP) can now be easily decrypted and transmissions read.
Integrity: Again, earlier protocols are vulnerable to injection attacks.
Availability: Communications could be disrupted through jamming, which would prevent devices joining the network.
Key risk: Early WIFI protocols such as WEP have a number of serious security weaknesses which mean that anyone in range of the network can intercept and inject traffic, and join the network without knowing the password. Later protocols, such as WPA2 (and the new WPA3) are considered generally secure, although a strong password must be set.
Integration Risks - Attack – Surface
All systems have an ‘attack-surface’, defined as the total of the different ways in which an attacker could input or extract data or commands. This should always be kept as small as possible to reduce the possibility of a vulnerability in a component being exploitable, and understanding the attack surface is a key first step in assessing the security of a system.
Adding new or improved communications technologies usually affects the overall attack surface in some way, whether by enabling additional direct exposure or by enabling activities which might put the systems at greater risk. More information on direct and indirect risks can be found in our full research report.
The huge advances in communications technology have brought widespread benefits to society and industry, and the maritime sector is at a point where it can start to capitalise on these developments too. New initiatives such as eNav and VDES look set to increase the level of background communications between ships and ship to shore, and offer the potential for increases in efficiency and safety. However, integrating new connectivity into existing platforms is not without risk and care should be taken to ensure the continued security of the entire system.
To learn more about integration risk in communication technology within the Marine and Offshore sectors, please see our full research report on the topic.