Fathom World

Mapping the transformation of shipping and the oceans

Digital & ElectronicsFeatured

How to hack a maritime satellite

Satellites are essential to the smooth running of the modern maritime sector but the levels of cybersecurity they employ are often somewhat scant. Brian Dixon went to see what damage he could do.

Given the increasingly important role they play in global communications and navigation, it might seem surprising that most satellites in orbit today are actually highly vulnerable to malicious hacking. This can range from signal jamming and spoofing to eavesdropping, hijacking and even the full takeover of a satellite’s control system, as has happened on a number of occasions.

Indeed, speaking at last year’s RSA cybersecurity conference in San Francisco, William Malik, Trend Micro’s vice-president, infrastructure strategies, told delegates that when designing satellites, engineers simply “don’t think about information security principles”. As such, these inherent security flaws “show up again and again”, with Malik describing the range of vulnerabilities as both “astonishing” and “rife”.

What’s more, Malik is not alone when it comes to holding such an opinion. “It is actually pretty easy to hack a satellite,” says Mathieu Bailly, vice-president of space and the Internet of the Things (IoT) at Switzerland-headquartered cybersecurity firm Cysec, noting that when satellites do employ some form of protection it is typically outdated. And with so many satellites operating without any defences or encryption in place, such a situation is becoming “more and more a problem” as the data handled becomes ever more sensitive and crucial in nature.

This is particularly so when it comes to the increasingly digitalised maritime sector and its upward reliance upon the Global Navigation Satellite System (GNSS). Provided by multiple satellite constellations, this critical system has already been the target of various spoofing and jamming attacks that have resulted in ships suffering either a partial or total loss of their ability to plot their position at sea.

“Every single [item of information technology (IT)] or communication equipment onboard a ship is connected to the GNSS. That means it needs to have the [correct] positioning of the ship,” Bailly states, reporting that Cysec has collected numerous testimonials from ship operators that have experienced a potentially catastrophic GNSS signal loss.

putting them together
The AIS is still at risk

It’s not just the GNSS that is of concern. Intended to track the movement of all ships around the globe, the Automatic Identification System (AIS) nonetheless uses “wide-open and clear communications” that Bailly sees as making it “very easy to tamper with”.

And while the ability to fake the position of a vessel has obvious implications in terms of facilitating illegal fishing, smuggling, sanctions breaking and other such activities, it also has potentially grave consequences for the safe navigation of other vessels. At the same time, it can also have a negative commercial impact on ports, logistics providers and insurers firms among others that all require accurate and reliable ship tracking data to perform their business functions correctly.



Finding the key that locks

In response to these issues, Cysec has been tasked by the European Space Agency (ESA) to conduct a feasibility study into possible ways of mitigating the cyber risks associated with both the GNSS and AIS platforms. To do this, the company has established a consortium with U-blox, a Switzerland-headquartered provider of positioning and wireless communication technologies, and Gomspace, a Danish manufacturer of nanosatellites. Together, the three companies will work under the guidance of the ESA and various European maritime stakeholders.

Part of the ESA’s wider Telecommunications & Integrated Applications programme, the feasibility study is expected to conclude during the final quarter of this year. And while the ultimate findings of the study remain to be seen, it seems likely that the need to address these cybersecurity shortcomings will only intensify over time.

“The testimonials of these ship operators were very dramatic,” Bailly says, revealing that in each case the crews onboard were “absolutely not prepared nor qualified to handle any kind of big event like a cyberattack” or similar disruption to the vessel’s IT or communications systems. Moreover, the rise of autonomous shipping will only further heighten the importance of developing more secure satellite-based systems if collisions and unnecessary reroutings borne of faked or hacked AIS or GNSS data are to be avoided.


About Author

Brian Dixon is a business and industry journalist with more than 20 years' experience writing about ports and logistics. A member of the Chartered Institute of Journalists, he has covered stories on six continents. He divides his time between the UK and East Asia