Welcome
About
News
Anonymous Reporting
Tools
MCA Chatter
Library
V-ID Terminal
Support
My Account

News

Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019
 
 
 

Warning that hackers could sink a bulk carrier - but why would they?

 
December 20th 2017
Would malicious hackers deliberately sink a vessel just for fun?
In the latest cyber security warning for shipping Pen Test Partners have highlighted that hackers could sink a bulk carrier by deliberately imbalancing its cargo.

Penetration testing experts Pen Test Partners highlighted that hackers could potentially sink a bulk carrier by manipulating the loading data of its hull stress monitoring systems (HSMS) to deliberately cause an imbalance of cargo.

The crew of the vessel would be unaware of the imbalance which could lead to catastrophic consequences with the vessel breaking up and sinking.

“The reason it is feasible is that when HSMS were first developed, there was no concept of a vessel being connected to the internet, allowing it to be accessed remotely. Therefore, many HSMS are just PCs connected to the ships’ network,” said senior partner, Ken Munro.

“A hacker could interrupt the loading data being fed to and from the monitoring system, having previously compromised the network either via the satcom unit or a phishing e-mail.”

“Once in control, hackers can manipulate the loading of cargo and turn off any stress monitoring alarms that would alert crew to any undue strain on the vessel,” he claimed.

Pen Test Partners said that HSMS vendors and all ship control and reporting system manufacturers need to take security very seriously.

While issuing this warning of potentially dire consequences this left the question as to why hackers would want to attack a bulker in this way.

Asked by Seatrade Maritime News, Munro explained that it could be: "A competitor port, competitor shipping line, someone trying to influence commodity prices, damage a country, block a deep water channel, stop production somewhere, any number of different motivations.

"Or maybe just because they can. There’s plenty of evidence already of kiddie hackers taking out systems because they can."

Source


Keywords