Cookies help us deliver the best experience on our website. By using our website, you agree to our use of cookies Dismiss

Ethical hackers demonstrate weaknesses in shipboard systems Featured

Israel-based security company Naval Dome has reported the results of a series of penetration tests on maritime technology systems, including an ECDIS, which allowed its ethical hackers to directly impact on board systems.

{mprestriction ids="1,2"}With the permission and under the supervision of system manufacturers and owners, Naval Dome says that its cyber engineering team managed to hack into live, in-operation systems used to control a ship’s navigation, radar, engines, pumps and machinery.

While the test ships and their systems were not in any danger, Naval Dome says it was able to shift the vessel’s reported position and mislead the radar display. Another attack resulted in machinery being disabled, signals to fuel and ballast pumps being over-ridden and steering gear controls manipulated.

Commenting on the first wave of penetration tests, on the ship’s ECDIS, Asaf Shefi, Naval Dome's CTO and the former head of the Israeli Naval C4I and Cyber Defense Unit, said: “We succeed in penetrating the system simply by sending an e-mail to the Captain's computer.”

“We designed the attack to alter the vessel’s position at a critical point during an intended voyage – during night-time passage through a narrow canal. During the attack, the system's display looked normal, but it was deceiving the Officer of the Watch.”

“The actual situation was completely different to the one on screen. If the vessel had been operational, it would have almost certainly run aground.”

According to Mr Shefi, the Naval Dome hack was also able to alter draught/water depth details in line with the spurious position data displayed on screen.

“The vessel’s crucial parameters – position, heading, depth and speed – were manipulated in a way that the navigation picture made sense and did not arouse suspicion,” he said.

“This type of attack can easily penetrate the antivirus and firewalls typically used in the maritime sector.”

Naval Dome says that the hack was made possible by the fact that the Captain’s computer was regularly connected to the internet, using a satellite link, to download chart updates and other general logistics data. The attack file used in the hack was transferred to the ECDIS in the first chart update.

“The penetration route was not too complicated: the attacking file identified the Disk-On-Key used for update and installed itself. So once the officer had updated the ECDIS, our attack file immediately installed itself on to the system,” said Mr Shefi.

In a second attack, the test ship’s radar was hit using the local Ethernet Switch Interface, used to connect the radar to the ECDIS, Bridge Alert System and Voyage Data Recorder.

“The impact of this controlled attack was quite frightening,” said Mr Shefi.

“We succeeded in eliminating radar targets, simply deleting them from the screen. At the same time, the system display showed that the radar was working perfectly, including detection thresholds, which were presented on the radar as perfectly normal.”

A third controlled attack was performed on the Machinery Control System (MCS), which was penetrated using an infected USB stick placed in a socket.

“Once we connected to the vessel’s MCS, the virus file ran itself and started to change the functionality of auxiliary systems. The first target was the ballast system and the effects were startling,” said Mr Shefi.

“The display was presented as perfectly normal, while the valves and pumps were disrupted and stopped working. We could have misled all the auxiliary systems controlled by the MCS, including air-conditioning, generators, fuel systems and more.”

One way that such an attack could be perpetrated could be through an unwitting transfer of the virus to the ship systems by the system manufacturer, the company notes, as the manufacturers themselves can be targeted and inadvertently pass on viruses when they take control of onboard computers to carry out diagnostics or perform software upgrades.{/mprestriction}

Related items

  • Norway warns industry against digital attacks

    Following a number of virus attacks on Norwegian companies, including maritime companies, the Norwegian Maritime Authority (NMA) is warning the maritime industry against the various digital threats, and providing a reminder of the importance of being well prepared when an attack comes.

  • OceanShield raises $800,000 to stop maritime cyber attacks

    Cybersecurity innovator OceanShield has announced a US $800,000 funding round from seed investment company Masik Enterprise, several angel investors, and grant funding. The company launched in 2020, building on extensive experience with industrial control systems protection and two years of lab research and trials spearheaded by co-founder and CTO, Dr. Dmitry Mikhaylov.

  • Cyber risk management comes of age

    With new International Maritime Organization requirements on cyber risk management imminent, Campbell Johnston Clark (CJC) senior associate Richard Murray and IEIT Cyberlogic conclude that making ships truly cyber secure involves a marathon not a sprint.

  • Kongsberg Digital releases cloud-based simulation service for maritime radar training

    Kongsberg Digital has launched a new cloud-based simulation service for maritime radar training. Used as an advanced eLearning tool, it enables instructors to manage and control exercises with realistic radar simulations to students, who now can practice and prepare for their exams anytime, anywhere and at their own pace.

  • Voyager Worldwide partners with Baker, Lyman & Co

    Voyager Worldwide and Baker, Lyman & Co, one of the oldest distributors of Admiralty and NOAA navigation charts and publications in the USA, have announced a new partnership to provide Voyager navigation software solutions to Baker Lyman customers ahead of the retirement of the UKHO’s ADMIRALTY e-Navigator Planning Station and ADMIRALTY Gateway e-chart updating software on January 29 2021.

Joomla SEF URLs by Artio


Register or Login to view even more of our content. Basic registration is free.

Register now

Digital Ship magazine provides the latest information about maritime satellite communications technology, software systems, navigation technology, computer networks, data management and TMSA. It is published ten times a year.


Digital Ship Ltd
Digital Ship - Digital Energy Journal
39-41 North Road
N7 9DP
United Kingdom

Copyright © 2020 Digital Ship Ltd. All rights reserved           Cookie Policy         Privacy Policy