We all know how important cyber security is while using your smart phone or tablet to shop or bank online(1). This is even more important when you use a public WiFi hot spot or even your home or business WiFi network, as wireless networks are inherently insecure.
So what do you do when you are on a ship, in the middle of the ocean or even in port? Surprisingly, the current answer is literally “next to nothing”.
Port ICT security was first mentioned in a 2007 report by the UN entitled “Good Practices in Information and Communication Technology (ICT) Applications in Seaports in ESCWA Member Countries”.(2) It is even more surprising how many seaports have still not implemented any technology or are not using any guidelines to address the threats in maritime ICT 6 years after the report was published. Astonishingly a 2011 report from The European Network and Information Security Agency (ENISA) stated that even the “awareness on cyber security needs and challenges in the maritime sector is currently low to non-existent”(3)
The problem only increases on board ships that in recent years have been subject of piracy that have cost billions of dollars. According to a 2011 “One Earth Future Foundation Working Paper” “maritime piracy is costing the international economy between $7 to $12 billion, per year.”(4) The World Bank reports “Somali pirates cost global economy ‘$18 billion a year” as shippers are forced to change trading routes and pay higher insurance premiums.”(5)
Pirates, drug smugglers and organized crime are well aware of the security gaps present in the marine ICT environment and are becoming very sophisticated in their efforts to exploit the weakness. This is very evident in the recent “cyber-attack on the Belgian port of Antwerp”(6) “which (bore) an uncanny resemblance to the recent” “attacks on UK banks.”(7).
With increasing technological advances and reliance on those including mandates(8) within the maritime industry it would seem common sense to implement an ICT policy and security in ports and on board the ships responsible for keeping the global economy moving as “around 90% of world trade is carried by the international shipping industry.”(9)
“pirates need to acquire information about possible targets”.
“pirates target” “frequent use of unsecured radio”.
Information And Communication Technology, Security Matters And Maritime Piracy In Contemporary Africa
One Potential Solution
One answer is the Secure Communications Hub (SCH) developed by a U.S. company specializing in maritime security called Container Security Logistics, LLC.
The “SCH” is a stand-alone communications hub that acts as a repeater, transmitter and signal booster for their Advanced Logistics Management Device (ALMD) designed to track shipping container movements worldwide. The company recognized the need for secure communications in relaying confidential manifest information and security alerts to government law enforcement or regulatory agencies when dangerous, restricted or illegal cargo is detected within a container. This includes Chemical, Biological, Radiological, Nuclear and Explosive (CBRNE) “items”.
The “Hub” is encased in a ballistic material and is secure from electronic attempts to scan the device in an attempt to gather information or physically breech the case in compliance with current DoD 5200 and FIPS 140-3 L4 standards.
A Hub when coupled together with other ALMD’s or other devices such as radios creates what CSL calls a “Secure Authorized Local Area Network” or SeaLan©.
Using the Hub as an ICT portal, Internet traffic and communications (Marsat, Inmarsat, etc.) would route through a dedicated SCH to create a SeaLan.
Developed communication protocols further act to secure transmissions by internally generating passwords and encryption schemes at different levels and times during the communication for “always on” VSAT, standard VHF and could also be used to secure all shipboard radio transmissions.
Internet devices routed through the SCH could be offered a second secure hub at critical system interfaces as simply as a plugging into a SeaLan network USB port.
Standard email & documents such as manifests etc., are compressed and can be sent over the Internet wireless as burst transmissions that if intercepted appear to be static or popcorn noise.
The Hub contains an advanced non GPS dependent positioning system and offers a battery back up that enables it to act as a redundant positioning and communications center in the event of a catastrophic systems failure on board the ship.
The Hub also acts as a firewall for attempted hacking or monitoring attempts and is a strong and effective defense against jamming technologies and GPS and GIS spoofing.
It creates a system use profile to form a “norm” for standard and day to day operations and will recognize something out of the norm and inform authorized systems administrators on and off the ship.
Spoofing and jamming rely mainly on signal identification and frequency matching, by employing spread spectrum security codes, frequency hopping and modulation the ability to lock onto match or emulate a frequency is virtually impossible.
The SCH can be installed on ships, in port facilities and on communication towers. Hubs recognize each other and can form an ancillary SeaLan if allowed or authorized to do so. Likewise that activity can be restricted.
“True biometric authentication is the “holy grail” of credential management. Uniquely identifying an individual and authenticating access based upon criteria that cannot be duplicated virtually guarantees network and facility security.”
James Childers / CEO – Artemis Solutions Group, a Division of iQBio, Inc.
Another Layer of Security
For critical systems, strategic and tactical applications CSL has developed a secure biometric identification credential they call “BioID”.
The credential uses multiple biometric traits including a novel chemical identifier fingerprint they refer to as “Virtual DNA”. The credentials are manufactured in a secure facility with encrypted lot numbers using random UV spectrum micro laser etching. The authenticity of each credential is held internally until activated, in correct sequence and by the proper “assigned” device. Once completed, the credential is then authorized and authenticated securely. This renders them unique unto each other and impervious to counterfeiting.
Used in concert with the Hub, the entire communications system becomes secure as you may limit or allow access to specific persons, at specific times, and even to designated Internet addresses or radio frequencies.
The Bottom Line:
We know the lack of Maritime ICT security is a problem that exists. We know that ”the problem” ultimately directly and indirectly affects and costs “us”, the worldwide consumers billions of dollars annually. We know that “it” affects 90% of world trade.
We have identified one mitigating solution.
All this asks the question, why isn’t more being done to reduce the risks?
About Container Security Logistics
CSL is a private company with primary offices in Fort Lauderdale, Florida. It is established as a SPE to address the issue of container security. Currently the ALMD technology is licensed to Gatekeeper USA, Inc. of Gaithersburg, Maryland.(10)
CSL remains the only company to have successfully demonstrate and exceed “criteria set forth by The Department of Homeland Security (DHS)” for an “Advanced Container Security Device, (ACSD)”.(11)
- (1) http://nakedsecurity.sophos.com/2012/10/02/what-is-your-phone-saying-behind-your-back/
Even worse, an attacker could set up a rogue WiFi with the same SSID as the one you are trying to connect to with the aim of forcing your phone to connect and transfer data through it.In five hours, 246 wireless devices came into range. 49% of these devices were actively probing for their preferred networks to connect to, resulting in 365 network names being broadcasted.
What makes this even more worrying was how easily I was able to capture this sensitive information. A tiny wireless router I purchased from eBay for $23.95 and some freely available software
- (2) http://www.escwa.un.org/information/publications/edit/upload/grid-07-12-e.pdf
UN ECONOMIC AND SOCIAL COMMISSION FOR WESTERN ASIA (ESCWA) entitled “Good Practices in Information and Communication Technology (ICT) Applications in Seaports in ESCWA Member Countries”
- (3) http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/dependencies-of-maritime-transport-to-icts/cyber-security-aspects-in-the-maritime-sector-1/at_download/fullReport
The European Network and Information Security Agency (ENISA)ANALYSIS OF CYBER SECURITY ASPECTS IN THE MARITIME SECTOR November 2011
- (4) http://www.marsecreview.com/2011/01/the-economic-costs-of-maritime-piracy/
- (5) http://edition.cnn.com/2013/04/12/business/piracy-economy-world-bank/index.html
- (6) http://www.bbc.co.uk/news/world-europe-24539417
The director of Europol, Rob Wainwright, says the internet is being used to facilitate the international drug trafficking business. His comments follow a cyber-attack on the Belgian port of Antwerp.The organised crime group allegedly used hackers based in Belgium to infiltrate computer networks in at least two companies operating in the port of Antwerp.
- (7) http://news.techworld.com/security/3474018/hackers-planted-remote-devices-smuggle-drugs-through-antwerp-port-europol-reveals/
it is only now that the remarkable scale of the attacks and their unusual methods – which bear an uncanny resemblance to the recent KVM attacks on UK banks – are becoming clear.
- (8) http://www.newscientist.com/article/mg21228356.400-electronic-navigation-charts-could-save-ships.html
The IMO evidently agrees – it wants all ships built after mid-2012 to be fitted with ECDIS. Existing ships have different compliance dates depending on whether they carry passengers or cargo, but all commercial vessels must be upgraded by mid-2018.
- (9) http://www.ics-shipping.org/shipping-facts/shipping-and-world-trade
- (10) http://www.gatekeeperusainc.com
- (11) http://www.gatekeeperusainc.com/press-releases/gatekeeper-usa-announced-today-the-successful-completion-of-a-cams-proof-of-concept.html