Ships can be hacked and the reason is its vulnerable messaging system.
It is a fact that ship loading and container stowage plans are created without using a secure messaging system, and there is obviously a lengthy series of electronic messages that are exchanged between the entities responsible for the creation of vessels including shipping lines, terminals, and port authorities. Understandable this flaw can be exploited by malicious threat actors anytime at their will, and this is exactly what security firm Pen Test Partners’ security consultant Ken Munro is concerned about.
On a daily basis, large vessels use a system called BAPLIE to displace thousands of containers some carrying around 200,000 tons’ load. This system informs port authorities where to place every single container, and the ship’s manufacturers very regularly update it. However, if customers do not use its latest version, there is every chance of foul play since criminal hackers would obscure the real contents and weight of the container by altering the information sent to the customs.
Law enforcement authorities cannot examine every cargo and target shipments from countries that are categorized as high-risk. If a hacker alters this information, then investigators won’t be able to detect that a container is marked as high-risk.
In the official blog post, it was revealed that the threat is real and anyone can perform the hack. The vulnerability of messaging system would affect the day-to-day functioning of the ship as instead of completing the job of loading and unloading in 24 to 48 hours; the ship would take weeks for manual re-inventory. Furthermore, the load planning software, which is used for placement of heavy containers at the bottom of the stacks to ensure that gravity center stays low and balance is maintained, can be exploited to disturb this balance.
“How about if a hacker manipulated the load plan to put a ship out of balance deliberately? Disguise the data, so that the loading cranes unintentionally put the heavy containers at the top and on one side? While some balancing actions are automatic, the transfer pumps may not be able to cope with a rapidly advancing, unanticipated out of balance situation,” read the blog post.
Pen Test Partners has warned about the use of USB devices for exchanging data between ship and terminal mainly because of the possibility of inviting malware into the system since the computer having load plan software might also be used for surfing the web or emailing. Researcher claims that interoperability is vital between shipload plan and the various ports that it visits so that the load plan is securely transmitted to the port.
“Simple = USB = vulnerable. This is ripe for attack. The consequences are financial, environmental and possibly even fatal,” states Munro.
Pen Test Partners has urged operators, terminals and ports to conduct a thorough review of their messaging systems so that the threat of tampering is curtailed given that there is already evidence of stealing of valuable items from containers parked at the port probably via insider access.