Midway through the 1983 movie “War Games,” systems in NORAD monitoring for possible Soviet naval activity suddenly show a fleet of Soviet nuclear submarines directly off the North American coasts. Later, we learn that there was no fleet: it was a phantom fleet fabricated by “Joshua,” the supercomputer who plays a central role in the film.
The film was an early, fictional exploration of the idea “what could possibly go wrong.” In 1983 at the height of the Cold War, computers were taking on a greater intermediary role in our lives. At the time, the film was an exaggeration of what could happen (as shown by this 1983 CBS interview with a security expert of the time). But it underscored the anxiety that computers that relayed critical information for life-and-death decisions could be tampered with to cause real-world harm.
In 1983, compromised critical information systems showing phantom ships was a fiction. Thirty years later in 2013, Trend Micro researchers Kyle Wilhoit and Marco Balduzzi are showing this is a reality. Their new research into Automated Identification Systems (AIS), a critical maritime communications system, shows that they can not only make phantom ships appear real, they can do much more.
Other ways that AIS can be compromised to malicious ends include:
- Making real ships “disappear” from tracking to make them effectively invisible to authorities.
- Changing a ship’s nationality or cargo to enable hostile ships carrying dangerous cargos to look harmless.
- Altering “aids to navigation” (AToN) like buoys and lighthouses to cause ships to crash into known maritime hazards like reefs or shallow water.
- Impersonating marine authorities to permanently disable AIS on a ship, cutting that ship off from sending or receiving critical AIS information.
- Making ships send AIS information more frequently than the system can handle, effectively bringing the system down in a denial of service (DoS) attack.
This new research shows that AIS suffers from an increasingly common problem in the age of the “Internet of Everything”: connecting systems and devices not built for the Internet to the Internet opens up new kinds of attacks. Another common problem with the Internet of Everything this shows is that online attacks can result in real-world harm.
Shipping on the high seas has been dangerous through human history. Ships and sailors have faced the threats like shipwreck and piracy for thousands of years. Now they have to add the threat of hacking to that list. But while hacking in some quarters results in inconvenience, loss of data, or loss of money, here it could truly cost human lives.