As reported by Informationsdienst Wissenschaft (idw) on 2 May 2023, the "Maritime Cyber Security" research group at the Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE) is building a maritime security laboratory together with the Fraunhofer Center for Maritime Logistics and Services (Fraunhofer CML). The aim is to simulate, recognise and defend against cyber attacks on ships.
Ships as potential targets
Cyberattacks on industry and critical infrastructure are increasing worldwide. Ships, which transport billions of tonnes of goods around the world every year, are also potential targets as part of global supply chains. Overall, the need for networking is increasing - whether it is to be able to control routes ideally, monitor the flow of goods or enable the crew to connect to home. This makes maritime systems more susceptible to cyberattacks, as IT-supported on-board systems are often poorly secured.
Realistic test environment with stationary ship bridge
According to the Fraunhofer FKIE, three types of attack are conceivable:
+ General attacks, not specifically aimed at ships, are the most common threat. A USB stick infected with a malicious programme and inserted into the on-board computer is enough.
+ Targeted attacks, carried out with a high level of expertise, that simply make ships disappear from the radar, for example.
+ Electromagnetic warfare (electronic warfare), when satellite-based positioning is influenced by jamming transmitters or high-frequency radio waves.
Manipulation of the radar image using the Bridge Attack Tool (BRAT). Photo: FKIE
Simulation in the laboratory
These different types of attack with an impact on the real world can be simulated in the maritime security laboratory. As part of the MaCy (Maritime Cyber Security Laboratory) project in Hamburg, the Fraunhofer CML is currently developing a realistic ship's bridge into a cyber security laboratory. This environment provides all the instruments and systems on land that can also be found at sea, such as bridge hardware, marine radio and AIS (Automatic Identification System) transmitters/receivers, as well as radar equipment or ECDIS (Electronic Chart Display and Information System) for navigation. Within the test environment, various devices and procedures are used to generate, recognise, investigate and, ideally, prevent IT security incidents.
The "Bridge Attack Tool" (BRAT) can be used to carry out various attacks, attacks, malfunctions or manipulations of the radar and navigation systems and show their effects on the on-board systems. After the analysis, industry partners can be made aware of existing weaknesses, supported in technical improvements and practical countermeasures can be developed.
Recognition and display
In order to fend off cyber attacks on board as early as possible, the team has developed an intrusion detection system that recognises anomalies, evaluates them as possible attacks and issues warnings and alarms as well as instructions and recommendations for action to the crew on a Cyber Incident Monitor (CIM).
These should be clear and easy to implement, even in stressful situations. To this end, warning messages and acoustic alarms are linked to information and decision-making aids, e.g. "GPS not trustworthy!". The concept of alarm and warning messages is adapted to the guidelines of the International Maritime Organisation (IMO) on bridge alarm management. The work on CIM and BRAT is being carried out together with other companies as part of a research project for the Federal Ministry for Digital and Transport Affairs.
Creating awareness ...
With the help of the innovative maritime security laboratory, the Fraunhofer Institute aims to raise awareness of the dangers of cyberattacks at sea among companies, authorities and nautical experts and, together with partners from industry, develop measures to test and retrofit existing systems on the one hand and to provide research data for the development of new solutions on the other.
... Develop measures ...
Just because cyber attacks on ships have not yet become known on a large scale does not mean that security should be neglected. Especially on older freighters that have been in operation for decades, many systems urgently need to be upgraded. Consistent prevention in combination with effective methods for recognising potential cyber attacks is the best protection.
... Understanding dependencies
The cargo ship "Ever Given" blocked the Suez Canal for six days in spring 2021. Even if the cause of the accident was not a cyber attack, it is easy to imagine what impact a successful attack against the digital navigation and communication systems of one or more freighters could have.
Further information on "Data, facts and figures on the maritime dependence of the Federal Republic of Germany" in the
English 
German
0 Kommentare