SailNet Community

SailNet Community (http://www.sailnet.com/forums/)
-   General Discussion (sailing related) (http://www.sailnet.com/forums/general-discussion-sailing-related/)
-   -   AIS "extremely vulnerable to hackers" (http://www.sailnet.com/forums/general-discussion-sailing-related/104918-ais-extremely-vulnerable-hackers.html)

Tanley 10-21-2013 09:56 AM

AIS "extremely vulnerable to hackers"
 
Ship Identification System Vulnarable To Cyberattack - Technology News - redOrbit

Hackers Figured Out How to Hijack Shipping Vessel Tracking Systems | Gizmodo UK

Zanshin 10-21-2013 10:10 AM

Re: AIS "extremely vulnerable to hackers"
 
It must be a slow news day, I saw these articles on several sites this morning, including BBC.

How I dislike some of these sensationalistic reports. While basically true, the second headline is patently false - they did not hijack anything, they spoofed signals. And if hackers only recently found out how to do this, instead of years ago on DAY 1 of the AIS signal standards having been published, they don't deserve the title "hacker".

The same concepts apply to many such open systems including GPS signals and ATIS.

With a bit of work they could spoof a phantom ship and a phantom track - but the example of "PWNED" is, in security terms, a joke. It uses signals to marinetraffic.com, which is not an official AIS tracking site but one that uses private feeds. I bet that the time signals on the spoofed messages for that track are only seconds apart. Even an unsophisticated AIS receiver would show a speed of several thousand miles an hour for that ship.

While there are some malicious things one could do with big ships and fake Class "A" proximity signals, I think I'll continue to sleep easy since they would need powerful and sophisticated equipment to "jam" a valid AIS signal.

MarkofSeaLife 10-21-2013 10:55 AM

Re: AIS "extremely vulnerable to hackers"
 
Yes now someone has been able to play with AIS I think the whole system is vulnerable and should be shut down immediaetly. Anyway, its really only the CIA who tracks anyone. Everyone knows no ships actually use AIS, and even if they did they would filter out everyone because it would just be too horrid for an alarm to go off.

I have moved firmly into the Internet Anti AIS camp and would much rather die at sea than to use one.


Mark

Zanshin 10-21-2013 11:33 AM

Re: AIS "extremely vulnerable to hackers"
 
Mark - I agree, and because of the proven hacking of GPS signals I'm going to revert to my sextant and since people can fake voices on the VHF and SSB I'm getting rid of my Marconi units, too. :)

And if I get lost, I'll remove my aluminum foil hat and just shout out some special keywords so that the NSA can track me.

rikhall 10-21-2013 02:02 PM

Re: AIS "extremely vulnerable to hackers"
 
Quote:

Originally Posted by Zanshin (Post 1108426)
And if I get lost, I'll remove my aluminum foil hat and just shout out some special keywords so that the NSA can track me.

Captain Ron: Besides, if we get lost, we pull in somewhere and ask directions.


Rik

night0wl 10-21-2013 02:14 PM

Re: AIS "extremely vulnerable to hackers"
 
As much as I love AIS receive only...there was a reason I never installed a transponder. The thought of me being tracked on sites like marine traffic....just gave me heeby geebies. But thats my tin foil hat side showing again.

Tanley 10-21-2013 05:49 PM

Re: AIS "extremely vulnerable to hackers"
 
Wow, relax guys. Even accounting for the sarcasm you sound a little sensitive about this. You'd think someone called your kid ugly or something.

I don't read it as a reflection on the inherent value of AIS. Every system has room for improvement. All they've done here is identify a behavior of the system that might be a liability under extraordinary circumstances.

The rub will be if they decide to address it, and it results in existing hardware being incompatible with what everyone's already invested in.

From MIT Technology Review
Quote:

The researchers attempted to notify several international marine and communication authorities, but only received a response from the International Telecommunications Union, a United Nations agency that deals with global communications policy. “They seem to be on board with changing the protocol,” says Wilhoit, “but it’s one of those foundational problems that will take time to fix.” AIS equipment has the protocol built in, so rolling out an improved form of AIS requires replacing existing equipment.
Ship Tracking Hack Makes Tankers Vanish from View | MIT Technology Review

Classic30 10-21-2013 06:44 PM

Re: AIS "extremely vulnerable to hackers"
 
Quote:

Originally Posted by night0wl (Post 1108489)
As much as I love AIS receive only...there was a reason I never installed a transponder. The thought of me being tracked on sites like marine traffic....just gave me heeby geebies. But thats my tin foil hat side showing again.

Actually, you make a valid point. Given that AIS tracks are now, thanks to products like OpenCPN, at least, if not more widely referred to by the captains and crews of 21st century shipping than radar is, I'm sure they'd share your thoughts as they steer through known pirate zones.

Banning/locking out sites like Marine Traffic :p might be part of a solution but, given that AIS is essentially a ship-to-ship communications system that (like radio) functions by everyone being able to "non-securely" receive and transmit messages, I can't see how changing the protocol to make it more "secure" (whatever that entails) would help anyone anywhere - pirates equipped with a valid AIS receiver would still be able to track their targets without difficulty once they got in range of the AIS signals.

Maybe, in this case, locking up the researchers for tampering with a marine safety system is a better course of action. :cool:

rikhall 10-21-2013 07:59 PM

Re: AIS "extremely vulnerable to hackers"
 
Quote:

Originally Posted by Classic30 (Post 1108628)
I'm sure they'd share your thoughts as they steer through known pirate zones.:

I shared a link to a BBC new item about a team that captured some pirates and sunk their two vessels. I think I read that some of the boats with AIS travelling through that area had put the words "Armed Guards on Board" in the spot where one normal puts the vessel name.

At least I think it was that article.

Rik

TakeFive 10-21-2013 10:34 PM

Re: AIS "extremely vulnerable to hackers"
 
I don't get what the big deal is here. People can also issue hoax mayday calls on other VHF channels and cause massive disruption. It happens occasionally, but not often. The AIS "hacking" that is described here is similar - you can send out false digital signals on on channels 87 and 88, and you can intentionally synchronize your signals with other ships to block their AIS transmissions. But it's really only the digital equivalent of babbling inappropriate stuff on the other voice channels.

As with the other VHF channels, I would expect that the USCG has sensing equipment that can triangulate the location of the transmitters for these false signals. And since AIS needs to re-transmit its info every 2 to 10 seconds, those transmissions may actually be much EASIER to locate than a single hoax voice transmission.

This is just a long-winded way of saying that VHF radio has never been a fully secure system, but that hasn't prevented it from being a useful system. Maybe I'm just naive, but it seems to me that the same might hold true for AIS.


All times are GMT -4. The time now is 02:06 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.1
(c) Marine.com LLC 2000-2012