BRAT: A BRidge Attack Tool for Cyber Security Assessments of Maritime Systems

Hemminghaus, Christian; Bauer, Jan; Padilla, Elmar

doi:10.12716/1001.15.01.02

Cited by 20 publications

(23 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Maritime cybersecurity has increasingly become a subject of interest to researchers. Consequently, attacks against IBSs [17] and associated components such as GNSS [5], [6], NMEA [7], [32], or AIS [4], [5], [19] are well researched. In contrast, the security-related investigation of marine radar systems constitutes a critical gap in the current research landscape, even though existing research is alarming: A vulnerability scan of the shipboard radars of two oil/chemical tankers revealed a broad range of security risks (e.g., missing access control) and attack points [31].…”

Section: Related Work On Radar Cybersecuritymentioning

confidence: 99%

“…While maritime networks are supposedly water-gapped, i.e., physically isolated, they still expose significant attack surfaces. Typical attack vectors, e.g., ranging from satellite communication to human factors, can lead to compromised devices and malware implants [5], [9], [17], [33]. Even a direct compromise of the radar unit is possible, e.g., by exploiting software and operating systems [31].…”

Section: A Threat Modelmentioning

confidence: 99%

“…It is also supplemented by the automatic identification system (AIS) [4], [19], a maritime radio broadcast system to exchange identity, position, and course information of ships in geographic proximity. All these components are connected to an integrated bridge system (IBS), usually via Ethernet-based IT networks [17], [21], [25].…”

Section: Introductionmentioning

confidence: 99%

“…However, individual maritime components and the communication channels over which sensitive navigation data is transmitted are rarely secured in practice, resulting in serious risks of cyberattacks. These include attacks targeting IBSs [17] to disrupt operational processes, manipulate nautical situation pictures, or impact navigational decisions. Both can have serious consequences since accidents cause immense economic damage, as the Suez Canal incident in 2021 revealed [20], and ultimately endangers people's and the environment's safety.…”

Section: Introductionmentioning

confidence: 99%

“…While the security implications of insecure maritime systems have been well studied for typical communication protocols [7], [32], navigation systems [1], [2], [21], IBSs [3], [17], and AIS [4], [16], marine radar security has not been the focus of research so far. As many marine navigation radars rely on non-standard, often vendor-specific, and proprietary communication protocols, a comprehensive cybersecurity and threat analysis is challenging and requires the identification of inherent similarities.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset

Wolsing

Saillard

Bauer

et al. 2022

2022 IEEE 47th Conference on Local Computer Networks (LCN)

Self Cite

View full text Add to dashboard Cite

Shipboard marine radar systems are essential for safe navigation, helping seafarers perceive their surroundings as they provide bearing and range estimations, object detection, and tracking. Since onboard systems have become increasingly digitized, interconnecting distributed electronics, radars have been integrated into modern bridge systems. But digitization increases the risk of cyberattacks, especially as vessels cannot be considered air-gapped. Consequently, in-depth security is crucial. However, particularly radar systems are not sufficiently protected against harmful network-level adversaries. Therefore, we ask: Can seafarers believe their eyes? In this paper, we identify possible attacks on radar communication and discuss how these threaten safe vessel operation in an attack taxonomy. Furthermore, we develop a holistic simulation environment with radar, complementary nautical sensors, and prototypically implemented cyberattacks from our taxonomy. Finally, leveraging this environment, we create a comprehensive dataset (RadarPWN) with radar network attacks that provides a foundation for future security research to secure marine radar communication.

show abstract

Section: Related Work On Radar Cybersecuritymentioning

confidence: 99%

Section: A Threat Modelmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset

Wolsing

Saillard

Bauer

et al. 2022

2022 IEEE 47th Conference on Local Computer Networks (LCN)

Self Cite

View full text Add to dashboard Cite

show abstract

From Click to Sink: Utilizing AIS for Command and Control in Maritime Cyber Attacks

Amro

Gkioulos

2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The maritime domain is among the critical sectors of our way of life. It is undergoing a major digital transformation introducing changes to its operations and technology. The International Maritime Organization urged the maritime community to introduce cyber risk management into their systems. This includes the continuous identification and analysis of the threat landscape. This paper investigates a novel threat against the maritime infrastructure that utilizes a prominent maritime system that is the Automatic Identification System (AIS) for establishing covert channels. We provide empirical evidence regarding its feasibility and applicability to existing and future maritime systems as well as discuss mitigation measures against it. Additionally, we demonstrate the utility of the covert channels by introducing two realistic cyber attacks against an Autonomous Passenger Ship (APS) emulated in a testing environment. Our findings confirm that AIS can be utilized for establishing covert channels for communicating Command & Control (C&C) messages and transferring small files for updating the cyber arsenal without internet access. Also, the establishment and utilization of the covert channels have been found to be possible using existing attack vectors and technologies related to a wide range of maritime systems. We hope that our findings further motivate the maritime community to increase their efforts for integrating cyber security practices into their systems.

show abstract

Cyber risk management for autonomous passenger ships using threat-informed defense-in-depth

Amro

Gkioulos

2022

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Recent innovations in the smart city domain have led to the proposition of a new mode of transportation utilizing Autonomous Passenger Ships (APS) or ferries in inland waterways. The novelty of the APS concept influenced the cyber risk paradigm and led to different considerations regarding attack objectives, techniques as well as risk management approaches. The main factor that has led to this is the autoremote operational mode, which refers to autonomous operations and remote supervision and control in case of emergency. The autoremote operational mode influences the risk of cyber attacks due to the increased connectivity and reliance on technology for automating navigational functions. On the other hand, the presence of passengers without crew members imposes a safety risk factor in cyber attacks. In this paper, we propose a new cyber risk management approach for managing the cyber risks against cyber physical systems in general and Autonomous Passenger Ships in particular. Our proposed approach aims to improve the Defense-in-Depth risk management strategy with additional components from the Threat-Informed Defense strategy allowing for more evolved cyber risk management capabilities. Moreover, we have utilized the proposed cyber risk management approach for the proposition of a cybersecurity architecture for managing the cyber risks against an APS use case named milliAmpere2. Additionally, we present our results after conducting a Systematic Literature Review (SLR) in cybersecurity evaluation in the maritime domain. Then, the findings of the SLR were utilized for a suitable evaluation of the proposed risk management approach. Our findings suggest that our proposed risk management approach named Threat-Informed Defense-in-Depth is capable of enriching several risk management activities across different stages in the system development life cycle. Additionally, a comprehensive evaluation of the cybersecurity posture of milliAmpere2 has been conducted using several approaches including risk evaluation, simulation, checklist, and adversary emulation. Our evaluation has uncovered several limitations in the current cybersecurity posture and proposed actions for improvement.

show abstract

BRAT: A BRidge Attack Tool for Cyber Security Assessments of Maritime Systems

Cited by 20 publications

References 21 publications

Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset

Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset

From Click to Sink: Utilizing AIS for Command and Control in Maritime Cyber Attacks

Cyber risk management for autonomous passenger ships using threat-informed defense-in-depth

Contact Info

Product

Resources

About