Penetration testing experts Pen Test Partners highlighted that hackers could potentially sink a bulk carrier by manipulating the loading data of its hull stress monitoring systems (HSMS) to deliberately cause an imbalance of cargo.
The crew of the vessel would be unaware of the imbalance which could lead to catastrophic consequences with the vessel breaking up and sinking.
“The reason it is feasible is that when HSMS were first developed, there was no concept of a vessel being connected to the internet, allowing it to be accessed remotely. Therefore, many HSMS are just PCs connected to the ships’ network,” said senior partner, Ken Munro.
“A hacker could interrupt the loading data being fed to and from the monitoring system, having previously compromised the network either via the satcom unit or a phishing e-mail.”
“Once in control, hackers can manipulate the loading of cargo and turn off any stress monitoring alarms that would alert crew to any undue strain on the vessel,” he claimed.
Pen Test Partners said that HSMS vendors and all ship control and reporting system manufacturers need to take security very seriously.
While issuing this warning of potentially dire consequences this left the question as to why hackers would want to attack a bulker in this way.
Asked by Seatrade Maritime News, Munro explained that it could be: "A competitor port, competitor shipping line, someone trying to influence commodity prices, damage a country, block a deep water channel, stop production somewhere, any number of different motivations.
"Or maybe just because they can. There’s plenty of evidence already of kiddie hackers taking out systems because they can."
Copyright © 2024. All rights reserved. Seatrade, a trading name of Informa Markets (UK) Limited. Add Seatrade Maritime News to your Google News feed.
