Pen Test Partners LLP has alleged that hackers are capable of sinking large bulk carriers by manipulating the data loaded into them for hull stress monitoring system. By doing this they are able to deliberately able to cause an imbalance of the vessel’s cargo with the crew being unaware of what’s happening.
Catastrophic consequences:
The consequences can be catastrophic by putting the vessel under immense stress leading to breaking to hull and vessel sinking.
Ken Munro, senior partner said, “The reason it is feasible is that when HSMS were first developed, there was no concept of a vessel being connected to the internet, allowing it to be accessed remotely. Therefore, many HSMS are just PCs connected to the ships’ network. A hacker could interrupt the loading data being fed to and from the monitoring system, having previously compromised the network either via the satcom unit or a phishing e-mail”.
He further added, “Once in control, hackers can manipulate the loading of cargo and turn off any stress monitoring alarms that would alert crew to any undue strain on the vessel”.
Ship security must not be compromised:
The vendors, ship control and system reporting manufacturers have to take security seriously and must not compromise on anything that may go against the ship’s security. A master puts his faith in the stress monitoring system to alert him to any load bearing issues so the last thing he expects is for it to mis-report and threaten the very fabric of his ship.
Pen Test Partners LLP focuses mainly on penetration testing that specializes in security testing of maritime, automotive and utility control systems.
Pen Test Partners recommends that all ship managers and operators ask probing questions of their technology and control systems suppliers and demand that they prove beyond reasonable doubt that their systems are secure and will remain secure throughout their operational lifespan.
Did you subscribe for our daily newsletter?
It’s Free! Click here to Subscribe!
Source: Pen Test Partners LLP
