Cyber suspicions floated after latest ship collision
- By Matt Leonard
- Aug 22, 2017
When the Navy destroyer John S. McCain crashed into an oil tanker off the coast Singapore on Aug. 7, it was the second Navy ship to collide with a commercial vessel this summer. The cause of the crash is under investigation, and the possibility that it could have been a “cyber intrusion or sabotage” has not been ruled out.
Chief of Naval Operations Adm. John Richardson said on Twitter that there was no indication that the wreck was caused by a cyberattack, but that the “review will consider all possibilities.”
A Navy official told CNN that the McCain suffered a steering failure as it was beginning its approach to the Strait of Malacca, a narrow waterway through with some 100,000 boats pass each year.
But others wonder how such a collision could happen.
Jeff Stutzman, an ex-information warfare specialist in the Navy who works at Wapack Labs, told McClatchy that it looks like “something more than just human error going on because there would have been a lot of humans to be checks and balances." And in a busy waterway like the
Strait of Malacca, ships usually take every precaution in terms of navigation, he said.
“Statistically, it looks very suspicious, doesn’t it?” Todd E. Humphreys, a GPS expert and professor at the University of Texas at Austin told CSO.
In 2013 Humphreys and his students used GPS spoofing to take control of a 65-meter, $80 million super yacht in the Ionian Sea to illustrate the potential risks of relying on GPS signals for navigation.
While it’s not clear at this point what caused the collision, the Navy is certainly aware that ships are vulnerable to cyberattacks and has taken steps to harden its onboard systems.
Earlier this year, the Navy hosted a Hack-Our-Ship event in which private-sector hackers tried to penetrate the security systems of U.S. Navy warships.
In one challenge, hackers tried to penetrate ship systems through Booz Allen Hamilton's “boat in a box” software, which simulates the systems that are used to control Navy fleets, including communication interfaces, automatic recognition systems that prevent collisions and weather satellite radio systems.
Navigation issues were addressed at the hackathon with a sprint that identified safer alternatives to GPS for maritime Precision Navigation and Timing.
The GPS signals used for navigation are relatively weak, making signal spoofing a serious concern. GPS jamming and spoofing have become so prevalent and potentially disruptive to public safety that the Department of Homeland Security has been conducting First Responder Electronic Jamming Exercises for the last two years.
In April, DHS' Science and Technology Directorate invited manufacturers of commercial GPS receivers used in critical infrastructure test their equipment in a rarely available live-sky spoofing environment.
And some politicians and advocates support a technology called eLoran, which uses radio signals for positioning, to act as a backup for GPS.
Matt Leonard is a former reporter for GCN.