by Austin Bay
August 11, 2021
On Aug. 9, U.S. Secretary of State Antony Blinken promised to punish Iran for attacking an oil tanker near the entrance to the Persian Gulf. He specifically mentioned an attack that occurred in late July. An explosive blast killed two crewmen. The Defense Department believes Iran used drones to deliver the munitions.
The safety of commercial tankers, freighters and barges matters a great deal. Ships transport natural resources, food and manufactured goods; all told, they move roughly 90% of the world's annual trade in volume and value.
Physical attacks on ships like the one Blinken condemned leave physical evidence. Pirate attacks have their own category: theft at sea. Attacks by aerial drones, robot ships, commandos and saboteurs may give a nation-state plausible deniability, but the physical evidence offers leads.
However, sea cyberhacking and hijacking is emerging as a real threat to the global economy and environment.
A sea cyberhijacking can turn an oil tanker into a very large navigation hazard. In March 2021, a huge container ship blocked the Suez Canal. That accident disrupted the global supply chain. Intentionally blocking a canal with a cyberhijacked supertanker can hold an economy hostage and prevent the transit of an adversary's warships without firing a shot.
Conceivably, hackers can steer the ship themselves and use it to ram other vessels or smash seaport infrastructure. A supertanker driven onto a reef could dump a million barrels of oil and produce an environmental disaster.
Admittedly, there have been relatively few reports of cyberattackers successfully hacking a ship at sea. However, on Aug. 3, The Associated Press quoted MarineTraffic.com as reporting six oil tankers in the Gulf of Oman had announced near-simultaneously that their Automatic Identification System (AIS) trackers were "not under (their own) command." That usually means the ship cannot steer and may have lost power.
Over the last 20 years, large commercial ships have increasingly relied on digital automated control and remote monitoring systems. These systems allow ships to sail with smaller crews. Digital sensors also improve overall mechanical performance and lower operating costs.
Digital reliance, however, opened routes for cyberattacks at sea -- real cyberpiracy.
In April 2014, Reuters published a short but sobering analysis that mentioned three key shipboard cyber vulnerabilities: GPS, marine AIS "and a system for viewing digital nautical charts called Electronic Chart Display and Information System (ECDIS)."
The maritime industry knows its seaports and ships are vulnerable. To be fair, industry officials recognized potential vulnerabilities two decades ago.
Now attacks are accelerating. In an article published in July 2020, The Maritime Executive magazine reported: "In 2017 there were 50 significant OT (Operational Technology) hacks reported, increasing to 120 in 2018 and more than 310 last year. 2020 is expected to end with more than 500 major cybersecurity breaches, with substantially more going unreported."
Most of the reported hacks targeted seaports. For example, hackers have disabled cranes. Seaport cranes are land-based technology but are vital to the shipping industry and the global supply chain.
The industry, however, is deeply worried about ships at sea. Spoofing GPS on commercial vessels has occurred and caused them to go off course. Maritime Executive quoted cybersecurity expert Robert Rizika as expecting "cyber-induced environmental pollution" attacks using ships in a seaport. According to Rizika, hackers could "easily over-ride (ship) systems and valves to initiate leaks and dump hazardous materials, ballast water, (and) fuel oil ... " That's another version of the "intentional environmental disaster" scenario.
The "remote hacker in control of the vessel" scenario isn't totally theoretical. The 2014 Reuters article mentioned an April 2014 cyberattack on a floating oil rig somewhere off the African coast. The attacker "managed to tilt a floating oil rig to one side ... forcing it to shut down." According to Reuters' source, "it took a week to identify the cause and fix (it)."
At-sea cyberpiracy is a security threat in need of immediate answers.