Defending Marine Ships against Ethernet based Cyberattacks

Abstract

The maritime industry has integrated a lot of automation in electronics since past few decades and will be investing more in upcoming years. This development has reduced a lot of manual work but has also introduced a lot of security vulnerabilities. As marine ships categorize as critical infrastructure, proper security measures must be taken to reduce the attack surface. This study focuses on a possible attack strategy using ethernet based network (IEC 61162–450) which could result into potential capsize of the ship. This study refers Furuno's device manuals for forming an overview of the internal network of the ship. The attack script utilizes User Datagram Protocol to send malicious data packets into the network; specifically, injects fake Global Positioning System coordinates to implement Global Positioning System spoofing attack on Electronic Chart Display and Information System. Post that, a mitigation strategy in form of a PowerShell script is proposed. The script implements features of threat hunting as it identifies and terminates malicious programs injecting data packets into the internal network. This study proposes to implement automated threat detection and response-based program to be implemented on all Information Technology systems to reduce the impact of a possible intrusion by an external threat actor.