From wire-guided torpedos, anti-air warfare sensors, dipping sonar and high power microwave to disable outboard motors of hostile vessels, capabilities in the communication systems provide the decisive advantages to military operations in the high seas.
Communication systems – including Internet, telecommunications – with computers, embedded processors and controllers, form the interdependent network that make up Cyberspace, which is widely acknowledged to be the 5th dimension of warfare that coexists with the traditional four – land, sea, air and space.
Defending this Cyberspace, used for synchronizing, storing, coordinating and protecting information, is therefore critical to the success of the military’s mission – not unlike in the commercial sector.
However, the threat actors targeting the military cyber assets are typically state-sponsored. The treasure trove of information of extreme sensitivity is without a doubt a favored target for causing impactful conflicts and disruption, and effective gathering and compromise of intelligence. One case reported in Singapore was a 2017 attack on the system used at military premises which resulted in the theft of the personal data of about 850 national servicemen and Ministry of Defence employees.
“Traditional threats (land, maritime and air-based) continue to persist, with increasing volume of maritime traffic and emergent threat of transnational maritime terrorism, piracy and sea robberies. Technological advancements and digitisation have also led to cyber-related threats, prompting military strategies to integrate technologies to manage both traditional and digital threats”, said Mr Leck Chet Lam (Managing Director, Experia Events Pte Ltd) at IMDEX Asia 2019, the Asia-Pacific’s biennial maritime defense event for naval and maritime stakeholders (14TH – 16TH May 2019, Changi Exhibition Centre).
The twin considerations of innovation and security were reflected at IMDEX Asia 2019 International Maritime Security Conference business forums – “Cybersecurity in the Maritime Domain” and “Innovation in the Maritime Domain”.
One example of the increasingly parallel conversations surrounding these two themes is the land-based autonomous vehicles. Much technological advances are being observed, and at the same time, the implications for security, safety, privacy and ethics of, are well-publicised. Unmanned vessels face similar debates, but the goals of threat actors and the maturity of threats across these four components of security, safely, privacy and ethics differ.
Very often, attacks on onboard communication systems of vessels involve some form of GPS jamming. Systems are also manipulated to affect navigation routes. Though threat scenarios are not as dramatic as the movie Speed 2 where a hacker sent a cruise liner onto a collision course with an oil tanker, weak encryption or authentication of Automatic Identification System (AIS) protocols have been known to be exploited leading to spoofed positional data, rendered disappearance, or even denial-of-service.
These incidents underscore the importance of secured communication systems of autonomous vessels that are necessarily equipped with a sensor package of AIS, navigation radar, differential GPS.
Yet, attacks on the military assets deployed in the high seas are rare. Known attacks target the onshore communication systems, such as the 2016 case of a stolen laptop leading to the leak of personal information of US current and former sailors.
However, as the forces of innovations intensify the volume of onshore-offshore information exchanged, securing the expansive and congested communications network against intrusion is more and more critical to the military’s mission success.
This means understanding and prioritizing what to defend.
“John Lee, Senior Manager, Information Security and CERT Ops, Wärtsilä Maritime Cyber Center of Excellence. Photo credit: IMDEX ASIA 2019.”
As John Lee, Senior Manager, Information Security and CERT Ops, Wärtsilä Maritime Cyber Center of Excellence noted at the “Cybersecurity in the Maritime Domain forum, “we live in an uncertain world and due to the need for connectivity, we put ourselves at risk. We need to understand who is assessing us and who is looking at our assets”.
