File Photo
A researcher has warned that threat actors are able to compromise common maritime navigation systems to potentially cause chaos in the shipping industry.
As reported by the BBC[1], security researcher Ken Munro from Pen Test Partners has discovered that a ship navigation system called the Electronic Chart Display (Ecdis) can be compromised, potentially to disasterous effect.
Ecdis[2] is a system commonly used in the shipping industry by crews to pinpoint their locations through GPS, to set directions, and as a replacement to pen-and-paper charts.
The system is also touted as a means to reduce the workload on navigators by automatically dealing with route planning, monitoring, and location updates.
However, Munro suggests that a vulnerability in the Ecdis navigation system could cause utter chaos in the English channel should threat actors choose to exploit it.
TechRepublic: How Norway's $25 million 'Tesla of the Seas' aims to take autonomous shipping off-road[3]
The vulnerability, when exploited, allows attackers to reconfigure the software to shift the recorded location of a ship's GPS receiver by up to 300 meters.
This does not sound like much, but on routes that are congested with maritime vehicles, this may be enough to cause collisions -- especially when the weather and overall visibility is poor.
Munro added that the software could also be tampered with to make ships appear to be larger than their true mass.
If the software, used by many modern ships, begins to sound off alarms based on incorrect ship sizes and locations, this could cause enough disruption to prevent the English Channel's traffic from flowing smoothly.
While the public details of the bug and exploit have been limited at present to protect