[ISN] Researchers Highlight Security Vulnerabilities In Ship-Tracking System

http://www.darkreading.com/attacks-breaches/researchers-highlight-security-vulnerabi/240162568 By Brian Prince Dark Reading October 11, 2013 When it works normally, the Automatic Identification System (AIS) used by ships can be a captain’s best friend, helping him or her avoid collisions on the high seas. Under the control of a hacker however, AIS could become a captain’s worst enemy. At the upcoming Hack in the Box Security Conference in Malaysia, a team of security researchers are preparing to demonstrate how an attacker could hijack AIS traffic and perform man-in-the middle attacks that enable them to turn the tracking system into a liability. AIS is an automatic tracking system intended to help identify and locate vessels electronically to help avoid collisions on the water. AIS transponders on the ships include a GPS receiver and VHF transmitter, which transmits information to other vessels or base stations. AIS is required on many vessels, including international voyage ships weighing 300 tons or more and all passenger ships regardless of size. According to Trend Micro’s Kyle Wilhoit, one of the researchers who worked on the project, says the attacks can be broken up into two categories: those that target the AIS Internet providers that collect and distribute AIS information, and those that target flaws in the actual specification of the AIS protocol used by hardware receivers in all of the vessels. Without getting too deep into the vulnerabilities ahead of the presentation, which is slated for Oct. 16, Wilhoit explains that the upstream providers fail to authenticate AIS sentences coming from ships. […]