WAYPOINT - Spoofing and hacking – thwarted by competent navigation

01 Jun 2016 The Navigator

Dr Andy Norris, an active Fellow of The Nautical Institute and the Royal Institute of Navigation, dives into the complex world of spoofing and hacking

Minimising risk is central to navigation. Hacking and spoofing contribute to the risks, but by following conventional best practices, we can ensure that any potential problems rapidly become apparent. Of course, we must remain fully aware of the possibilities of hacking and spoofing, not least to help ensure that our own procedures minimise the chances of a successful attack.

Our training and experience shows us that GNSS does not always give a continuous and accurate position. Assuming that it does so is a very dangerous mindset to get into. Any single system, whether for positioning, bearing measurement, depth sounding, speed or target detection, has vulnerabilities.

Our main role is to compare and integrate all the data sources available to us and make our own intelligent decisions. Information sources include ship-borne sensors, human sensors – especially our eyes – and data from electronic or paper sources on the bridge. If anything suggests that some information is unexpectedly out-of-step, we must take appropriate action, such as increasing safety margins by changing course or slowing down.

The spoofing of GNSS signals has been technically feasible for many years but, so far, has fortunately remained very rare. It’s also worth bearing in mind that the physical spoofing of a buoy or other navigational marker (e.g. by moving its physical position) has always been feasible – but rare. More likely events that can compromise navigational safety are that a buoy has drifted or a marker has been damaged.

Fortunately, it is extremely difficult for those attempting to achieve undetectable malign action to spoof everything at the same time to create a consistently misleading navigational picture. As this includes the radar information and, not least, the view from the bridge windows, it is immensely difficult to pull off successfully.

Knowledgeable human correlation of target Radar and AIS data is a useful way to detect positional errors, whether they are caused by the system itself or are malignly introduced. Keeping a close eye on data from the sonar will alert you to anyIn principle, the growing use of fully integrated navigation systems (INS) could give a highly sophisticated hacker a potential route for providing a seemingly coherent but misleading picture to the navigator, effectively by spoofing the entire display. However, the problems that must be overcome are huge, and so the probability of this happening today is extremely low. Importantly, when using an INS, a good navigator will still be checking for consistency, taking into account the view from the bridge windows and the individual displays of the primary sensors. unexpected changes in well-surveyed areas – including if a spoofer or hacker was attempting to make you go aground.

In principle, the growing use of fully integrated navigation systems (INS) could give a highly sophisticated hacker a potential route for providing a seemingly coherent but misleading picture to the navigator, effectively by spoofing the entire display. However, the problems that must be overcome are huge, and so the probability of this happening today is extremely low. Importantly, when using an INS, a good navigator will still be checking for consistency, taking into account the view from the bridge windows and the individual displays of the primary sensors.

In any waters, you will be falsely confident if you only check whether the vessel is following its planned track, especially when under the control of a trackkeeping autopilot. If the GNSS has been spoofed (or is just in error) it will continue to look as if you are consistently on track, however large the error. How good are the track checking and bridge security procedures on your vessel?

In ocean waters, regular consistency checks on the GNSS indicated position are also essential. Of course, the tie-up with the GNSS position will only be approximate, but is it believable? On an ECDIS-fitted vessel, look at using its automated DR/EP facilities to considerably ease this estimation.

Fortunately, maintaining good conventional navigational practice significantly lowers the risks of being dangerously mislead by both miscreant equipment and humans!

 

IT IS IMMENSELY DIFFICULT TO SPOOF EVERYTHING AT THE SAME TIME TO CREATE A CONSISTENTLY MISLEADING NAVIGATIONAL PICTURE


Contact RIN at: www.rin.org.uk | 1 Kensington Gore, London, SW7 2AT | Tel: +44 (0)20 7591 3134