The At-Sea Cyberhack Hijack Is Now a Real Threat
On Aug. 9, U.S. Secretary of State Antony Blinken promised to punish Iran for attacking an oil tanker near the entrance to the Persian Gulf. He specifically mentioned an attack that occurred in late July. An explosive blast killed two crewmen. The Defense Department believes Iran used drones to deliver the munitions.
The safety of commercial tankers, freighters and barges matters a great deal. Ships transport natural resources, food and manufactured goods; all told, they move roughly 90% of the world's annual trade in volume and value.
Physical attacks on ships like the one Blinken condemned leave physical evidence. Pirate attacks have their own category: theft at sea. Attacks by aerial drones, robot ships, commandos and saboteurs may give a nation-state plausible deniability, but the physical evidence offers leads.
However, sea cyberhacking and hijacking is emerging as a real threat to the global economy and environment.
A sea cyberhijacking can turn an oil tanker into a very large navigation hazard. In March 2021, a huge container ship blocked the Suez Canal. That accident disrupted the global supply chain. Intentionally blocking a canal with a cyberhijacked supertanker can hold an economy hostage and prevent the transit of an adversary's warships without firing a shot.
Conceivably, hackers can steer the ship themselves and use it to ram other vessels or smash seaport infrastructure. A supertanker driven onto a reef could dump a million barrels of oil and produce an environmental disaster.
Admittedly, there have been relatively few reports of cyberattackers successfully hacking a ship at sea. However, on Aug. 3, The Associated Press quoted MarineTraffic.com as reporting six oil tankers in the Gulf of Oman had announced near-simultaneously that their Automatic Identification System (AIS) trackers were "not under (their own) command." That usually means the ship cannot steer and may have lost power.
Over the last 20 years, large commercial ships have increasingly relied on digital automated control and remote monitoring systems. These systems allow ships to sail with smaller crews. Digital sensors also improve overall mechanical performance and lower operating costs.
Digital reliance, however, opened routes for cyberattacks at sea -- real cyberpiracy.
In April 2014, Reuters published a short but sobering analysis that mentioned three key shipboard cyber vulnerabilities: GPS, marine AIS "and a system for viewing digital nautical charts called Electronic Chart Display and Information System (ECDIS)."