Is GPS hacking causing U.S. Navy ships to crash?

Electronic navigation, other systems boost safety but also can create deadly risks

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

For years, secu­ri­ty researchers and con­sumers have been fix­at­ed on con­cerns around hack­ing cars. Maybe they should wor­ry about ship hack­ing instead.

Bob Sul­li­van, jour­nal­ist and one of the found­ing mem­bers of msnbc.com

Sev­er­al recent col­li­sions involv­ing U.S. naval ves­sels have sparked spec­u­la­tion that some­one or some­thing is inter­fer­ing with the ships’ abil­i­ty to steer clear of oth­er ves­sels in busy waters. The strik­ing sim­i­lar­i­ties between Monday’s inci­dent involv­ing the Navy destroy­er USS John S. McCain, and June’s inci­dent involv­ing anoth­er destroy­er, the Fitzger­ald, sug­gest to observers some kind of sys­temic prob­lem. Both ships are part of the U.S. Navy’s 7th Fleet, based in Japan.

Relat­ed arti­cle: Why pas­sen­ger jet­lin­ers are sus­cep­ti­ble to being hacked

Spec­u­la­tion that the ships were hacked was fueled in part by a report on CNN that the McCain expe­ri­enced a “steer­ing fail­ure” that caused it to col­lide with an oil tanker.

Adm. Scott H. Swift denied that to The New York Times, however.

No sign of fail­ure or hack … at first glance

The admi­ral said there were no signs of fail­ure in the ship’s steer­ing sys­tem or of a cyber attack, two pos­si­bil­i­ties that have been men­tioned in news reports,” the Times report­ed. “But he not­ed that the inves­ti­ga­tion was in its ear­li­est stages and said, ‘We are not tak­ing any con­sid­er­a­tion off the table.’ ”

Chief of Naval Oper­a­tions Adm. John Richard­son tweet­ed the same point Mon­day, but it was hard to tell if he was tamp­ing down hack­ing con­cerns or leav­ing the door open to the possibility.

2 clar­i­fy Re: pos­si­bil­i­ty of cyber intru­sion or sab­o­tage, no indi­ca­tions right now … but review will con­sid­er all pos­si­bil­i­ties,” he wrote.

Ear­ly spec­u­la­tion has focused on GPS-based nav­i­ga­tion sys­tems, and for good rea­son. There’s plen­ty of dis­cus­sion inside and out­side the mil­i­tary about the poten­tial for tam­per­ing with GPS.

Tried and true nav­i­ga­tion method

In the Navy, con­cerns run so deep that the Naval Acad­e­my recent­ly re-insti­tut­ed old-fash­ioned nav­i­ga­tion train­ing, teach­ing cadets the cen­turies-old tech­nique of steer­ing by the stars.

The Navy stopped train­ing its ser­vice mem­bers to nav­i­gate by the stars about a decade ago, focus­ing instead on elec­tron­ic nav­i­ga­tion­al sys­tems,” NPR report­ed last year. “But fears about the secu­ri­ty of the Glob­al Posi­tion­ing Sys­tem and a desire to return to the basics of naval train­ing are push­ing the fleet back toward this ancient method of find­ing a course across open water.”

Real-life inci­dents sup­port GPS hack­ing con­cerns. The U.S. Mar­itime Admin­is­tra­tion report­ed a sus­pi­cious GPS fail­ure in the Black Sea back in June.

The RNT Foun­da­tion has received numer­ous anec­do­tal reports of mar­itime prob­lems with AIS and GPS in Russ­ian waters, though this is the first pub­licly avail­able, well-doc­u­ment account, of which we are aware,” wrote Maritime-Executive.com at the time. “An appar­ent mass and bla­tant GPS spoof­ing attack involv­ing over 20 ves­sels in the Black Sea last month has nav­i­ga­tion experts and mar­itime exec­u­tives scratch­ing their heads. … The back­sto­ry is way more inter­est­ing and disturbing.”

One event doesn’t make a disaster

Jammed GPS shouldn’t be enough to cause mod­ern war­ships to col­lide with lum­ber­ing freighters. As Michael Crich­ton explained with great detail in the book Air­frame—a dis­cus­sion of plane crashes—these kinds of cat­a­stro­phes always require an “event cas­cade.” They involve mul­ti­ple fail­ures, by both human and machines and, in par­tic­u­lar, back­up sys­tem failures.

In oth­er words, while bad soft­ware could cre­ate a sit­u­a­tion that would let a hack­er dri­ve a car into a ditch, it’s unfath­omable that a glitch would lead to a naval ves­sel col­li­sion. Jeff Stutz­man, chief intel­li­gence offi­cer at Wapack Labs, a New Boston, New Hamp­shire, cyber intel­li­gence ser­vice, made this point in an inter­view with the McClatchy News Co.

When you are going through the Strait of Malac­ca, you can’t tell me that a Navy destroy­er doesn’t have a full nav­i­ga­tion team going with full look­outs on every wing and extra peo­ple on radar,” Stutz­man said.

On the oth­er hand, it’s easy to imag­ine the chaos that could occur if there were a seri­ous elec­tron­ic fail­ure in the mid­dle of a busy ship­ping chan­nel. Ships are alert­ed to oth­er near­by ves­sels by an Auto­mat­ic Iden­ti­fi­ca­tion Sys­tem, or AIS. When they get too close, alarms sound. But as one ship cap­tain told me, per­haps the alarms were ignored.

In a crowd­ed ship­ping chan­nel … my AIS would alarm very fre­quent­ly. … To the point where ‘alarm fatigue’ would set in,” he said.

If the naval ships involved in these recent inci­dents were some­how hacked, very few peo­ple would know—and it’s pos­si­ble that infor­ma­tion would nev­er be released. But one thing seems cer­tain: elec­tron­ic sys­tems, like dri­ve-by-wire in cars, can make trans­porta­tion much more safe, but we can’t be blind to the new risks it cre­ates. Lives are at stake.

More sto­ries relat­ed to sys­tem hacking:
Who’s in the driver’s seat? Car hack­ing wor­ries multiply
Hacked sirens should serve as warn­ing that bet­ter infra­struc­ture secu­ri­ty is needed
Sophis­ti­cat­ed tools help pro­tect lega­cy indus­tri­al systems

 

 


Posted in Featured Story