Back in the day, the thought of someone hacking your computer was terrifying. Perhaps because that computer was the only device that could actually be hacked. Hacking was new to us, and we were constantly warned that someone might be watching us online.
We didn’t have smartphones, e-banking, and smart wallets, but we were still careful. And, if someone did manage to hack us, the amount of data that was at risk was minimal, when compared to the present situation.
As mobile technology was conquering the world, the threat of hackers drastically increased. Mobile banking and storage clouds were gaining more and more users, leading us to a constant threat of fake links, profiles, and spams.
So, we got the point where if someone does hack your phone or computer, it’s almost like you lost everything you ever had. Credit cards, personal information, and files – everything would be endangered.
But, what happens if someone hacks a yacht? Although we are not all lucky owners of luxury yachts, the fact that someone can actually hack a boat does sound threatening.
Modern yachts might have major security problems
Nowadays, anything that is considered to be “modern” is usually equipped with the latest high-tech devices. Of course, these devices are connected to the Internet – the center of all potential threats.
According to the latest findings, modern yachts contain a pack of IoT devices. This pack consists of switches and routers which have an internet connection and therefore, can easily be hacked.
Thanks to their ability to connect to the Internet through featured devices, yachts are facing potential security problems.
This is due to various technical factors such as unprotected internet connection, navigation, and infotainment system, which are usually connected to the same network as other yachts technologies feature. Some were developed before modern security standards so they might not completely cope.
Yachts generally have a vulnerable onboard network
This issue was addressed by Stephen Gerling, a representative of the ROSEN Group. He recently explained during the Security Summit 2018 conference thatthe onboard network of yachts is usually pretty vulnerable.
As Stephen pointed out, a yacht’s network system includes everything from GPS, radar, autopilot, vessel traffic service to different control systems. These contain cameras, engine control, monitoring, depth sounders and more. All features of the yacht’s network are connected through a bus based on the “plug-and-play” NMEA standards.
Electronic yacht tools are not constantly connected to the internet. However, even when they are offline, there is still a risk of a potential hacker attack. These potential threats include problems such as GPS jamming, AI, and GPS spoofing and – some have already happened.
These types of attacks allow hackers to alter various information such as ship’s speed and position. This data is usually collected by an automatic identification system to inform the harbour and avoid potential collisions and accidents. Therefore, these attacks are categorized as high threats as they might result in tragedy and high human casualties.
Infotainment networks are also at risk
Infotainment networks are those we use on an everyday basis. They include routers and switches such as Wi-Fi points, VoIP phones and smart TVs and allow the user or boat’s owner to remotely control and monitor the system. On the other hand, this network can also be hacked.
As the user can easily monitor the system on a smartphone or tablet, each time the control app get open, FTP connection is established and the XML file downloaded. To put it simply, criminals and hackers can easily access routers credentials, passwords and router configuration.
Taking control of infotainment system allows hackers and cybercriminals to interfere and intercept traffic and video surveillance. This opens the door to various criminal activities, from espionage to attacking every device with Wi-Fi connection, which eventually leads to major security problems and thefts.
Although there isn’t any firm solution to the potential threats and problems, security experts recommend that yacht owners carefully choose manufacturers when installing the system in order to prevent leakage of sensitive information and possible business negotiations. In the meantime, manufacturers are advised to tighten up the security and FTP protocol.