KEEPING THE ECDIS SECURE ABOARD YOUR SUPERYACHT

Written by Yachting Pages| with thanks to ChartCo

Last updated: 08/07/2019

Electronic Chart Display and Information Systems (ECDIS) are routinely used by superyachts instead of paper charts, but how secure are they and what can you do to ensure that they aren’t hacked or corrupted?

ECDIS displaySuperyacht

What is the biggest weakness in your cyber security?

Humans.

Crew charging their phones using USB ports on the ECDIS. Contractors plugging in USB memory devices to upload software onto the system and malware inadvertently being uploaded as the phone charges.

Three other ways that your ECDIS could be infected with malware are as a result of introducing or updating your ENCs:

  • An infected USB memory device that is plugged into the ECDIS to upload ENCs
  • An infected CD that is used for ENC updates
  • A direct link between the ECDIS and the ships satellite communications link

Additionally, if your ECDIS is using older operating systems that are no longer supported this makes access easier for hackers and minimises defence against malware.

On new modern superyachts, this will be less of a problem as the operating systems will be state-of-the-art. Ultimately the security of your operating system is dependent on installing all of the security and user updates provided by the operating system provider.

As mentioned earlier the direct link between the ECDIS and the ship's communication satellite link is an entry point that can be exploited by hackers. If you update your ENC’s live via VSAT, vulnerabilities in the connection could allow for attacks that disrupt the ECDIS, spoof data or even deny access to the navigation system by the crew.

Superyacht renderingECDIS night mode

What are the consequences of a hacked ECDIS?

If your ECDIS is hacked you could be effectively blind and not know it. If the ECDIS is left in charge of steering your superyacht, as is often the case, a hacker could easily crash the yacht, especially in adverse weather conditions or spoof the ECDIS to believe the GPS was in a different place causing it to correct course and go off in the wrong direction.

By changing the GPS footprint to make the ECDIS think your yacht was much bigger than it was they could fool the system into thinking it was about to be in a collision and alter course. The ECDIS also send data to other vessels who would believe a collision was imminent and also alter course, effectively jamming busy superyacht routes, for example the Straits of Gibraltar.

If this were to happen around a busy marina such as Port Hercule, Monaco it could cause chaos.

Dependent on where you are sailing, a potentially more serious threat could be from increasingly sophisticated pirates who want to monetise their hack by kidnapping the extremely wealthy owner or their family to extort money in return for their release.

This may sound extreme, but it is not beyond the bounds of possibility.

ECDIS systemLuxury superyacht

How do you keep your ECDIS secure?

To minimise the risk of an attack there are a number of solutions to consider:

  • Purchase a cyber secure USB that encrypts the data and has in built virus protection. ChartCo has such a product to do this. The OneOcean Vault has A Military grade 256-bit AES encryption ensuring a secure data exchange on the Bridge.
  • Install a system that blocks attacks both internally through plugged in USB devices and externally by protecting data that is delivered from an external source to your superyacht.
  • Secure your passwords. Admin/1234 is not a strong password, don’t give a hacker admin privileges across your entire on-board network.
  • Download encrypted chart updates onto a USB drive, check it on a remote PC for malware and viruses and then upload the updated charts.
  • Update the operating system that your ECDIS is run on. If it is out of date and no longer getting security patches, it’s time to change.
  • However the most robust option has been developed by an Israeli team at Naval Dome that has developed a system that can block attacks both internally through plugged in USB devices and externally by protecting data that is delivered from an external source to your superyacht.

    Keeping your data secure whether afloat or on land is essential and will prevent the dangerous and expensive consequences that can occur as a result of your system being compromised. Read our maritime security guides for more information about the different security threats a superyacht can face and how to keep your superyacht safe.

    Keeping the ECDIS secure aboard your superyacht

    Keeping the ECDIS secure aboard your superyacht
    Yachting Pages

    Yachting Pages

    220 92

    KEEPING THE ECDIS SECURE ABOARD YOUR SUPERYACHT

    Written by Yachting Pages| with thanks to ChartCo

    Last updated: 08/07/2019

    Electronic Chart Display and Information Systems (ECDIS) are routinely used by superyachts instead of paper charts, but how secure are they and what can you do to ensure that they aren’t hacked or corrupted?

    ECDIS displaySuperyacht

    What is the biggest weakness in your cyber security?

    Humans.

    Crew charging their phones using USB ports on the ECDIS. Contractors plugging in USB memory devices to upload software onto the system and malware inadvertently being uploaded as the phone charges.

    Three other ways that your ECDIS could be infected with malware are as a result of introducing or updating your ENCs:

    • An infected USB memory device that is plugged into the ECDIS to upload ENCs
    • An infected CD that is used for ENC updates
    • A direct link between the ECDIS and the ships satellite communications link

    Additionally, if your ECDIS is using older operating systems that are no longer supported this makes access easier for hackers and minimises defence against malware.

    On new modern superyachts, this will be less of a problem as the operating systems will be state-of-the-art. Ultimately the security of your operating system is dependent on installing all of the security and user updates provided by the operating system provider.

    As mentioned earlier the direct link between the ECDIS and the ship's communication satellite link is an entry point that can be exploited by hackers. If you update your ENC’s live via VSAT, vulnerabilities in the connection could allow for attacks that disrupt the ECDIS, spoof data or even deny access to the navigation system by the crew.

    Superyacht renderingECDIS night mode

    What are the consequences of a hacked ECDIS?

    If your ECDIS is hacked you could be effectively blind and not know it. If the ECDIS is left in charge of steering your superyacht, as is often the case, a hacker could easily crash the yacht, especially in adverse weather conditions or spoof the ECDIS to believe the GPS was in a different place causing it to correct course and go off in the wrong direction.

    By changing the GPS footprint to make the ECDIS think your yacht was much bigger than it was they could fool the system into thinking it was about to be in a collision and alter course. The ECDIS also send data to other vessels who would believe a collision was imminent and also alter course, effectively jamming busy superyacht routes, for example the Straits of Gibraltar.

    If this were to happen around a busy marina such as Port Hercule, Monaco it could cause chaos.

    Dependent on where you are sailing, a potentially more serious threat could be from increasingly sophisticated pirates who want to monetise their hack by kidnapping the extremely wealthy owner or their family to extort money in return for their release.

    This may sound extreme, but it is not beyond the bounds of possibility.

    ECDIS systemLuxury superyacht

    How do you keep your ECDIS secure?

    To minimise the risk of an attack there are a number of solutions to consider:

  • Purchase a cyber secure USB that encrypts the data and has in built virus protection. ChartCo has such a product to do this. The OneOcean Vault has A Military grade 256-bit AES encryption ensuring a secure data exchange on the Bridge.
  • Install a system that blocks attacks both internally through plugged in USB devices and externally by protecting data that is delivered from an external source to your superyacht.
  • Secure your passwords. Admin/1234 is not a strong password, don’t give a hacker admin privileges across your entire on-board network.
  • Download encrypted chart updates onto a USB drive, check it on a remote PC for malware and viruses and then upload the updated charts.
  • Update the operating system that your ECDIS is run on. If it is out of date and no longer getting security patches, it’s time to change.
  • However the most robust option has been developed by an Israeli team at Naval Dome that has developed a system that can block attacks both internally through plugged in USB devices and externally by protecting data that is delivered from an external source to your superyacht.

    Keeping your data secure whether afloat or on land is essential and will prevent the dangerous and expensive consequences that can occur as a result of your system being compromised. Read our maritime security guides for more information about the different security threats a superyacht can face and how to keep your superyacht safe.