Defense Media Network

Cybersecurity Threats to Navigational Systems

 

Another Coast Guard system that the service stands ready to protect is Rescue 21, an advanced command, control, and direction-finding communications system created to better locate mariners in distress at sea and on navigable rivers. As a replacement for the National Distress and Response System, Rescue 21 uses a series of shore-based towers to generate lines of bearing to the source of VHF radio transmissions. With coverage out to more than 20 nautical miles from shore, it can more accurately pinpoint the location of callers in distress, improve coordination with other federal, state, and local first responders, and identify hoax calls that otherwise would tie up valuable response resources.

Coast Guard C3CEN ERF

A magnet is charged by the prototype of the magnet recondition system at Command, Control and Communications Engineering Center (C3CEN) electronic repair facility (ERF) at the Coast Guard Yard in Baltimore, Md., March 8, 2012. The prototype was created by Petty Officer 2nd Class Justin Lawrence, a member of C3CEN ERF’s short range aids to navigation department. U.S. Coast Guard photo by Petty Officer 3rd Class Jonathan Lindberg

Subject-matter expertise for maritime critical infrastructure cybersecurity, to include ATON, lies with the Coast Guard Cyber Command (CGCYBERCOM). CGCYBERCOM was established in 2009 under the leadership of Rear Adm. Bob Day, and is charged with protecting the service’s information and information systems and monitoring vulnerabilities to the growing threat of cyber attacks. CGCYBERCOM’s responsibilities are more operational than technical, and include partnering with other Coast Guard elements such as Telecommunications and Information Systems Command and NavCen to ensure the availability of networks that support systems mariners use for navigation and other critical alert information.

“One of our missions is to work as subject-matter experts for the deputy commandant for operations to support our partners on how cyber attacks might impact our ports and waterways. A big part of that is working with the Defense Department [DoD] and the intelligence community to gather indications and warnings of threats,” according to Cmdr. Cliff Neve, CGCYBERCOM’s chief of strategic planning.

“DoD has a lot of resources focused on determining what types of emerging technologies pose threats, so one of the strengths the Coast Guard has, as a military organization, is working well with our sister services in DoD. And as a component of the Department of Homeland Security [DHS], we are able to translate the strengths of DoD into DHS missions and vice versa.”

CGCYBERCOM has three primary missions, he said, starting with protection of Coast Guard networks that support critical systems, such as Rescue 21.

“Second is working with port partners and mariners to identify critical information needed to assess cyber risks to critical infrastructure and determine what types of mitigation can be put in place. Mitigation could include a secondary system, or strong hardening of one system, or finding alternate ways to do business. A key concept is resilience, being able to restore things to normal after an attack,” Neve explained. “It is crucial to fight through cyber attacks and information system outages, including those that occur due to natural disasters and accidental outages.”

Because every port is different, the communications requirements to keep a port running and the amount of automation involved can vary significantly.

“The more a port is automated, the more surface area there is for a cyber threat. So you have to identify the risks to navigation and port operations on a port-by-port basis, then mitigate those. Actually, there is little difference there between cyber attacks and some other physical forms of disruption,” he continued.

“Our third cyber mission is building a decisive advantage for Coast Guard mission execution. By that, I mean leveraging the cyber domain to gather intelligence and deal with other information required to execute Coast Guard missions. That is the most nascent of our missions because, as technologies continue to emerge, more and more operations are created to leverage the cyber domain.”

Turning to GPS, which has become key to Coast Guard aids to navigation, search and rescue, law enforcement at sea, etc., Neve said while it is not a specific CGCYBERCOM mission, it is part of the overall mission set and the subject of discussion, threat assessment, and cooperation within the service and with other agencies.

“It is well documented that GPS can be jammed. The good news is that a jamming device usually only has local impacts; the bad news is that is pretty easy to do,” he said. “The two things that are impacted most are navigation and timing. A lot of devices – network equipment, cellular towers, etc. – utilize GPS for timing. So while navigation degradation is an obvious byproduct of an attack on GPS, timing is potentially more troubling.

ATON check posthurricane

Petty Officer 2nd Class Christopher Shore double-checks a buoy’s placement against a paper chart aboard a 25-foot response boat-small from Coast Guard Station Portsmouth, on the Elizabeth River, Aug. 28, 2011. The smallboat crew from Station Portsmouth gauged the operability of numerous aids to navigation in the greater Norfolk area after weathering the winds of Hurricane Irene. U.S. Coast Guard photo by Petty Officer 3rd Class Stephen Lehman

“Control systems within the transit community and almost every computer system need timing to properly operate. For example, for voice conversations – most of which are packetized and sent over an Internet Protocol [numeric address] network – it is important those packets are reassembled in the right order. Sometimes the packets take different routes to a common destination, so if the timing is off, voice and data transmissions could be garbled.”

In a 2010 briefing, the Coast Guard reported a typical cyber month at USCG.mil included 12 million inbound emails hitting network gateways with 25,000 infections or malicious payloads (nearly half of all incoming emails are rejected as spam) and 175 internal information assurance incidents (inappropriate use, information disclosure, or transmission of classified material). Since then, Neve said, those numbers have continued to grow.

“That’s a function of adversaries having more tools at their disposal to automate attacks. We have been active in raising the awareness of the end user to the threat because an end user who does not understand computer security policies can be the greatest threat. But our Coast Guard users are becoming more intelligent about computer hygiene – enforcing policy, training, awareness campaigns, etc.,” he said. He added that for internal Coast Guard cyber training and awareness, CGCYBERCOM enjoys an excellent partnership with the chief information security officer, Capt. Dave Dermanelian, and his staff.

“We have also partnered with the maritime community in several forums to discuss cyber threats, such as a joint TSA [Transportation Security Administration]/CG/transportation sector cyber conference the past couple of years, where we were able to make more people aware of the cyber threat and good security practices. So while the attack vectors have increased, we also have become better at recognizing those. And by establishing a central cyber element, which is a force multiplier, the Coast Guard has made a significant investment and commitment to cybersecurity.”

As those seeking to disrupt U.S. maritime traffic become more sophisticated about the ever-evolving technologies on which safe transit depends and the Coast Guard develops new and better defenses and countermeasures, there remains one key defense – the mariner.

“Sound wisdom on any bridge is not to depend entirely on any one system, so if something goes bad, you can always fall back on other methods, including radar or even sextants,” Hamilton concluded. “AIS is just another means to make ships aware of what is in front of them – and they always match one with another. That’s just sound, prudent navigation.”

Prev Page 1 2 Next Page

By

J.R. Wilson has been a full-time freelance writer, focusing primarily on aerospace, defense and high...