ShareThis Page
World

Could hackers be behind the Navy collisions?

| Wednesday, Aug. 23, 2017, 9:24 p.m.
The damaged port aft hull of the USS John S. McCain, is visible while docked at Singapore's Changi naval base on Tuesday, Aug. 22, 2017 in Singapore. The focus of the search for the U.S. sailors missing after a collision between the USS John S. McCain and an oil tanker in Southeast Asian waters shifted Tuesday to the damaged destroyer's flooded compartments.
The damaged port aft hull of the USS John S. McCain, is visible while docked at Singapore's Changi naval base on Tuesday, Aug. 22, 2017 in Singapore. The focus of the search for the U.S. sailors missing after a collision between the USS John S. McCain and an oil tanker in Southeast Asian waters shifted Tuesday to the damaged destroyer's flooded compartments.
Locator map of 4 Navy ship accidents.
Locator map of 4 Navy ship accidents.

SAN FRANCISCO — Was a hack attack behind two separate instances of Navy ships colliding with commercial vessels in the past two months? Experts say it's highly unlikely, but not impossible — and the Navy is investigating.

Rumors on Twitter and in computer security circles have been swirling about the possibility that cyber attacks or jamming were involved in the collisions. Speculation has been fueled by four accidents involving a U.S. warship this year, two of which were fatal, the highly-computerized nature of modern maritime navigation, and heightened concern over global cyberattacks — especially attacks against U.S. government entities.

Chief of naval operations Admiral John Richardson said in a tweet on Monday there was no indication of the possibility of cyber intrusion or sabotage but the "review will consider all possibilities." It had been retweeted over 830 times by Wednesday.

"The balance of the evidence still leads me to believe that it was crew negligence as the most likely explanation — and I hate to say that because I hate to think that the Navy fleet was negligent," said University of Texas at Austin aerospace professor Todd Humphreys, who studies GPS security issues.

On Monday, the USS John S. McCain collided with an oil tanker off Malaysia, which left ten sailors missing and five injured. On June 17 seven sailors died when the USS Fitzgerald was hit by a cargo ship 60 miles off the coast of Japan.

The incidents have clearly rattled the Navy. On Wednesday Vice Adm. Joseph Aucoin was dismissed as commander of the 7th Fleet. And on Monday the Navy ordered a global pause in operations to allow commanders to take immediate action to keep sailors and ships safe as well as a Navy-wide review to get at the root causes of the problems.

The technology to jam or misdirect navigational software is readily available, though the Navy uses a much more robust encrypted version of GPS that would be very difficult to disrupt, said Humphreys.

The only way to spoof such a system would be to use what's known as a "record and replay attack," he said. That's where a recording is made of the encrypted location data being sent down from satellites to the Naval ship and then replaying the recording at a slightly later time and directing it towards the ship.

"That way you could fool a ship into thinking it is someplace it's not," Humphries said.

That would be a very sophisticated and difficult hack, requiring recording the navigation data stream from multiple angles to mimic the multiple antennas on the Navy ship, and then sending the recorded signal from two or more locations. To ensure that nearby ships didn't also get the false data, it would have to be transmitted from close to the Navy ship being targeted, perhaps using multiple drones.

None of this seems likely, but it's not impossible, said Humphreys. In 2013 he and a group of graduate students were able to successfully spoof an $80 million yacht's GPS system, sending it hundreds of yards off course without the ship's navigation system showing the change to the crew.

The Navy's Richardson said the second "extremely serious incident" in little more than two months "gives great cause for concern that there is something out there that we're not getting at." The Navy has blamed the Fitzgerald collision on a loss of situation awareness by sailors on the bridge.

Dana Goward, former head the Marine Transportation Systems for the Coast Guard, the navigation authority for all U.S. waters and vessels, also doesn't believe hacking was involved in the Navy collisions.

As a former Coast Guard captain, he said that years of navigating at sea tell him that especially in high-traffic areas where the collisions occurred, it's easy for mistakes to happen. "It's a difficult environment to be in and human error is always present," he said.

The notion of a cyber attack causing the collision has gained currency in part because it's possible — and other military powers are known to have tried it.

For instance, said Goward, a malicious party could focus on the unencrypted navigation feed of the commercial vessel while at the same time mounting a jamming effort against the Navy ship for a brief period of time. Or, hackers could just try commandeering the GPS of the cargo ship to get it to veer slightly off course.

"It takes two to tango," said Professor David Last, former president of the Royal Institute for Navigation in the United Kingdom. "I think you just have to attack the weaker of the pair, which is the commercial vessel. I'm not saying it happened, I'm just saying that's what I would do if I were trying to be a troublemaker in that way."

TribLIVE commenting policy

You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.

click me