Automatic Identification System (AIS) is a system used to enhance maritime safety by providing real-time information such as tracking and monitoring for ships. Since its inception in 2002, it has already been installed in 300,000 vessels across the globe to monitor marine traffic and avoid vessel collisions. The system has also been proven to be useful for accident investigation as well as search-and-rescue (SAR) operations.
This Trend Micro paper introduces AIS and its operations, and provides a general overview of how it works, as well as its benefits. This study also provides a unique angle in evaluating the security issues of these systems by introducing threats that affect both its online implementation and its protocol specifications. Over the course of the research, those that have been identified are categorized into three macrocategories: spoofing, hijacking, and availability disruption. Each threat has been pored over in detail to determine if it is software- or radio frequency (RF)-based or both.
Ship spoofing is the process that involves the crafting of a valid but nonexistent vessel by assigning static information such as ship name, identifiers (MMSI and call sign), flag, ship type, manufacturer, and even dimensions like ship status, position, speed, course, and destination to the fictitious ship.
This kind of attack provides an array of malicious attack scenarios, like making it appear like a particular vessel is with the jurisdiction of an adversarial nation. Ship spoofing could cause issues for automated systems identifying data and making inferences based on collected information from AIS.
Other forms of attacks based both on software and radio frequency are discussed in the full report.
AIS installations on ships require software to provide data to online providers. While useful, there are also security issues with their implementations. The research looked into three popular online AIS providers and found security issues with all three in terms of how they vet sources and authenticate data. A deeper discussion on this can be seen in the full report.
Other forms of radio frequency-based attacks are carefully discussed in the evaluation conducted in the research.
Making full use of a software-based transmitter introduced by Trend Micro researchers, this study discovered and experimentally proved that both AIS’s implementation and the protocol specification are affected by several threats, opening keys to malicious actors to explore attack possibilities. Responsible disclosure notifications have been handed out to involved international organizations to improve overall security given the immense importance of AIS as cyber-physical system in the marine industry.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.