Satcoms giant KVH’s onboard security laid bare

Shipping has received another shock to the system over its openness to cyber attacks. Specifically the satcom boxes installed by American comms giant KVH have been shown to be easy to hack.

Ken Munro, who works with cyber security firm Pan Test Partners, has recently carried out a broad audit of shipping’s cyber set up. He found the challenges maritime cyber is facing today mirror those the industrial controls security (ICS) in utilities started addressing several years ago.

In a blog on Pan Test Partners’s site Munro wrote how ships that had traditionally been isolated were now always-on, connected through VSAT, GSM/LTE and even wifi.

“Crew internet access, mashed up with electronic navigation systems, ECDIS, propulsion, load management and numerous other complex, custom systems. A recipe for disaster,” Munro wrote.

Munro’s test saw him exploit satcom terminals and open-source intelligence (OSINT).

Using Shodan, a search engine, Munro tapped in ‘html:commbox’ and came across American satcom giant KVH’s CommBox terminals. These terminals were missing any transport layer security (TLS) on login. Worse still, at the bottom right of the screen, vessel names were clearly identifiable. Below the login was a link, ‘Show Users’.

Inquisitive web users can request the content by appending: /rest.php?action=QCgetActiveUsers – or simply clicking the link from where a list of all the crew online is made available.

Munro was then able to use Google to get the Facebook profile of the deck cadet using the commbox of the ship he had tracked.

“This poor chap is ripe for phishing – we know pretty much everything about him.

“Simple phish, take control of his laptop, look for a lack of segregation on the ship network and migrate on to other more interesting devices.

“Or simply scrape his creds to the commbox and take control that way.

“It shouldn’t be this easy!” Munro wrote.

Compounding KVH’s security breach, Munro was able to show some of the network configuration simply by hovering over the graphic user interface.

Munro concluded his blog post with some urgent advice to ship operators. “There are many routes on to a ship, but the satcom box is the one route that is nearly always on the internet. Start with securing these devices, then move on to securing other ship systems,” Munro wrote.

KVH officials have yet to reply to questions sent by Splash earlier.

Sam Chambers

Starting out with the Informa Group in 2000 in Hong Kong, Sam Chambers became editor of Maritime Asia magazine as well as East Asia Editor for the world’s oldest newspaper, Lloyd’s List. In 2005 he pursued a freelance career and wrote for a variety of titles including taking on the role of Asia Editor at Seatrade magazine and China correspondent for Supply Chain Asia. His work has also appeared in The Economist, The New York Times, The Sunday Times and The International Herald Tribune.
Back to top button