- AIS is an automatic identification system. It serves to transmit the vessel’s identification data (including its cargo), current position and course. It is also used to prevent collisions of ships, monitor their condition and with its help, the owner can monitor his ship.
- DRDO develops new technology that will protect naval ships from missile attacks : The Defence Research and Development Organisation (DRDO) has developed an Advanced Chaff Technology to safeguard the naval ships against missile attacks from enemy.
- Hacker attacks against ships on–board infrastructure are no more a bad dream scenario but happen regularly, often even without being detected. Navies and their crews are faced with a new dimension of silent and hybrid threats, which they never realized before.
- Prior to the implementation of countermeasures after an incident the crew has to have the means to monitor the vital infrastructure and to detect a potential threat. In general there are a few typical risk environments, which require automated and uninterrupted real-time monitoring to be best prepared for countermeasures. Artificial Intelligence (AI) based data analysis as well as human factors determine the level of risk mitigation against cyber attacks in current and future ship operations.
- With regard to ship platforms it is absolutely critical to prevent intruders from gaining access to the IT and connecting to sensors, effectors, and control systems. Private communication via internet through smartphones or portable memory devices must be completely isolated from the communication infrastructure of the ship in order to avoid attacks such as contaminated mails or manipulated USB keys.
- Attacks on warships carried out with comparatively little effort by states or organizations that do not own a single warship or any trained combat forces is becoming an increasingly likely scenario.
- Chaff is a passive expendable electronic countermeasure technology used worldwide to protect naval ships from enemy’s radar and Radio Frequency (RF) missile seekers. The importance of this development lies in the fact that very less quantity of chaff material deployed in the air acts as decoy to deflect enemy’s missiles for safety of the ships.
- The DRDO has gained the expertise to meet the futuristic threats from adversaries. The technology is being given to the industry for production in large quantities.
Potential attack vectors and risk factors in order of criticality
The associated risk factors that determine the likelihood of an attack or a compromise in the infrastructure can be summarized in four groups:
- External Interfaces: Military underwater missions and exercises are conducted in an increasingly multinational communication environment. Manoeuvres presuppose overarching communication between NATO countries. Even previously completely isolated networks must offer interfaces to fulfil these requirements.
- Human Beings: Attacks could take place via a person’s social network or by compromising private smartphones. This would allow potential threats to enter the on-board network.
- Maintenance Interfaces: Such interfaces use off-board communication and may therefore cause an unauthorized use of remote maintenance access for the introduction of malicious codes.
- IT Organizational Deficiencies: Deficiencies of this sort are caused by not strictly adhering to the rules of ISO 31000: The use of software versions / operating systems that are no longer supported by updates , an uncontrolled patch management, the use of outdated antivirus software, or unauthorized access to systems e.g. due to an insecure BIOS password.
Constant monitoring and analysis of the communication link
The key component of this monitoring system is an automatic monitoring device which detects potential incidents (indicators of compromise) in real-time. The system is completely self-sufficient and can be used in conjunction with a CSOC (Cyber Security Operation Center) located on-shore.
The system’s focus is to analyze the detected results in the submarine with the existing staff members and without the need of an onboard team of cyber experts. The reporting of the monitoring system should be easy to analyze and should show impacts of incidents and means to restore capabilities.
Cybersecurity Services based on Artificial Intelligence (AI)
Artificial Intelligence (AI) is required to support the accurate input of “Threat Intelligence Data Base” information and feeding the onboard cyber monitoring sensors. This is essential to avoid “False Positives”, which could be even more severe than undetected attacks. Cybersecurity Services based on AI machine learning support anomaly detection in systems communication.
AI needs to be provided to the Cybersecurity System on a pan-European basis. As military operations are multinational the development and the usage of AI should also be multinational.
The Human Factor
Trained staff members understand the potential risks and are fully aware of the very strict and careful behaviour necessary to avoid cyber attacks. This covers skills from the correct usage of private smartphones to the restrictive handling of external and removable memories (USB stick).
Cyber attacks on ships are a realistic threat scenario. As our world becomes ever more digitally connected the risk of such an attack is equally increasing. Potential risk factors need to be analyzed and discussed, potential vectors of attack need to be known and put under constant surveillance. Moreover, potential risk factors need to be minimized by heightening staff’s risk awareness and by applying strict rules with regard to the use of risky and private communication means aboard.
Thus, India celebrates December 04 as Navy Day, every year, to acknowledge the role of the Indian Navy and commemorate its achievements in ‘Operation Trident’ during the 1971 Indo-Pak War.