Paul Brownridge will be presenting: I am the captain now. Taking remote control of ships engines, helm, azipods, ballasting, and plenty more.
Commercial ships are a complex mix of VSAT, IT, OT, custom protocols, huge sums of $$$, unclear responsibility for cyber and a decade or more of technical debt. There are documented cases of organised crime taking a commercial interest in shipping. Bunkering invoice fraud is rife, but we are also now seeing targeted container theft and threats against port workers. The opportunity to destabilise our supply chains is ever present. From numerous vessel tests, we’ll share our experience of compromising pretty much everything, including the ability to shut down the engines at critical moments, confusing the bridge crew and more. The Suez incident was not a hack, but it could so easily have been, based on our findings. Add cruise ships and a whole new layer of complexity is created. We’ve got to the point of locking all guests in and out of their cabins, affecting ballasting from guest cabins and causing guest panics that are likely to end up in the media.