Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

U.S. Warship Collisions Raise Cyberattack Fears

Cyber Concerns Sparked by Warship Collisions

A spate of incidents involving US warships in Asia, including a deadly collision this week off Singapore, has forced the navy to consider whether cyberattackers might be to blame.

Cyber Concerns Sparked by Warship Collisions

A spate of incidents involving US warships in Asia, including a deadly collision this week off Singapore, has forced the navy to consider whether cyberattackers might be to blame.

While some experts believe that being able to engineer such a collision would be unlikely, given the security systems of the US Navy and the logistics of having two ships converge, others say putting the recent incidents down to human error and coincidence is an equally unsatisfactory explanation.

The USS John S. McCain collided with a tanker early Monday as the warship was on its way for a routine stop in the city-state, tearing a huge hole in the hull and leaving 10 sailors missing and five injured.

The Navy announced Tuesday that remains of some of the sailors were found by divers in flooded compartments on the ship.

The Chief of US Naval Operations Admiral John Richardson said on Monday he could not rule out some kind of outside interference or a cyberattack being behind the latest collision, but said he did not want to prejudge the inquiry. His broader remarks suggested a focus on “how we do business on the bridge”.

“We’re looking at every possibility,” Richardson said, when asked about the possibility of a cyberattack, adding “as we did with Fitzgerald as well.”

Just two months earlier in June, the USS Fitzgerald and a Philippine-flagged cargo ship smashed into each other off Japan, leaving seven sailors dead and leading to several officers being disciplined.

There were also two more, lesser-known incidents this year — in January USS Antietam ran aground near its base in Japan and in May, USS Lake Champlain collided with a South Korean fishing vessel. Neither caused any injury.

Advertisement. Scroll to continue reading.

Admiral Scott Swift, commander of the US Pacific Fleet, has refused to rule out sabotage in Monday’s incident, saying all possibilities are being examined.

“We are not taking any consideration off the table,” he told reporters in Singapore Tuesday, when asked about the possibility of a cyberattack in the latest incident.

– High tensions –

Analysts are divided on the issue, with some believing US Navy crews may simply be overstretched as they try to tackle myriad threats in the region, and pointing to the difficulties of sailing through waterways crowded with merchant shipping.

But others believe something more sinister may be going on.

Itar Glick, head of Israeli-based international cybersecurity firm Votiro, said the spate of incidents suggested that US Navy ships’ GPS systems could have been tampered with by hackers, causing them to miscalculate their positions.

“I think that hackers could try to do this, and if they are state sponsored they might have the right resources to facilitate this kind of attack,” he told AFP.

Glick, who says he used to work on cybersecurity for Israeli intelligence, said that China and North Korea would be the most likely culprits.

Tensions are running high between North Korea and Washington as Pyongyang makes strides in its weapons programme, conducting two successful intercontinental ballistic missile (ICBM) test launches in July.

Pyongyang has also been blamed for recent cyberattacks, including the 2014 hack of Sony Pictures and the theft of millions of dollars from the Bangladesh central bank.

The US has repeatedly accused China of carrying out cyberattacks on American companies, particularly to steal intellectual property. Beijing however says it is also the victim of such attacks.

– ‘Spoofing’ –

Glick pointed to a recent incident in June of apparent large-scale GPS interference in the Black Sea to illustrate that such disruptions are possible.

The interference — known as “spoofing”, which disrupts GPS signals so ships’ instruments show inaccurate locations — caused some 20 vessels to have their signals disrupted, according to reports.

Jeffery Stutzman, chief of intelligence operations for US-based cybersecurity firm Wapack Labs, told AFP he thought the possibility of a cyberattack being behind the latest incident was “entirely possible”.

“I would be very doubtful that it was human error, four times in a row,” he said, referring to the four recent incidents.

Still, other observers believe such a scenario to be unlikely.

Zachary Fryer-Biggs, from defence consultancy Jane’s by IHS Markit, said that even if something went wrong with the GPS system of a ship, other safety mechanisms should stop it from crashing, such as having people on watch.

“The collision only occurs if several other safety mechanisms fail,” he said.

Daniel Paul Goetz, from US-headquartered cybersecurity firm Lantium, added that causing a collision would be complicated, as it would involve knowing the exact location, speed and bearing of both ships involved.

Goetz, who says his background is in US military intelligence, also pointed to the level of technology used to protect the navy from such threats.

“The US military uses a GPS system that is highly secured, highly encrypted — the chances that somebody could take over US military ship is very close to zero,” he said.

Related: Ship Data Recorders Vulnerable to Hacker Attacks

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...