[THIS IS A SAMPLE ARTICLE FROM THE FEB/MAR 2012 ISSUE OF MARITIME IT & ELECTRONICS]
Satcoms systems widely used within the maritime community are more vulnerable to cyber-terrorists and hackers than ever before, it has emerged
Privacy International, a London-based NGO, has recently published the findings from an extensive investigation into the murky international market for surveillance equipment. While you might be forgiven for thinking this comprised of garage-outfits selling low-quality gizmos for tapping phone lines and such like, it discovered professional outfits that, among other services, openly offer ‘to target and break specific commercial communications satellites, including Thuraya [covering the Middle East], Iridium satellite phones, and Marlink’s VSAT.’
Traditionally, the only organisations possessing enough resources to mount such interceptions would have been state security agencies, military or other government-backed bodies. While MITE does not have any evidence about the efficacy of these new satellite wire-taps, it is a worrying development that such technologies are becoming more readily available.
At this point it should be borne in mind that no encryption system in entirely impenetrable – recall the codebreakers at Bletchley Park who deciphered the German Enigma code. Rather less historically significant, but a move visible example in recent years has been the cat-and-mouse game played out by Hollywood studios and record labels trying to prevent pirates from copying their wares.
Late Apple CEO Steve Jobs once even advised the music industry to ‘give up on DRM’. DRM, or Digital Rights Management, refers encrypting media files so they cannot be easily shared in order to protect copyright. ‘Music companies may feel protected by their DRM, but DRM hasn't worked in the past and it won't work in the future. There are smart people circumventing this stuff,’ he argued.
Hopes that quantum cryptography would be a truly secure mechanism for transmitting information have also been dashed. Hackers have exploited the fact that practical implementations must cope with a certain amount of environmental background noise to discover the ‘key’ required to decode the message. [1]
This is not to say encryption is futile. Rather it is important to bear in mind its limitations. And, as Simon Watts explained last issue (MITE Nov/Dec 2011), choose a level of security that is appropriate to the information that needs to be protected. While no code is completely secure, it does serve a function in preventing casual observers taking a peek at sensitive information.
So how does this discussion apply to the wire-tapping of maritime satcoms services? Transmissions sent across modern satellite services are protected in a variety of ways – some expressly for encryption; others just an intrinsic part of transmission mechanism. Iridium, for example, uses private interfaces in combination with all manner of frequency- and time-hopping algorithms. Breaking into this and extracting useful information is by no means a trivial exercise.
What has made it a possibility however is the shear amount of number-crunching power now available at relatively low cost. In the past, carrying out a brute-force attack on particularly tricky cypher might have required access to a Cray supercomputer. Today, similar performance can be achieved by aggregating the processing power of multiple desktop machines.
Of course cracking the transmission channel is only one part of the challenge. The hacker will then need equally sophisticated tools to analyse and identify the target information passing through the channel, amid the noise from other sources and users. And the chances are that if information is deemed valuable enough to attract the attention of a hacker, it will be encrypted as part of a VPN channel, ie at the HTTP transport layer. And if the sender was feeling especially paranoid, the actual message would have been encoded in some way prior to transmission. In short, our cyber-spy would be tasked with defeating numerous protections one after another, like peeling an onion-skin. Because of the amount of work involved, many hackers prefer to focus their energy on a softer target – namely, manipulating the human operator, typically the weakest link in any security chain.
But the above discussion pre-supposes the reason for hacking the satellite channel is information espionage. However, there could be other motives, for example, obtaining access to free, non-traceable communication would certainly be advantageous to any illegal organisation operating in remote areas. And it doesn’t take much imagination to guess one such group of outlaws found operating on the high seas.
[1] http://www.nature.com/news/2010/100520/full/news.2010.256.html