The US Naval Department confirmed this morning that, during a recent fleet exercise in the South Atlantic, civilian fuel tankers that are part of the new Tanker Security Fleet were hacked by elements of Fleet Cyber Command. “Naval cyber operators conducted active operations against Ulan Master and Torrey Canyon tankers that were providing fuel support during Operation Malvinas;” reported David D. Porter, Naval spokesperson. “Navy personnel were able to take remote control of engines and steerage on both vessels using known vulnerabilities in various systems onboard the vessels.”
Captain Frank F. Fletcher of the Torrey Canyon told reporters: “In 20 years of operations in ocean going tankers I have never seen a ship fail so completely to respond to commands from the Bridge. It was quite disconcerting.”
Captain Na Dae-yong of the Ulsan Master added: “I did not appreciate losing control of my vessel, but hopefully we will be able to ensure that such actions could not be undertaken by an enemy during a wartime operation.”
Owners of the two vessels had been informed prior to their participation in the exercise that cyberattacks would be employed against the two vessels during the exercise to determine their susceptibility to such attacks. “These types of attacks would be expected against fleet assets involved in wartime operations,’ Porter explained; “And we expected that the civilian operators would not be as experienced as active fleet personnel in preparing for or responding to such attacks.”
The Navy plans on sharing the results of these attacks with the owners of the two vessels as well as the other owners of vessels in the TSF. Owners will be able to use the information gleaned from these attacks to upscale the cyber defenses for all of their vessels, a major incentive for owners of other fleet capable tankers to sign up for participation in the Tanker Security Program.
Cpt Berny McCollough, spokesperson for Fleet Cyber Command, refused to comment on reports that CYBERCOM detected another party participating in the exercise. “I cannot confirm or deny public reports that a foreign nation state was receiving information from the two ships.” There have been two reports quoting unofficial comments from naval cyber personnel that communications between the ships and a Chinese server had been detected during the operation. One unnamed Navy Lieutenant has been quoted as saying: “We found communications logs showing that the vessel (referring to Torrey Canyon) had been hacked prior to the start of the exercise and had been reporting vessel position and status to a foreign operator.”
McCollough also refused to comment on reporting by the naval
blog, Kings Island, that purported to show tracking information of the maneuvers
of the two ships under control of the Navy’s hackers. “We will not discuss operational
details about the exercise.” The Kings Island tracking data shows the two
tankers conducting right and left 180 degree turns and heading back in the direction
from which they came.
No comments:
Post a Comment