VSAT insecurity: a wake-up call for the maritime industry


Cyberattacks against critical technologies are a rising threat. Recent months have seen nuclear power plants forced to switch to analogue radiation monitoring, hospitals shut down across Europe, and even direct targeting of Industrial Control Systems (ICS) technology through ‘Industroyer’ malware. Where hard-to-reach systems were once beyond the remit of low-skilled hackers, we now see nation-state level attack capabilities in the hands of individuals.

The shipping industry, due to high-value cargo and large operational costs, is increasingly viewed as a lucrative target for hackers seeking maximum reward for minimal effort. AMP Terminals, a subsidiary of shipping giant Maersk, for example, recently came under cyberattack directly through their IT/OT infrastructure with hackers holding their data to ransom. Presenting a wake-up call for the maritime industry, the next major security threat comes in the form of VSAT (Very Small Aperture Terminal) technology.

VSAT technology is a satellite communication system commonly used within the maritime industry, predominantly seen in cargo shipping, military and cruise ships, and even on drilling platforms. As with numerous unsecured networked devices, VSAT systems can be actively tracked through hacking tools and techniques. In the event of a breach, dependent on the threat actor's motivations - hacktivism, terrorism, theft or even piracy, the potential consequences can be severe.


Insecure technology; increased risk
This communications infrastructure is used, in short, as a means of providing network connectivity where a wired connection would be impossible or prohibitively expensive, relying on security through obscurity to remain protected from any hackers. An unintended consequence, however, is that in attempts to breach a target, hackers can use VSAT systems as an open entry point – potentially resulting in manipulation of resources, the compromise of data, and even affecting critical systems.

Where hackers previously focussed on smaller, easily breached targets, methodologies have now shifted, with threat actors looking to increase their return on investment. With the rise of networked technology utilised in businesses across the globe, we now see such attacks are increasingly feasible. With VSAT technology, systems are directly exposed to the Internet with no protection mechanism in place to ensure security, invariably utilising default usernames and passwords. Management interfaces can be easily identified and compromised, acting as a staging ground for further attacks – ranging from simple theft of data, to denial of control.

In ensuring the security of any operational environment, the first step must be to ensure any technology is installed and managed correctly – including system hardening and regular security assessment. The vulnerabilities present in VSAT technology represent a significant risk for the maritime industry. Are your systems secure?

Contact us to learn more about Applied Risk’s ICS/SCADA Security Assessment & Penetration Testing.