Warning that hackers could sink a bulk carrier

In the latest cyber security warning for shipping Pen Test Partners have highlighted that hackers could sink a bulk carrier by deliberately imbalancing its cargo.

Penetration testing experts Pen Test Partners highlighted that hackers could potentially sink a bulk carrier by manipulating the loading data of its hull stress monitoring systems (HSMS) to deliberately cause an imbalance of cargo.

The crew of the vessel would be unaware of the imbalance which could lead to catastrophic consequences with the vessel breaking up and sinking.

“The reason it is feasible is that when HSMS was first developed, there was no concept of a vessel being connected to the internet, allowing it to be accessed remotely. Therefore, many HSMS are just PCs connected to the ships’ network,” said senior partner, Ken Munro.

“A hacker could interrupt the loading data being fed to and from the monitoring system, having previously compromised the network either via the satcom unit or a phishing e-mail.”
“Once in control, hackers can manipulate the loading of cargo and turn off any stress monitoring alarms that would alert crew to any undue strain on the vessel,” he claimed.

Pen Test Partners said that HSMS vendors and all ship control and reporting system manufacturers need to take security very seriously.

While issuing this warning of potentially dire consequences the company did not explain why hackers would want to carry out such an attack or what they would have to gain from it.