Sky whispering: what do cruises have in common with industry 4.0?
In this year's remote edition of the DEF CON hacking conference, James Pavur presented his findings where he was able to intercept internet unencrypted sensitive data that was relayed by the satellite.
The insecure industrywide protocols permitted satellite eavesdropping, among others, to wind farms, oil tankers and aircraft data.
One example was a cruise line which integrated its Windows computers located on the ships into the land-based LDAP domain. If an attacker hijacks one of the boat computers in the middle of the sea, lands directly behind the firewall. In this example, cruises had unpatched plus unpatchable installations of Windows Server 2003 and its well-known vulnerabilities for potential attacks. This kind of weakness can be found in all industries.
Insecure protocols, legacy equipment and legacy software are cruises and industrial environments common vulnerabilities usually targeted for malicious cyber-activities. Established approaches for preventing cyber security attacks in industry 4.0 can be mapped to protect the cruises in this example.
To protect ships sustainably of potential attacks their boat networks have to be isolated from the satellite communication.
The implementation of such an approach takes place through a specially designed security system for OT environments, which is placed between the ship network and the satellite network, providing a secure interface for communication between them:
• An integrated firewall enables micro-segmentation and hides the ship network from external systems.
• Non-secure data in the ship network is translated “on the fly” and forwarded to the satellite network using a secure protocol.
• Communication is monitored for effectively detect a cyber-attack.
secunet edge highly secures communication by isolating networks and providing “on the fly” protocol translation and together with secunet monitor provides the perfect monitoring for detecting cyber-attacks.