Ten sailors went missing from a large collision that took place on August 21, 2017 between an oil tanker and a US Navy Destroyer, the USS John S. McCain. For the fourth time this year, the US Navy has been compromised. According to cyber security experts, the US Navy’s decade’s old reliance on electronic guidance systems could be putting the ships at risk.
Jeff Stutzman, chief intelligence officer at Wapack Labs and former Navy information warfare specialist, says: “There’s something more than just human error going on because there would have been a lot of humans to be checks and balances.”
The USS John S. McCain (DDG-56) is an Arleigh Burke-class destroyer part of the Seventh Fleet, with a homeport at the Yokosuka Naval Base in Yokosuka, Japan. The destroyer collided near the Strait of Malacca, a 1.7 mile wide waterway responsible for 25 percent of global shipping.
Stutzman wonders whether the ship was sabotaged. “When you are going through the Strait of Malacca, you can’t tell me that a Navy destroyer doesn’t have a full navigation team going with full lookouts on every wing and extra people on radar,” he says.
The Pentagon and Chief of Naval Operations haven’t gone public about the cause of the collision, but they are not ruling out the possibility of a cyber intrusion. The Navy is still recovering from three other incidents in 2017. In June, another US destroyer, the USS Fitzgerald, crashed with a container ship. The incident claimed seven lives. Earlier in May, the USS Lake Champlain was suspiciously hit by a South Korean fishing vessel even though GPS readouts appeared on par. And back in January, the USS Antietam was grounded off the coast of Japan. Statistically, it seems that something sinister is taking place; the US Navy could be falling prey to GPS-spoofing.
GPS-spoofing (misdirection) is a hacker technique that interferes with a vessel’s location but the changes do not show up on the vessel’s computer screens or readouts. Operators are tricked into thinking that everything is normal, even though the coordinates have been changed. Stutzman says he has no proof of GPS-spoofing in the case of the USS John S. McCain, but intelligence operations did identify the technique being used for the first time in the Black Sea two months earlier. On June 22, GPS signals were manipulated for 20 ships navigating through the eastern part of the Black Sea. All equipment on board appeared to work, but all the ships had been rerouted 20 miles inland.
Todd E. Humphreys, a professor at the University of Texas and expert in satellite navigation systems is suspicious that GPS spoofing was used to wreck the USS John S. McCain. He says there was no evidence of faulty satellite communications. The US military doesn’t use commercial GPS, either. Humphreys says that hackers nowadays can readily get a hold of software and gear that decodes encrypted signals that the military uses for geolocation of their vessels.
The AIS or Automatic Identification System that most ships use, are even more vulnerable. Cargo ships and cruise ships can readily be hacked and rerouted. “You can send an AIS beacon out and claim just about whatever you like. You can make a phantom ship appear,” Humphreys said. For example, a cyber attack on June 27 struck thousands of computers. The attack was so severe, shipping giant A.P. Moller-Maersk was forced to track their cargo ships manually. At the end of the month, they reported up to $300 million in losses due to the breach.
Stutzman says that hackers could easily get a hold of Navy shipboard log-on procedures because these are shared widely when crews rotate on and off. Additionally, onboard networks can easily be exposed to computer viruses because Naval officers sometimes download movies, e-books and music from the internet while sailing. (For more, visit NationalSecurity.news)