Breaking in the Automated Identification System (AIS), can allow pirates to guide vessels in a desired direction.
New programs that can divert ships from their course were presented at a conference of Hack in the Box in Kuala Lampur. Programmers displayed new approaches to breaking in vessels' communication system. The aim of the programmers was to alert the International Telecommunications Union (ITU) and to trigger a process for overcoming the thread.
The system that was created to transmit information regarding vessels' location, weather and other threads called Automated Identification System (AIS) messages, had been already recognized as dangerous. It gives the opportunity to give false signals to vessels and navigate them in a wrong course and to also to flood its internet base with DoS attacks. However specialists showed new ways to hack in that system with very inexpensive hardware. Dr. Marco Balduzzi, Kyle Wilhoit and Alessandro Pasta displayed how pirates can employ the AIS directing ships in a course they desire or just making crew to ignore the whole AIS.
One of the options for the pirates is to give a false alert of man overboard via the emergency transmitter and to navigate them to a place where the pirates could ambush them. The IT specialists showed how Python script can manipulate AIS transmitter database and forward it to vessels. AIS also can be used to turn on collision alert systems and for sending any wrong data for the weather, for instance. Hackers are able even to cause a shift to an unmonitored frequency through the AIS and make the ship invisible in the network.
Demonstrations were made with a software-defined radio at the cost of €500 ($674). Dr. Balduzzi however said that such manipulations can be committed with a VHF radio at the cost of only €100 ($134). This makes AIS very vulnerable, potentially by most people on earth. Pirates probably would not hesitate to join that vast group.