Can AIS be hacked?

Marine Traffic is showing Graceful in Kalininrad with destination FCKPTN so maybe only MT has been hacked. Owner listed as AO ARGUMENT in the ITU Ship Stations list. Maybe the ETA of 1st April is a hint.
 
JerryC said:
I don't know whether this is true or just more of this week's war propaganda, but take a quick look at the article in the link below. If true, the consequences are enormous. I don't mean just immediate repercussions from the Kremlin, but possible future actions by terrorists worldwide. Anonymous trolls Vladimir Putin by renaming his yacht ‘FCKPTN’
Click to expand...
*as I understand the situation - I have no specialist knowledge*
Either the MarineTraffic website has been hacked or the database from which it and other sites take their data - the fact that different sites are reporting different data suggests the former.
Live AIS data is held on the transponder with only a VHF connection to other ships and land, so what you see at sea is unaffected by this hack.
There are mutterings about the fact that AIS data is sent unencrypted, making a back hack to the transponder theoretically possible - this might be a danger to a fully integrated system, ie if one could alter the autopilot via the transponder. Adding encryption would make the data more prone to error in adverse conditions, so I'm not sure what could be done about this.
That said, why bother? Even without a hack it would be perfectly simple to create ghost ships on AIS to force a ship to change course, or probably more simply hack into the ship's systems through its satellite link
 
KevinV said:
*as I understand the situation - I have no specialist knowledge*
Either the MarineTraffic website has been hacked or the database from which it and other sites take their data - the fact that different sites are reporting different data suggests the former.
Live AIS data is held on the transponder with only a VHF connection to other ships and land, so what you see at sea is unaffected by this hack.
There are mutterings about the fact that AIS data is sent unencrypted, making a back hack to the transponder theoretically possible - this might be a danger to a fully integrated system, ie if one could alter the autopilot via the transponder. Adding encryption would make the data more prone to error in adverse conditions, so I'm not sure what could be done about this.
That said, why bother? Even without a hack it would be perfectly simple to create ghost ships on AIS to force a ship to change course, or probably more simply hack into the ship's systems through its satellite link
Click to expand...
No specialist knowledge? Wow, you seem to know a lot more about this system than I do, and two of my employees designed the semiconductor chips that powered the original AIS receiver system. Although it was decades ago, I remember they were full custom ie not programmable, so I'm inclined to agree this must be a software hack, probably of the MT website.
 
They're (the hackers) just feeding the marine traffic website with spoofed (ie made up) ais data.

Anyone can set up a station to receive ais signals and feed it to marine traffic,there are several 'projects' available for the raspberry pi to do this. Or just do it witha pc etc.

Here's some info on how to set up a marine traffic receiving station

https://help.marinetraffic.com/hc/en-us/articles/205267187-AIS-Receiving-Stations

I'd guess that if the spoofed data just comes from a single receiving station then it would be ignored by marine traffic,but if you have a few 'false' receiving stations feeding the same spoofed ais data to marine traffic then it will be considered authoritative and used to update the website database
 
Last edited:
You must log in or register to reply here.

Share this page

Top