Page 14: of Marine Technology Magazine (November 2023)

CYBERSECURITY SUBSEA system is integrated into a patrol vessel’s C2, the entire port in false location readings for surfaced AUVs, risking mis- security network, and, by extension, possibly the larger port sion failure or vehicle capture. Or man-in-the-middle attacks,

C2 system, is then vulnerable to attacks originating within the wherein a malicious underwater network node impersonates

ROV. (Conversely, the ROV would also be vulnerable to at- a friendly node to intercept data, disrupt communications, or tacks originating within the port’s C2). poison the data stream. And as arti? cial intelligence makes

While the commercial maritime sector grapples with its own its way into subsea operations, systems will be vulnerable to cybersecurity challenges, naval and maritime security entities AI manipulation attacks. Poisoning a mine countermeasures must grapple with similar threats and vulnerabilities. Secur- image recognition dataset, for example, might cause an AI ing both classi? ed and unclassi? ed networks against intru- to identify ordinary organic objects as live ordnance, or, con- sion is of course paramount. A compromised network used versely, classify actual mines as benign.

during manufacturing, testing, or maintenance, for example, And cyberattacks don’t necessarily need to involve lines of could enable an adver- code. Kinetic attacks against subsea cyber sary to install malware infrastructure could be just as damaging,

To date, the focus of commercial designed to transform if not more so, as the physical destruction an AUV or sensor would signi? cantly prolong mitigation maritime cybersecurity has been into a malicious node. and recovery. The vulnerability of trans- securing against threats to the web

Once deployed, the oceanic cables to sabotage is well estab- of port navigation, communication, node could gather data lished, as events in the Baltic Sea continue and intercept com- to underscore. Seabed server farms, an in- and cargo handling OT. munications, and then novative solution to data center cooling

But ports and offshore entities are ex? ltrate the data via pioneered by Microsoft’s Project Natick, also increasingly automating their covert surface com- would also be vulnerable to physical at- inspection and security operations munication. Malware tacks using “undersea IEDs” fashioned could also make its from AUVs or ROVs.

using unmanned surface vehicles way from the infected So how can the subsea community de- (USVs), remotely operated vehicles vehicle onto a manned fend against these threats? Current threat (ROVs), and underwater intruder submarine during inte- intelligence is essential, as is network sur- gration with shipboard veillance, “cyber hardening,” and robust detection systems (IDS) systems. Speaking in anti-tamper technologies. Given the sheer 2014 before the Naval number and adaptability of malicious cy-

Submarine League, then NAVSEA commander Vice Adm. ber actors, resilience - the ability to quickly detect, mitigate,

William Hilarides addressed the serious risk posed by off- and recover from cyberattacks - is key, as is leveraging profes- board networks to submarines, particularly in light of their nu- sional “ethical hackers” to conduct network penetration test- clear power and payloads. As submarines increasingly deploy, ing (“pen testing”) to identify system vulnerabilities. In addi- interact with, and recover vehicles and seabed infrastructure, tion to these approaches, an active defense posture may work the vulnerability of crewed undersea platforms to cyberattack as well, such as deploying digital twins or cyber decoys to will increase dramatically. detect malicious network activity and deceive attackers, luring

With the proliferation of vehicles and sensors, the undersea them away from true operational networks.

domain will no longer be a sanctuary for crewed submarines. The proliferation of subsea vehicles, networks, and infra-

As such, Navies will need to employ, as well as detect and structure will inevitably give rise to new cyber threats and counter, tactical and operational deception, and this will be open up new attack vectors to malicious actors. It is critical enabled by cyber operations. to anticipate how cyber operations could unfold in this unique

This may take many forms, such as Position, Navigation, and and challenging environment, as well as the broader opera-

Timing (PNT) attacks (e.g. GPS spoo? ng), which can result tional and strategic challenges they will present.

About the Author

David R. Strachan is a defense analyst and founder of Strikepod

Systems, a research and strategic advisory focusing on autonomous undersea systems.

14 November/December 2023

MTR #8 (1-17).indd 14 11/28/2023 12:27:25 PM