Generative AI Impact on Cybersecurity @Sea

Intro

As Artificial Intelligence technology advances rapidly, affecting all aspects of our lives, it is also significantly impacting cybersecurity in the shipping industry. The maritime sector has increasingly adopted AI technologies to enhance cybersecurity measures due to the industry’s ever-growing reliance on digital systems and networks, increasing the cyber attack surface.

Within the realm of AI, Generative AI — from such sources as ChatGPT or Gemini (formerly Bard) — is a specific subset or technique used to create content or data that is new, original, and resembles human-created output. Generative AI utilizes models and algorithms to create entirely new content based on patterns learned from existing data, which can potentially pose cybersecurity risks for the maritime industry due to its ability to create realistic and deceptive content. In many cases, if a generative AI tool is asked a question  for which it does not know or cannot learn the answer, it will merely make one up.

Social Engineering onboard ships

Generative AI can create deepfake videos, audio, or images that could be used to spread false information or impersonate authoritative figures, leading to social engineering attacks or misinformation campaigns targeting maritime operations. Generative AI can be used to create social engineering attacks targeting teams on board ships at sea in several ways, such as:

1.AI-generated content can craft highly convincing, targeted spearphishing emails or messages that appear legitimate. These messages may impersonate trusted entities or contain tailored information relevant to the ship’s crew or maritime operations, enticing individuals to click on malicious links, download infected files, or disclose sensitive information.

2. Using AI to analyze publicly available data or social media profiles, attackers can create highly personalized social engineering attacks. They might craft messages or calls that include specific details about the crew members, their roles, or recent events on the ship to increase the credibility of their deception.
3. AI can fabricate emergency situations or critical incidents targeting individuals, such as urgent requests for immediate action or assistance for a family member, which could manipulate a team member, or entire team, into taking actions that compromise security protocols.

Forgery and Spoofing ships

Generative AI can be used to create forgery and spoofing attacks targeting the shipping industry in several ways:

1. AI-generated content might be used to create forged documents, such as cargo manifests, certificates of origin, or safety inspection reports. The risk associated with manipulated sensor data can lead to identity spoofing or tampering with ship systems.
2. Generative AI can be used to manipulate sensor data transmitted by ship systems. Attackers might falsify or manipulate sensor readings related to navigation, weather conditions, or cargo status. This could mislead ship operators or automated systems, potentially leading to incorrect decision-making or unsafe navigation.
3. Generative AI techniques might be used to produce counterfeit digital signatures or certificates. This could compromise the authenticity of digital records, transactions, or communication, leading to unauthorized access or manipulation of sensitive data.

Automated Hacking

AI-powered tools can automate and enhance cyber attacks by learning and adapting to security measures, potentially enabling more sophisticated and targeted attacks on maritime systems.

1. Automated hacking tools can continuously scan for vulnerabilities in ship systems, networks, or connected devices. Once identified, these tools can design exploit for these vulnerabilities in order to gain unauthorized access to critical systems or data. AI will allow the detection of such vulnerabilities — as well as the prediction of such flaws — at rates much faster than a legion of hackers.
2. Automated hacking tools can perform brute force attacks, systematically trying numerous combinations of usernames and passwords to gain unauthorized access to ship systems or onboard devices.
3. Sophisticated AI-driven attacks can adapt and learn from previous attack patterns or security measures, making them more challenging to detect or defend against. These attacks can autonomously adjust their strategies to bypass security controls or deceive cybersecurity defenses.

While generative AI presents opportunities for the shipping industry it also present security threats with the affect of changing the course of global supply chain. One only has to look at the disruption in the supply chain from backlogs caused by COVID-19 (2020-2021), EVER GIVEN’s blockage of the Suez Canal (2021), and Houthi attacks in the Red Sea (present).

What can be done?

The Shipping industry must be prepared to the new era of AI cyber threats. Getting ready means firstly to adopt a proactive approach to strengthen the cybersecurity posture. Only than can shipping companies will be able to better mitigate potential threats. Here are some recommended measures:

1. Risk Assessment and Preparedness: Shipping companies should conduct a comprehensive risk assessment to identify vulnerabilities and potential attack vectors within the organization that could be exploited by generative AI-driven cyber threats. This should not be a one time assessment but rather an ongoing process that can continuously monitor all such new threats and adjust the cyber defense accordingly. In addition, it is recommended to develop a clear understanding of how generative AI can be used maliciously and the specific risks it poses to the company’s systems, data, and operations.
2. Threat Detection and Prevention. The shipping industry must harness AI capabilities to fight all such generative AI threats. As a first step one should ensure that the cyber security solution utilizes AI-powered security tools analyzing patterns, anomalies, and behaviors to identify potential attacks. It is about implementing advanced detection capabilities to spot irregular behavior or cyber threats within maritime networks and systems, helping in the early identification of potential security breaches.
3. Predictive & Behavioral Analysis: The cyber defense should also include Predictive Analysis capabilities. AI algorithms can analyze vast amounts of data collected from ship systems to predict potential cyber threats, enabling proactive cybersecurity measures to be implemented before an attack occurs. In addition. AI-driven behavioral analysis can help in understanding normal and abnormal patterns of user behavior, aiding in the identification of potential insider threats or unauthorized access.
4. Secure Network Infrastructure: Strengthen the network infrastructure with robust firewalls, encryption, and secure configurations to defend against unauthorized access and data breaches resulting from generative AI-based attacks. Implement network segmentation to compartmentalize critical systems and sensitive data, limiting the impact of potential breaches.

By adopting these proactive measures, shipping companies can enhance their resilience against generative AI cyber risks and better protect their assets, data, and operations from potential threats in an evolving digital landscape at sea.

At the same time, maritime stakeholders need to understand how AI can be used to plan a cyber defense and counter the offensive uses of AI for cyberattacks.