Dive into the world of maritime cybersecurity with this 48-minute conference talk from Derbycon 2018. Explore the vulnerabilities of modern ships, including E-Class vessels and smart cargo systems. Learn about maritime protocols, GPS, safety navigation, and Industrial Control Systems (ICS) in the context of ship hacking. Discover the motivations behind targeting ships, methods for gaining network and physical access, and the ethical considerations of disclosing vulnerabilities. Gain insights into tools like NoahMarinePro and Nova Labs, and understand the importance of securing Modbus and embedded web servers. Conclude with a call to action for getting involved in maritime cybersecurity and improving GPS security.
Overview
Syllabus
Intro
Project Gun Swing
A Serious Message
Brians Background
Core Scout
Whats at stake
What are these vessels
EClass Ships
Ship Systems
maritime protocols
smart cargo
Communications GPS
Safety Navigation
ICS
Information Gathering
Why Take the Risk
Cargo Management
Getting on and off the boat
Network Access
Physical Access
Noah
MarinePro
Nova Labs
Tabletop Ship
Tools
LowHanging Fruit
Ethical Disclosure
Test Pad
Secure Modbus
Embedded Web Server
Conclusion
Get Involved
GPS
