Risk of Information Theft on Inmarsat C

Dr. Ir. F. J. Sluiman
Wednesday, March 31, 2010

Dr. Ir. Sluiman, of eXpert ICT, is a naval reserve officer assigned to the Naval Cooperation and Guidance for Shipping (NCAGS) organization of the Netherlands. All analyses and views expressed in this article are those of the author.

Communication between ship and shore is essential for the efficient operation and management of ships. The wireless systems to communicate from and to ships, however, are not always secure and the confidentiality of the communication may be invaded. Owners, operators, managers of vessels and shipmasters should be aware of this risk when using a communication system. Information theft by competitors may erode competitive advantages and could damage relationships with customers, information theft by pirates and terrorists may lead to attacks on ships.

The degree in which the security of a wireless communication system can be trusted depends on the complexity of the computations needed to decode messages intercepted from this system. Technology, however, is constantly advancing and complexity may vanish as computer power increases. Hence, security of wireless communication systems should be a continuous concern.

Presently, several Internet sites are offering Inmarsat C decoding software with the ability to fully reconstruct all Inmarsat C messages send to ships by a land earth station (LES). This is disturbing as Inmarsat C, launched in 1991 to provide low-cost data communication and GMDSS services, counts an estimated 125,000 maritime terminals.

To examine the seriousness of this threat, the most promising Inmarsat C decoding software was purchased and tested on an ordinary personal computer connected to L-Band radio receiving equipment. Tuning in on LES Burum the test showed that the decoder met its specifications: the software flawlessly decoded the Inmarsat C frames, assembled the messages, and logged them. This effectively means that maritime criminals with no more than a basic knowledge of radio technology and computers will be able to read all Inmarsat C messages send from a LES after an investment of €2500 on equipment and decoding software.

So the threat is real, but does it mean that Inmarsat C cannot be used anymore for data communication? No, it continues to be a very reliable system, be it that sensitive data needs to be encrypted. Fortunately there are some good free products available to do this. One of these products is the 7-Zip utility which can be downloaded at www.7-zip.org. This utility supports file compression with 256-bit AES encryption and is very easy to use. It decreases the amount of data to be sent and is applicable where confidential transfer of cryptographic keys between ship and shore is possible (by another communication system or by some physical means).

When confidential transfer of cryptographic keys is not possible, the GNU Privacy Guard tool downloadable at www.gnupg.org might be considered. This free tool is somewhat less intuitive to use and works with ElGamal encryption, which has the disadvantage that the size of the original data will be expanded with a factor of two. It is as such only recommended for confidential cryptographic key transfer of products like 7-Zip.

Whatever cryptographic product is decided upon, care should be taken to use sufficiently large randomly chosen cryptographic keys and to regularly change them. All these measures significantly decrease the risk of information theft on Inmarsat C, making it secure again.
 

Maritime Today


The Maritime Industry's original and most viewed E-News Service

Maritime Reporter June 2016 Digital Edition
FREE Maritime Reporter Subscription
Latest Maritime News    rss feeds

Maritime Security

Russian Warship made 'unprofessional' Maneuver-U.S. Official

A Russian warship carried out "unprofessional" maritime operations in close proximity to a U.S. Navy ship in the eastern Mediterranean Sea, a U.S. Defense official said on Friday.

Maritime Piracy: More "sophisticated and prevalent” around Gulf of Guinea

While the matter of maritime piracy has seemingly subdued from its high profile peaks of a few years ago, Stuart Edmonston, Head of Loss Prevention at UK P&I Club,

US Provides $100 Mln in Port Security Grants

Homeland Security Secretary Jeh Johnson announced final allocations of $275 million for six fiscal year 2016 U.S. Department of Homeland Security (DHS) competitive preparedness grant programs,

Communication

Broadband Upgrade for MSC Cruises

Intelsat S.A. has been selected by Marlink to deliver fast, high quality Intelsat EpicNG broadband connectivity to Mediterranean Shipping Company’s (MSC) cruise ships.

Radio Holland Wins Contracts for Canadian Coast Guard Vessels

Radio Holland Canada has won two major contracts to support the Canadian Coast Guard. Public Works and Government Services Canada, which is responsible for government procurement,

Essberger Fleet Moves to Marlink’s Sealink VSAT Service

The Hamburg headquartered John T. Essberger (JTE) Group will migrate the primary communication systems of its entire fleet to Sealink, Marlink’s global maritime broadband VSAT service.

 
 
Maritime Standards Naval Architecture Pipelines Pod Propulsion Salvage Ship Electronics Ship Simulators Shipbuilding / Vessel Construction Sonar Winch
rss | archive | history | articles | privacy | contributors | top maritime news | about us | copyright | maritime magazines
maritime security news | shipbuilding news | maritime industry | shipping news | maritime reporting | workboats news | ship design | maritime business

Time taken: 0.0694 sec (14 req/sec)