Dr. Marco Balduzzi, Kyle Wilhoit (Trend Micro) & Alessandro Pasta (Independent Researcher)

PRESENTATION TITLE: Hey Captain, Where’s Your Ship? Attacking Vessel Tracking Systems for Fun and Profit

PRESENTATION ABSTRACT:

In recent years, automated identification systems (AISes) have been introduced to enhance vessels tracking and provide extra safety to marine traffic, on top of conventional radar installations. AIS, which is currently a mandatory installation for all passenger ships and ships over 300 metric tonnes, works by acquiring GPS coordinates and exchanging vessel’s position, course and information with nearby ships, offshore installation, i.e. harbors and traffic controls, and Internet tracking and visualizing providers.

With an estimated number of 400,000 installation, AIS is currently the best system for collision avoidance, maritime security, aids to navigation and accident investigations.
Given its primary importance in marine traffic safety, we conducted a comprehensive security evaluation of AIS, by tackling it from both a software and a hardware, radio frequency perspective.

In this talk, we share with you our finding, i.e how we have been able to hijack and perform man-in-the-middle attacks on existing vessels, take over AIS communications, tamper with the major online tracking providers and eventually fake our own yacht!.

ABOUT DR. MARCO BALDUZZI

Dr. Marco Balduzzi holds a Ph.D. in applied IT security from Télécom ParisTech and a M.Sc. in computer engineering from the University of Bergamo.

His interests concern all aspect of computer security, with particular emphasis on real problems that affect systems and networks. Some topics on which he worked on are web and browser security, code analysis, botnets detection, cybercrime investigation, privacy and threats in social networks, malware and intrusion detection systems.

He has been involved in IT security for more than 10 years with international experiences in both industrial and academic fields. He previously worked as security consultant and engineer for different companies in Milan, Munich and Sophia-Antipolis (France), before joining the International Secure Systems Lab and then Trend Micro Research as senior research scientist.

His work has been published in top peer-reviewed conferences, e.g. NDSS, RAID and DIMVA, and he spoke in the major security venues like Black Hat, Hack In The Box and OWASP AppSec. His applied research has been acknowledged and published by important media such as Forbes, The Register, Slashdot, InfoWorld and DarkReading.

ABOUT KYLE WILHOIT

Kyle Wilhoit is a Threat Researcher at Trend Micro on the Future Threat Research Team. Kyle focuses on original threat, malware, vulnerability discovery/analysis and criminal activity on the Internet. Kyle also actively tracks targeted malware based espionage worldwide. Kyle has spoken at many worldwide conferences such as FIRST and Blackhat and he has been featured on New York Times, LA Times, Fox Business and ABC. Prior to joining Trend Micro, he was the lead incident handler and reverse engineer at a large energy company, focusing on ICS/SCADA security and targeted persistent threats. Kyle is also involved with several open source projects and actively enjoys reverse engineering things that shouldn’t be.

ABOUT ALESSANDRO PASTA

Alessandro Pasta holds a M.Sc. in computer engineering from the University of  Bergamo. He works as network engineer and consultant for different financial and bank  institutions in Italy. He is interested in electronics, embedded systems design, radio-frequency transmission and networking; he holds three Cisco certifications (i.e. CCNA, CCNP and CCNA Wireless) and radio-ham licences with the callsign IZ2RPA and KC9TCJ.