Superyacht cybercrime: the next big thing?
CNN/Stylemagazine.com Newswire | 7/3/2018, 8:28 a.m.
by Motez Bishara, for CNN
(CNN) -- He was in St. Tropez to install an internet router onto a superyacht owned by a wealthy European businessman when a thought occurred to him.
"How vulnerable is this device to a hack?" wondered the German IT specialist, Stephan Gerling, before running a number of tests that uncovered the boat's exposure to potential assaults "over the rudder, radar systems, GPS, or anything else."
"When I found these vulnerable routers, my first thought was, 'What could happen with these big yachts and the celebrities on them?'
"What if they store private pictures on the media server of the yacht?
"Someone could be sitting at a café with a Wi-Fi connection and targeting them, and they don't know."
That was the moment when Gerling, a former navigation systems expert with the German military, became obsessed with defending yachts from malicious hacking.
With steady superyacht orders leading up to the busy summer season, Gerling and the few other marine cybercrime specialists who operate from Monaco to Miami are increasingly in demand, according to yacht industry insiders.
Gerling will be in Croatia this summer to rent a 20-foot yacht -- miniscule relative to those he normally works on -- as a tester for his hacking research.
He will take apart everything is that able to transmit a signal on the boat, including satellite receivers and radio transmitters, to find potential vulnerabilities, because today's yachts are exposed to hacks like never before.
One billionaire had more than $150,000 stolen when yacht hackers pilfered his bank account, according to The Guardian, while yacht owners have been blackmailed after private photos were stolen. Navigation systems have also been locked and held for ransom.
'Risk for ransomware'
A number of superyachts even feature financial dealing rooms with data-rich Bloomberg terminals, necessitating stronger firewalls than usual.
Previously, superyacht owners were nervous about pirate attacks in risky areas like the Caribbean and Gulf of Aden. However, the current crop of owners should be just as concerned when moored in crowded tourist traps in the Mediterranean, says Ben Lind, a senior yacht underwriter at AIG.
"We feel there is a lot more risk for ransomware type of attack," he says, explaining that "a massive desire by yacht owners to have Wi-Fi available all over the boat" leads to greater risk.
"To do that they push up the broadcast tower and put in more wireless access points, and now you can sit in a café at a marina and watch 10 or 20 yacht Wi-Fis come up," he says.
Crew members or guests active on social media could create further risk, Lind says.
"That's the type of thing that might not be a direct cyber-loss, but you don't want your staff to broadcast to the world that your VIP is going to St. Tropez next week," he says.
"A lot of these yacht crew are in their early 20s and they grew up with Facebook and Instagram. If they haven't had their training, it's second nature to post (their whereabouts)."
Superyachts have never been an easier target for malicious hackers or paparazzi looking to capture valuable private photos of celebrities, says Gerling.
Luxury cruisers like Chelsea football club owner Roman Abramovich's Eclipse -- which was reportedly purchased for nearly half a billion dollars in 2009 -- can be tracked easily via websites like marinetraffic.com, which publicly provide the names and exact locations of vessels, along with their cruising speeds.
'Locked down networks'
Despite the value of superyachts ranging from tens of millions to hundreds of millions of dollars, their systems can be potentially infiltrated for months without detection, Gerling says.
"The first thing is they have to figure out if they are hacked," he explains. Signs include unusually high bills for satellite communications systems, or a mobile network's data plan that is "always locked out or exceeded."
"If someone is taking care of the IT system on board, then they should easily see that, just like in a normal company," he notes. "But mostly you have only a captain and a crew on board, and they mostly don't know what to look for that can raise alarms."
Cybercrime is at times dismissed as a non-issue in the yachting community, but should be taken seriously, says Robert Raymond, CEO of London-based Superyacht Insurance Brokers.
"I think it has been overlooked," says the 40-year industry veteran, adding that prevention begins with having an IT specialist dividing the yacht's communication system into "a minimum of four separate and locked down networks."
Raymond clarifies that the ship's captain and other key personnel need one network to run the ship which is "not just firewalled, but completely separate from other things on board."
Another network should cater to the yacht's owner to guard business operations, along with one for guests and another for junior staff at risk of accessing suspect websites.
Though employing a full-time IT expert on board is still a rarity on superyachts, the very top-tier of owners would be wise to do so, says Lind.
"With the very big boats, such as a $200 million yacht, you would expect a chief technical officer," he says. "On those very modern boats, because they are so interconnected, there is a risk of cross contamination ... into the operational technology side, where the engine management and the electronic charting and the GPS are all connected."
On more thing, suggests Lind: Change default passwords for every gadget on the boat and reset guest Wi-Fi passwords after every charter.
Prevention is key because cybercrime is currently excluded in nearly all marine insurance policies, says Lind, whose private clients' division at AIG insures 100,000 yachts.
Any physical damage as a result of a hack -- a crash into rocks, for instance -- would be covered, Lind says, "though not ransomware, extortion, leaking of data and all the ancillaries that go around dealing with that event."
That, along with the sensitivity of high net-worth individuals, is why most cybercrimes on yachts go unreported, Lind says.
'Secret gun lockers'
In the event that a boat is rerouted and held for ransom, backup plans are often in place, says London-based yacht architect Evan Marshall.
"We do get involved occasionally with preventative measures to keep yachts from being hijacked, including installing secret gun lockers, or adding secret operational rooms where the crew can retreat to and still control the vessel in the event it is hijacked," he says.
Even old-fashion pirating of ships has been made easier by IT hacking.
Last year, cybercrime expert Campbell Murrary of BlackBerry took just 30 minutes to demonstrate how he could hijack a superyacht's satellite communications system and sail a boat into the hands of pirates, according to The Guardian.
Murray was even able to control a ship's CCTV system -- because its factory password was still intact -- wiping out any coverage of would-be thieves or hijackers.
"Normally, well-trained crew members should see manipulation in navigation systems by a cyber-attack," Gerling says.
"That's the theory. In practice, what happens when a ship is on autopilot at 1 a.m.? Hmm."