Modern Yachts Are Vulnerable to Cyberattacks

New yacht models equipped with IoT devices, routers, and switches can be hacked just like any other device connected to the Internet. According to security researcher Stephan Gerling, who spoke at a cybersecurity summit in Cancun, Mexico, modern yachts have numerous vulnerabilities that could potentially be exploited by attackers. For example, an onboard router may use an unsecured FTP protocol.

Gerling explained that a yacht’s onboard network might include a vessel tracking device, automatic identification system, autopilot, GPS receivers, radar, cameras, depth sensors, engine control and monitoring systems, and more. Since these features are connected to a network that can be managed by external devices such as smartphones or tablets, an attacker could hack these devices and gain control over the vessel.

During his presentation, Gerling opened a yacht management app (the yacht and router models were not disclosed) on a tablet, phone, and computer. He then connected to the router and downloaded an XML file containing the router’s configuration. Specifically, he was able to obtain the router’s credentials, the Wi-Fi network SSID, and the password. According to Gerling, because the file is transmitted over an insecure FTP protocol, it can be easily intercepted by hackers, allowing them to take full control of the router and the network.

Additionally, the router’s operating system contained a superuser account created by the developers, likely for remote technical support.

After Gerling’s presentation at the summit, the yacht manufacturer whose software was used released a patch addressing some of the listed security issues. The patch changed the yacht router’s FTP protocol to SSH; however, the superuser account was not removed.