Digital Technologies and Cybersecurity in Naval Applications | Thales Group 27/03/24, 12:18 AM

Home

Global Markets Career Investor Journalist Customer Online Supplier EN Accessibility

DIGITAL TECHNOLOGIES AND

CYBERSECURITY IN NAVAL
APPLICATIONS
11 OCT 2019 DIGITAL TRANSFORMATION NAVAL FORCES SUBMARINE

Hacker attacks against ships on–board infrastructure are no more a bad dream scenario but happen
regularly, o!en even without being detected. Navies and their crews are faced with a new dimension of
silent and hybrid threats, which they never realized before.

Prior to the implementation of countermeasures a!er an incident the crew has to have the means to
monitor the vital infrastructure and to detect a potential threat. In general there are a few typical risk
environments, which require automated and uninterrupted real-time monitoring to be best prepared
for countermeasures. Artificial Intelligence (AI) based data analysis as well as human factors determine
the level of risk mitigation against cyber attacks in current and future ship operations.

Risk analysis and typical attack scenarios

An important exercise to be completed is to evaluate and discuss critical and potential attack scenarios.
Some of a ships’s systems can be attacked directly, others through the Combat Management System. In
times of pervasive digitalisation and networking a particularly prominent aspect of security playing an
increasingly important role for ships including submarines is cybersecurity.

https://www.thalesgroup.com/en/germany/magazine/digital-technologies-and-cybersecurity-naval-applications Page 1 of 5
Digital Technologies and Cybersecurity in Naval Applications | Thales Group 27/03/24, 12:18 AM

With regard to ship platforms it is absolutely critical to prevent intruders from gaining access to the IT
and connecting to sensors, effectors, and control systems. Private communication via internet through
smartphones or portable memory devices must be completely isolated from the communication
infrastructure of the ship in order to avoid attacks such as contaminated mails or manipulated USB keys.

Attacks on warships carried out with comparatively little effort by states or organizations that do not
own a single warship or any trained combat forces is becoming an increasingly likely scenario.

Potential attack vectors and risk factors in order of criticality

The associated risk factors that determine the likelihood of an attack or a compromise in the
infrastructure can be summarized in four groups:

External Interfaces: Military underwater missions and exercises are conducted in an increasingly
multinational communication environment. Manoeuvres presuppose overarching communication
between NATO countries. Even previously completely isolated networks must offer interfaces to
fulfil these requirements
Human Beings: Attacks could take place via a person’s social network or by compromising private
smartphones. This would allow potential threats to enter the on-board network
Maintenance Interfaces: Such interfaces use off-board communication and may therefore cause
an unauthorized use of remote maintenance access for the introduction of malicious codes
IT Organizational Deficiencies: Deficiencies of this sort are caused by not strictly adhering to the
rules of ISO 31000: The use of so!ware versions / operating systems that are no longer supported
by updates , an uncontrolled patch management, the use of outdated antivirus so!ware, or
unauthorized access to systems e.g. due to an insecure BIOS password

Constant monitoring and analysis of the communication link

The key component of this monitoring system is an automatic monitoring device which detects
potential incidents (indicators of compromise) in real-time. The system is completely self-sufficient and
can be used in conjunction with a CSOC (Cyber Security Operation Center) located on-shore.

https://www.thalesgroup.com/en/germany/magazine/digital-technologies-and-cybersecurity-naval-applications Page 2 of 5
Digital Technologies and Cybersecurity in Naval Applications | Thales Group 27/03/24, 12:18 AM

The system’s focus is to analyze the detected results in the submarine with the existing staff members
and without the need of an onboard team of cyber experts. The reporting of the monitoring system
should be easy to analyze and should show impacts of incidents and means to restore capabilities.

The Thales Malware Detection and Analysis System automatically scans the outbound traffic for
anomalies, fully non-reactive. Even attacks in the past are detected when the system is activated.

Conventional network security tools mainly monitor inbound traffic only (via sandbox, firewalls,
antivirus, etc.). The Thales malicious threat detection solution focuses solely on outbound traffic
monitoring and identifies which of the installed classic security devices such as firewalls may not
provide adequate protection.

Thales Malware Detection System consists of two components: The 'Probe', which is located in the
network segments and the central analysing system, which is connected to the ship's IT network.

The Thales probe extracts metadata from network traffic (mirrored / SPAN data) and transmits it to the
analysing platform. The Thales architecture detects malicious content or data constellations that
indicate an attack by verifying the network traffic in real-time for all outbound communication with the
Internet.

Thales Malicious Threat Detection focuses on the characteristics of outbound communication of

malware or bots that has installed itself on devices and networks. This method provides an accurate
overview of advanced or targeted attacks (Advanced Persistent Threats = APTs) and malware that has
entered the onboard network through firewall systems.

Cybersecurity Services based on Artificial Intelligence (AI)

Artificial Intelligence (AI) is required to support the accurate input of “Threat Intelligence Data Base”
information and feeding the onboard cyber monitoring sensors. This is essential to avoid “False
Positives”, which could be even more severe than undetected attacks. Cybersecurity Services based on
AI machine learning support anomaly detection in systems communication.

AI needs to be provided to the Cybersecurity System on a pan-European basis. As military operations

are multinational the development and the usage of AI should also be multinational.

The Human Factor

Trained staff members understand the potential risks and are fully aware of the very strict and careful
behaviour necessary to avoid cyber attacks. This covers skills from the correct usage of private
smartphones to the restrictive handling of external and removable memories (USB stick).

Cyber attacks on ships are a realistic threat scenario. As our world becomes ever more digitally
connected the risk of such an attack is equally increasing. Potential risk factors need to be analyzed
and discussed, potential vectors of attack need to be known and put under constant surveillance.
Moreover, potential risk factors need to be minimized by heightening staff’s risk awareness and by

https://www.thalesgroup.com/en/germany/magazine/digital-technologies-and-cybersecurity-naval-applications Page 3 of 5
Digital Technologies and Cybersecurity in Naval Applications | Thales Group 27/03/24, 12:18 AM

applying strict rules with regard to the use of risky and private communication means aboard.

Maritime Solutions

Find out more

Shielding every naval vessel from cyberattacks

Read more

20 Mar 2024 18 Mar 2024 12 Mar 2024

Meet Gregory Addes, Chapter 1 : EARLY Hypersonic Threat

our Video Security WARNING Defence
and OnBoard solution
expert
Read more Read more Read more

SHARE THIS ARTICLE

All articles

https://www.thalesgroup.com/en/germany/magazine/digital-technologies-and-cybersecurity-naval-applications Page 4 of 5
Digital Technologies and Cybersecurity in Naval Applications | Thales Group 27/03/24, 12:18 AM

DEFENCE AND SECURITY DIGITAL IDENTITY AND SECURITY AEROSPACE SPACE TRANSPORTATION TRANSVERSE MARKETS

SPECIFIC SOLUTIONS

Social networks Contact us

Thales Headquarters
Send a message Address book
+33 (0) 1 57 77 80 00

GLOBAL MARKETS CAREER INVESTOR JOURNALIST CUSTOMER ONLINE SUPPLIER

© 2024 Thales Credits Terms of Use Privacy notice Sitemap Accessibility: partially accessible

https://www.thalesgroup.com/en/germany/magazine/digital-technologies-and-cybersecurity-naval-applications Page 5 of 5