Investigating the Security and Accessibility of Voyage Data Recorder Data using a USB attack

Authors

Avanthika Vineetha Harish, School of Engineering, Computing and Mathematics
K Tam, School of Engineering, Computing and Mathematics
K Jones

ORCID

• Vineetha Harish, Avanthika: 0000-0002-7352-5567
• Tam, Kimberly: 0000-0003-2840-5715

Abstract

"Voyage Data Recorders (VDR) or 'black boxes' for ships hold critical navigational and sensor data that can be used as evidence in an investigation. These systems have proven extremely useful in determining the cause of several previous shipping accidents. Considering the importance of the VDR and the increasing number of cyber-attacks in the maritime sector, the likelihood of it being attacked is high. This paper examines the security and accessibility of VDR data through a malicious USB device. A USB device is used after a series of tests, detailed in this paper, found it to be a viable way to compromise a VDR system. Intensive penetration testing was performed on a VDR, and this paper presents the four key highlights from the authors’ tests. The results show that realworld VDR data might not be secure from an insider threat with little to no cyber knowledge, and future VDRs may open that up to more outsider attackers. For a device like VDR, where confidentiality, integrity and availability of data are critical, a cyber-attack could therefore lead to serious repercussions."

Publication Date

2023-01-01

Embargo Period

2024-03-23

Organisational Unit

School of Engineering, Computing and Mathematics

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Recommended Citation

Vineetha Harish, A., Tam, K., & Jones, K. (2023) 'Investigating the Security and Accessibility of Voyage Data Recorder Data using a USB attack', Retrieved from https://pearl.plymouth.ac.uk/secam-research/1405