WSJ: Cyber tools discovered on tankers of the shadow fleet of Russia and Iran

The most disturbing episode was an attempt by administrators of one of the vessels to remotely delete data after US representatives boarded it.

This is an investigation based on materials from the US Coast Guard cyber units that examined captured or detained tankers, writes The Wall Street Journal.

On tankers of the so-called shadow fleet, which transport sanctioned oil from Russia and Iran, programs for remote access to ship systems and even attempts to remotely delete data after the ships were detained were found.

The vast majority of shadow fleet tankers in the world belong to Russia. The aggressor country uses this network to circumvent Western sanctions and export oil. Attacks on such vessels could increase pressure on one of the key sectors that finances the war against Ukraine.

“We have long known that the shadow fleet is a significant physical threat because they operate old ships without proper maintenance. But until these inspections, we did not know what cyber threats were hidden aboard these ships,” said Rear Admiral Jason Tama, head of the US Coast Guard Cyber ​​Command.

It turned out that the ships are often equipped with communication systems that provide a constant connection to the Internet. Also used are remote desktop access programs, such as AnyDesk and TeamViewer. This allows tanker owners and operators to remotely interfere with the operation of ship systems.

In addition, instructions for spoofing GPS data, modified network cables and equipment for transmitting false coordinates, several AIS (Automatic Identification System) systems were found, which allowed the ships to broadcast various identification data.

The most disturbing episode, according to the WSJ, was an attempt by administrators of one of the ships to remotely delete data after US representatives boarded it.

Pirated software infected with malware was found on some tankers. At the same time, infected computers were connected to the ship’s critical operating and navigation systems.

“For a ship carrying tens of millions of gallons of crude oil, which is very volatile, there is always a risk of fire and explosion. The atmosphere in the tanks must be very carefully controlled to prevent fire and explosion. And there is always a risk of oil spills,” explained Jason Tama.

According to the assessment of American services, this is a well-organized system with elements of cyber manipulation, remote control and concealment of evidence.