AI, Cybersecurity, and the Maritime Transportation System

 

I feel it in my fingers / I feel it in my toes

AI's all around me / And so the feeling grows

(with apologies to Reg Presley)

Artificial intelligence (AI) has been quietly playing a growing and important role in many aspects of the maritime transportation system (MTS) for several years. In some fashion or another, AI has been around for more than 70 years, although not reported widely in the public media until about a decade ago and finally seems to have hit critical mass in terms of public awareness this last year. 2023 has seen umpteen articles about AI in many aspects of life — not the least of it related to the actors' and writers' strikes in Hollywood — and everybody seems to have an opinion about what it is, whether it is an advancement for mankind or spawn of the devil,  and how it should be regulated and legislated.

AI refers to the combined intelligence of machines and software. It has been personified in science fiction primarily in the form of humanoid robots, such as in Isaac Asimov's Robot stories (1940-1955) and by Robby the Robot in the 1956 classic movie, Forbidden Planet. AI has been a serious academic and research discipline since the mid-1950s and the form has changed over time, reflecting changes in computer and peripheral device technology. It is probably fair to say that AI research began with the 1950 description of the Imitation Game by Alan Turing; the Turing Test is a metric of whether a human can have an interaction with a machine that is indistinguishable from an interaction with another human. There is some debate over whether Chat Generative Pre-trained Transformer (ChatGPT) has passed the Turing Test or not, but it is likely very close to doing so if it hasn't already.

Modern AI (post-2010) relies on deep learning, a combination of machine learning, big data, and neural networks. The digital revolution that began in the 1960s was key to the development of big data; by digitizing all forms of data and communications, we had the capability of building enormous data sets that could be searched, analyzed, and transformed in an infinite number of ways so as to become the learning database to AI systems. Neural networks refer to computers that can learn from the collective knowledge distributed within a network rather than relying solely on its own programming, first demonstrated as far back as 1952 by the Stochastic Neural Analog Reinforcement Calculator (SNARC). Today's AI research goals include advances in knowledge representation, reasoning, planning, natural language processing, and perception in order to build a machine that will demonstrate general intelligence and the ability to solve arbitrary problems. AI already plays an increasingly important role in all of our daily lives, although in ways that are often not obvious or unseen; common applications include advanced search engines, marketing and "recommendation" systems, human speech recognition, self-driving vehicles, authoring/artistic tools, strategic and serious games, and medical diagnostic and treatment tools.

As an example of how advanced AI can be, a computer scientist in England submitted patent applications to the Intellectual Property Office (IPO) on behalf of an AI that he invented. The IPO denied the applications in 2019, saying that only a person could be issued a patent. Although the inventor claimed that the AI was a "conscious and sentient form of machine intelligence," the UK Supreme Court upheld the IPO's decision in December 2023.

While these concepts appear to be far from maritime and cybersecurity, AI is already an integral element of both. It is probably not necessary to review all of the ways in which automation and autonomy in maritime is being powered by AI at some level, from smart ships, ports, and containers to fully autonomous navigation and vessels. But don't confuse automation and some forms of autonomy with AI. Many automatic systems are reading a series of sensors, dials, and other inputs; if the state of the system is X, then the action is Y. It's purely algorithmic. It's not intelligence, per se, but programming.

The interaction between AI and cybersecurity essentially falls into three categories, often called defensive, offensive, and adversarial. As the name implies, defensive AI refers to methods used to aid in cyberdefense. AI can aid in the detection of cyberfraud, anomalous e-mail messages or data traffic patterns, and phishing attempts. Intrusion detection and prevention, log analysis, and incident response and recovery strategies and procedures can be aided by the use of AI tools. Mitigation of denial-of-service (DoS) attacks and even the prediction of potential software vulnerabilities and zero-day exploits can benefit from analysis by AI tools. AI-driven risk management planning and patch management can be much more efficient and optimized compared to manually managing these processes.

Offensive AI refers to anti-defensive methods, used to aid in planning and carrying out cyberattacks. AI can gather information from the Internet in order to quickly generate highly personal and effective spearphishing messages and other forms of social engineering attacks. Mis- and disinformation almost seems to be a specialty of AI, given its ability to create well-written, plausible messages that sound both correct and definitive. AI makes simple work of deep fakes, data poisoning, and data traffic manipulation that can appear legitimate. Password cracking, automated hacking, and management of botnets is made much easier using AI tools.

The third form is adversarial AI (AAI), which are methods that directly attack other AI systems. AAI methods degrade, deny, deceive, or manipulate an AI system. There are many adversarial methods that can be employed such as attacking the model used by other AI systems, adding noise to the system with which to confuse the opposing AI, reprogramming or introducing errors into the other AI software, or poisoning the training data used by other AI systems.

The maritime transportation system has some unique cybersecurity needs only because of the unique environment in which we operate, and our unique information and operational technology systems. AI will become part of the cyber products, procedures, and strategies that we employ, just as it is in other industries and for the same reasons. AI will be able to detect, predict, and test potential vulnerabilities and attack schema faster than any person. AI will be able to produce and, even, predict, exploits, as well as defense mechanism faster than humans. It will also be able to detect and predict errors, as reported by Global Positioning System (GPS) and Automatic Identification System (AIS), and estimate trajectories of other vessels in real time. And AI will learn about maritime systems at record speed, so the learning curve will be a steep one learning to both attack and defend the MTS.

All stakeholders in the MTS are well-advised to learn how and where AI fits into their organizations, systems, and requirements. It is a safe bet that we will all need AI in our cyber defense but we can't count on that alone; we still need to focus on creating/maintaining a cybersafety culture, perform basic Cyber 101 properly, and focus on finding and mitigating vulnerabilities.

I will repeat a paraphrase that I have been saying for a lot of years: "Anyone who thinks that technology can solve their problem does not understand technology or their problem." It is imperative that we understand the role of AI and do not develop an over-reliance on (yet another) technology, particularly one that we (really!) don't understand. AI will be the basis of many tools to assist workers in the MTS but is a distance off from being a replacement.

Gary C. Kessler, Ph.D., CISSP is a principal consultant at Fathom5 and on the advisory board at Cydome. This article is excerpted and expanded from Maritime Cybersecurity: A Guide for Leaders and Managers, by Gary Kessler and Steve Shepard.