this post was submitted on 11 Sep 2024
667 points (98.3% liked)

Technology

59428 readers
3150 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

A U.S. Navy chief who wanted the internet so she and other enlisted officers could scroll social media, check sports scores and watch movies while deployed had an unauthorized Starlink satellite dish installed on a warship and lied to her commanding officer to keep it secret, according to investigators.

Internet access is restricted while a ship is underway to maintain bandwidth for military operations and to protect against cybersecurity threats.

The Navy quietly relieved Grisel Marrero, a command senior chief of the littoral combat ship USS Manchester, in August or September 2023, and released information on parts of the investigation this week.

you are viewing a single comment's thread
view the rest of the comments
[–] nednobbins@lemm.ee 35 points 2 months ago (6 children)

There's a much bigger story here.
Think about how hard it was to discover this access point. Even after it was reported and there was a known wi-fi network and the access point was known to be on a single ship, it took the Navy months to find it.

Starlink devices are cheap and it will be nearly impossible to detect them at scale. That means that anyone can get around censors. If the user turns off wi-fi, they'll be nearly impossible to detect. If they leave wi-fi on in an area with a lot of wi-fi networks it will also be nearly impossible to detect. A random farmer could have Starlink in their hut. A dissident (of any nation) could hide the dish behind their toilet.

As competing networks are launched, users will be able to choose from the least restricted network for any given topic.

[–] sugar_in_your_tea@sh.itjust.works 15 points 2 months ago (2 children)

But why was it hard? Surely they're accessing it w/ wifi, and scanning for wi-fi networks really isn't that hard. A military ship should have a good handle on what networks they expect, and they should be able to easily triangulate where the signal is coming from.

Also, military ships should have really strict accounting for what is brought on board. A Starlink receiver isn't particularly small, and it should be plainly obvious to security when that comes on-board.

I think it's awesome that Starlink is so accessible for the average joe, but that's a completely different topic than what's allowed on military property. This sounds like a pretty big, embarassing security fail for the US military, and more people than this individual should be reprimanded, if not fired.

[–] nednobbins@lemm.ee 11 points 2 months ago (1 children)

The original article goes into more detail https://www.navytimes.com/news/your-navy/2024/09/03/how-navy-chiefs-conspired-to-get-themselves-illegal-warship-wi-fi/

It sounds like there were over 15 people in on the scheme. At some point people noticed that there was some wi-fi network called "STINKY" and rumors started circulating about it. It took a while for those rumors to reach senior command. Then they changed the name to make it look like a printer, which further delayed the investigation.

It doesn't look like they actually scanned for the access point. I suspect that's because it would be hard on a ship. All the metal would reflect signals and give you a ton of false readings.

They only eventually found it when a technician was installing an authorized system (Starshield seems to be the version of Starlink approved for military use) and they discovered the unauthorized Starlink equipment.

The Starlink receivers have gotten fairly small. It seems like that was pretty easy to hide among all the other electronics on the ship.

[–] sugar_in_your_tea@sh.itjust.works 3 points 2 months ago (2 children)

So it's collusion by the people who should be monitoring for such things? Or just collusion by people in some position of power, but who aren't in charge of network security? I don't know much about the positions these people held.

Anyone directly involved should certainly be considered for disciplinary action, but there should be more safeguards here.

[–] nednobbins@lemm.ee 4 points 2 months ago

The original article said the Navy hadn't provided all the details.

It looks like those 15+ people included at least one person who should have been monitoring for such things and a bunch of people who wanted to follow sports.

They didn't give the password to most of the crew and they tried to keep the commanding officers in the dark. It sounds like everyone involved faced disciplinary action.

Those chiefs and senior chiefs who used, paid for, helped hide or knew about the system were given administrative nonjudicial punishment at commodore’s mast, according to the investigation.

It looks like that's an administrative process. https://jagdefense.com/practice-areas/non-judicial-punishmentarticle-15/ Potential penalties are listed near the bottom.

[–] Cethin@lemmy.zip 3 points 2 months ago

The person the article is about was a Chief, and the highest ranked enlisted person on the ship. She would have the respect of all the enlisted members, as well as all the officers. She would be trusted to do her job and not do something stupid like this. She easily had the ability to do this, but you wouldn't expect her to.

[–] Cethin@lemmy.zip 8 points 2 months ago

It was the Chief of the ship who installed it. She was the highest ranked enlisted person on the ship. She would have the access and ability to get just about anything on board that she wanted. The fact she was able to is easy to see. The fact the she was willing to and has obtained such a high rank is pretty impressive (and stupid).

[–] Rivalarrival@lemmy.today 7 points 2 months ago (1 children)

The degree of incompetence needed for SIGINT/ELINT operations to fail to discover such a transceiver for 6+ months strains credibility.

I'm guessing this is a ruse to convince adversaries that the Navy can't detect Starlink transceivers even when they are aboard their own ships. This is much more likely to be disinformation intended to drive adversaries to use Starlink than it is to be a legitimate failure of intelligence gathering.

[–] nednobbins@lemm.ee 1 points 2 months ago (1 children)

strains credibility

Not sure why.
Security professionals are constantly complaining about insiders violating security policies for stupid reasons.
Security publications and declassified documents are full of breaches that took way too long to discover.

The Navy may have great security protocols but it's full of humans that make mistakes. As they say, if you invent a foolproof plan, the universe will invent a better fool.

[–] Rivalarrival@lemmy.today 4 points 2 months ago* (last edited 2 months ago) (1 children)

Ok, so this is a bit different from taping your password to your monitor. Security has a problem with you doing that, but unless they come to your workstation, they have no way of knowing that you do this.

ELINT is kinda like a security camera, but instead of seeing lights, it sees transmitters. You know the frequencies of the communications transmitters on Navy ships, let's say they are analogous to blue lights. You know the frequencies of their radars, let's say they are green. During normal operation, you're expecting to see blue and green "lights" from your ship, and the other ships in your task force.

Starlink does not operate on the same frequencies as comms and radar. The "light" it emits is bright red, kinda like the blinking lights you see on cell towers at night.

So, you're sitting at the security desk, monitoring your camera feeds... And you just don't notice a giant red blinky light, strong enough to be seen from space, on the ship next to you in formation?

You're telling me that this warship never ran any EMCON drills, shutting off all of the "lights" it knows about, and looking to see if any shipboard transmitters remain unsecured?

You're right, I would expect users to bend and break unmonitored security protocols from time to time. I expect them to write down their password. I expect them to share their password, communicating it over insecure networks that aren't monitored by the security department. But operating a Starlink transmitter is basically equivalent to having the Goodyear blimp orbit your office building, projecting your password on its side for everyone to see.

The idea that ELINT operators missed seeing it for this long doesn't seem likely.

[–] aodhsishaj@lemmy.world 1 points 2 months ago (1 children)

Look at what her rank was, she was Chief of Ship. She also lied about what it was and was allowing other enlisted, likely sigint/elint to use the starlink for streaming away from port.

Simple low level fuckery on a naval vessel. The softest part of security are the squishy humans.

[–] Rivalarrival@lemmy.today 1 points 2 months ago* (last edited 2 months ago) (1 children)

Ok, I don't think you read what I wrote.

Everytime you read "Starlink", I want you to think about a flashing anti-collision beacon on a radio tower. Because that is what a Starlink transceivers looks like to every ELINT operator aboard, and on every nearby ship. Imagine a ship with a giant red blinky light on it, because that's what an ELINT technician would be seeing.

She would have had to have recruited every ELINT technician and supervisor aboard every vessel they sailed with to make this happen.

[–] aodhsishaj@lemmy.world 1 points 2 months ago* (last edited 2 months ago)

I upvoted what you wrote and also pointed out that there were 15 other enlisted involved

She could've very easily turned off or shielded the starlink when they went dark for inspection. Also if it's properly aligned and in the comms mast properly oriented it would've been hidden from most cursory sweeps.

There was absolutely a security failure here, but I also don't think that fellow NAVY vessels are as focused on other ships in the fleet when underway in peaceful waters.

https://www.military.com/daily-news/2024/09/06/navy-officer-demoted-after-installing-unauthorized-satellite-dish-warship-access-internet.html

[–] stupidcasey@lemmy.world 5 points 2 months ago (1 children)

Unless they just turn the satellites off over the country’s that don’t want them to avoid conflict or jam all signals because they do be that way.

[–] nednobbins@lemm.ee 4 points 2 months ago (1 children)

We're likely to see a variant of Moore's law when it comes to satellites. Launch costs will keep going down. Right now we have Starlink with a working satellite internet system and China with a nascent one. As the costs come down we'll likely see more and more countries, companies, organizations and individuals will be able to deploy their own systems.

A government would need to negotiate with every provider to get them to block signals over their country. Jamming is always hard. You could theoretically jam all communications or communications on certain frequency bands but it's not clear how you would selectively jam satellite internet.

[–] Serinus@lemmy.world 2 points 2 months ago (1 children)

Kessler Syndrome trumps this application of Moore's Law.

[–] nednobbins@lemm.ee 1 points 2 months ago

Maybe.

Kessler Syndrome doesn't impact the ability to produce or launch satellites.
It impacts the ability of satellites to function in orbit but it's not a fixed limit.

Humans have a pretty good track record of developing technologies that break through insurmountable theoretical barriers.

[–] dan@upvote.au 4 points 2 months ago (3 children)

it took the Navy months to find it.

I'm surprised they didn't hide the SSID... It's likely nobody would have even found the network then.

[–] person420@lemmynsfw.com 9 points 2 months ago (2 children)

You could easily scan for hidden SSIDs. It might not show up in your phone's wifi list, but that's by design. The traffic is still there and discoverable. Even with an app like WiFiman (made by Ubiquiti).

[–] Halcyon@discuss.tchncs.de 3 points 2 months ago* (last edited 2 months ago)

Disabling the wifi SSID broadcast might even increase the number of communication attempts between devices. Because all devices then must actively search for the network.

[–] dan@upvote.au 1 points 2 months ago (1 children)

How many regular people would know that, though?

[–] person420@lemmynsfw.com 4 points 2 months ago (1 children)

These aren't regular people, these are navy soldiers on a high tech warship, I have to imagine their IT would know how to find rogue wifi APs.

[–] WoodScientist@lemmy.world 1 points 2 months ago

So...mostly 18-24 year olds?

[–] nednobbins@lemm.ee 3 points 2 months ago

The original article says there were over 15 people involved https://www.navytimes.com/news/your-navy/2024/09/03/how-navy-chiefs-conspired-to-get-themselves-illegal-warship-wi-fi/

With that many people, it's only a matter of time before someone spills the beans.

There are several steps they could have taken to make it much harder to discover. I expect more and more people will take those steps and we'll never hear about it.

[–] Avatar_of_Self@lemmy.world 2 points 2 months ago

Effectively they did through obfuscation. The Command Chief renamed it to look like their wireless printers. She did that because so many more junior people (relative to the Chief's Mess) complained that the officers tried to check (with their phones) for some wifi Internet. They couldn't find it because they thought it was a printer. The Command Chief is obviously trusted since she's the most senior enlisted but she's also the one that lead the entire scheme. When asked directly by the Commander, she denied it existed, so after not finding it, they just assumed it was a rumor. So, they had a ship-wide call and told everyone that there was no rogue Internet access point on the ship.

It took months because when a tech from a port they were at was installing a Starshield transceiver they physically saw the Starlink transceiver.

[–] ikidd@lemmy.world 3 points 2 months ago

Oh, but there's more. Starlink will be offering 5G via satellite soon.

[–] LarmyOfLone@lemm.ee 1 points 2 months ago

I had (naively) hoped that starlink wouldn't even need a license to operate in a specific country. When their satellites eventually fully communicate between them without ground station it becomes incredibly powerful. Sort of like one of those ancient world wonders. Technology now allows to live and work everywhere in the world or on the ocean in seasteads.

Unfortunately it's owned by greedy oligarchs and the planned multiple constellations make a kessler syndrome more and more likely.