Taking a cruise vacation should be a laid back, care-free endeavor that allows one to unwind, have a few drinks, explore new countries, and get sunburned. For many, there is not much thought put in to how the cruise ships operate or how secure your stored information is on the ship. After all - you're on vacation. In this presentation, three leading cruise lines have been evaluated in several different security realms over the last 10 years. These areas include physical security, social engineering, wifi vulnerabilities, segregation of passenger network from operations network, financial transactions, information sanitization, and more. Some vulnerabilities are simple hacks to allow one to obtain free wifi, while others are more complex and allow one to explore the ship in more obscure ways. In this presentation, successes and failures of hacking the high seas will be shown.

Just a regular Joe with a background in network and information security, Chad M. Dewey is a Computer Science and Information Systems Professor at Saginaw Valley State University in Michigan. While his interests include all things security, he takes a particular interest in the security of "weird stuff" like medical equipment, automobiles, and cruise ships. Chad had participated in Intel's Automotive Security Research Board in January of 2016, along with 15 other security professionals, to test the security of automobile "In-Vehicle Infotainment Systems".

@chaddewey

Back to Derbycon 2016 video list