While human error is still the leading candidate for the two incidents, which resulted in multiple fatalities and severe damage to the two ships, the means and motive to use cyber attacks to disable the two vessels exist, the article notes, citing a large body of private and public sector research on the security of maritime systems, as well as more recent reports of "in the wild" GPS spoofing attacks on merchant vessels. Among the notable instances:
A 2013 report from a research team at the University of Texas successfully “spoofed” an $80 million private yacht using a GPS spoofing device to send misleading information to crew about the boat’s position and movements in the water. (https://news.utexas.edu/2013/07/30/spoofing-a-superyacht-at-sea)
What is believed to be the first “in the wild” GPS spoofing attack (https://www.marad.dot.gov/msci/alert/2017/2017-005a-gps-interference-black-sea/). In June, the U.S. Maritime Administration has issued a safety alert about an incident in the Black Sea described as “GPS interference” but elsewhere as “an apparent mass and blatant, GPS spoofing attack involving over 20 vessels.” GPS was displaying the vessels as located more than 25 nautical miles from their actual location, but crew could find no problem with the operation of the GPS devices.(http://maritime-executive.com/editorials/mass-gps-spoofing-attack-in-black-sea) The US Maritime Administration advised ships to “exercise caution when transiting this area.”
Proof of concept attacks to spoof AIS – the Automatic Identification System- technology that is installed on hundreds of thousands of ships globally and that is used for everything from ship-to-ship and ship to port communication to collision avoidance. Researchers at the 2014 Black Hat Briefings demonstrated how AIS spoofing and hijacking could be used to generate false alarms, or delay actual alerting (https://www.blackhat.com/docs/asia-14/materials/Balduzzi/Asia-14-Balduzzi-AIS-Exposed-Understanding-Vulnerabilities-And-Attacks.pdf). The technology, which was designed with pre-Internet security in mind, is insecure both in how it is implemented and in the design of the underlying protocol, researchers concluded.
Persistent reports about shoddy and outdated software and applications deployed on commercial and naval vessels — even those of recent vintage.(http://www.telegraph.co.uk/news/2017/06/27/hms-queen-elizabeth-running-outdated-windows-xp-software-raising/)
As for motive, the article considers the motivations of two likely actors, given the location of the collisions: North Korea and China. For the former, the article notes that all four ships involved in collisions since January have been equipped with Aegis anti-ballistic missile technology, which would be used to shoot down a missile test (or live attack) from the DPRK. In the case of China, the government recently complained bitterly about the USS McCain's sojourns into what China considers its territorial waters near Mischief Reef — an artificial island built by China. (http://www.news.com.au/world/china-protests-challenges-us-warship-near-its-artificial-islands/news-story/43784e65f8ab6461cbfad7d5a748775e)