New Type of Threat to Maritime Security
This post is also available in: 
עברית (Hebrew)
Increasingly connected and automated vessels are becoming a cybersecurity challenge. In an incident last February, a deep draft vessel on an international voyage sailed into the Port of New York and New Jersey with its shipboard network impaired from an active cyberattack. Not surprisingly, the vessel was “operating without effective cybersecurity measures in place, exposing critical vessel control systems to significant vulnerabilities.”
The maritime industry has been discussing how emerging attack surfaces could increase the risk of cyberattacks capable of crippling ships – or even potentially hijacking autonomous vessels at sea – and the incident brought those conversations to the forefront.
Cybersecurity vendors have been addressing emerging risks for connected hull, mechanical and electrical (HM&E) systems. However, there is a glaring area of vulnerability on the port management side that has not been fully discussed or addressed: connected systems at US ports.
Currently, the management of ships in and out a port is primarily human directed. Most of the IoT systems being put in place to digitize this process were not built with security in mind and are very easy to penetrate. If those systems can be compromised, then high-risk security events could happen, such as having a bad actor tell the system to permit specific containers to pass through a port unsearched.
According to helpnetsecurity.com, there are several challenges with this regard: First, ports frequently fail to recognize that the skillset needed to manage the complexity that comes with technological advance is very different than what staff can manage, and the right skilled workers are usually out of reach due to budget constraints.
Secondly, there is great potential for efficiency by marrying the identity of a ship to its cargo to the dockworker checking it in to the truck picking up the cargo, but linking those together is very difficult. The only way to do it is through automation, but that connectivity creates a lot of risk that ports are ill-equipped to deal with.
Digital transformation requires all systems and sensors to be interconnected. The approach to interconnecting these on a shared network should use a ‘zero trust’ approach to segmenting network connectivity. Combined with high-assurance, authenticated identity, ports can ensure that anyone who gets on a network can’t go beyond where they are permitted.
