Opinion: Now is the Time to Take Port Cyber Security Seriously

Locomotives, airplanes, container ships and bulk freighters, long-haul and short-haul trucks, anything that rolls, flies, or floats. No matter the vehicle, and no matter how it’s powered, chances are a port plays a critical role in beginning or ending its journey. From paying more at the gas pump to finding things from baby formula to cat food, we have witnessed firsthand what happens when the push and pull of supply and demand starts to break down. Ports are dedicated to ensuring that supply meets demand both in terms of finished goods and the raw materials for making them. When they break down, the ripples spread across the entire economy.

At this moment, on the periphery of the crisis unfolding in Ukraine, major bulk fuel suppliers in the ports of Antwerp and Hamburg are experiencing work stoppages because of cyber attacks. Regardless of the motive or responsible party, what occurred this week is an explicit example of how bad actors use attacks such as these to take advantage of a dire situation. While this attack may not have been on our shores, it can directly impact the United States’ and its allies’ ability to operate in the region, as well as apply needless stress on an already taxed economy. 

The American Association of Port Authorities (AAPA) highlighted in Congressional testimony the role cyber security plays in securing our ports. AAPA’s President Chris Connor recently emphasized that the dual threats of ransomware and COVID-induced supply and staffing stresses have “revealed what is already a problem…ship and port systems are connected to each other or the internet. A critical attack on any of these systems could have devastating economic consequences or even lead to the loss of life.”

This is not an exaggeration. The efficiency of current global economic systems is due in large part to interconnectedness and advanced analytics, both of which are powered by cyber infrastructure that is now thoroughly enmeshed with traditional port infrastructure. Connor further noted that “the maritime transportation system needs resources to harden their IT systems to prevent attacks and to respond appropriately when an attack does occur.”

The bad news is we have a problem, but the good news is we generally know what we need to address this: more resilient networks combined with better cyber detection and response capabilities.

The exact scope and scale of implementing this solution will differ from port to port, but through financial programs such as the Department of Homeland Security’s Port Security Grant Program and resources from the Office of Maritime Security at the Department of Transportation, the work can and must begin now.

Ports have played a crucial role in America’s growth and role in the world since its founding, but a time has come when these engines of economic and social power might become vulnerable in a crisis. Not all critical infrastructure is equally critical, and ports have the potential to be just as devastating when compromised or degraded as they are constructive when they are operating at their full potential. Malicious cyber actors are noticing that the toxic mix of ransomware, epidemics, and geopolitical instability in places like Ukraine, the South China Sea, or the Persian Gulf can make even simple attacks extremely effective.

It will not matter if our power grid is resilient if it can’t get the coal and natural gas to feed it. It will not matter how secure our smart devices are if they are sitting in shipping containers. It will not matter how cheap gas is if the pipelines that carry it are not functioning. And finally, it will not matter how much money is earmarked for addressing cyber security at ports if it is not spent wisely, and more importantly, before a crisis arrives, and judging by events in Europe, it may already be upon us.

Jason P. Atwell is the Principal Advisor of Global Intelligence at Mandiant, Inc. the global leader in dynamic cyber defense and response.