The U.S. Coast Guard has unveiled a new cybersecurity plan, the latest in an ongoing effort to protect U.S seaports and the commercial vessels in their waters from the rising risk of cyberattack.
While there has never been a high-profile cyberattack on U.S. ports, hackers have infiltrated the Port of Antwerp and at least one container line in the past five years. A cyberattack against a U.S. port could cripple a container terminal’s operations or give organized crime access to the $6 billion worth of goods those ports handle each day.
The coast guard’s Cyber Strategy, unveiled by Commandant Paul Zukunft Tuesday, will guide the coast guard's cyberefforts over the next decade.
The plan may be new, Zukunft said, but the coast guard’s strategy to defend commercial vessels and port terminal operators remains unchanged.
"Cyber is a new risk factor, but it does not interrupt long-standing and successful regimes for dealing with prevention and response to incidents," Zukunft said. "This isn't about looking for new authorities or missions. We're doing as we've done for 225 years. We're applying our existing authorities and skills to meet demand in emerging domains."
The guidelines don’t provide technical specifications, but they will help ports, terminals and carriers create a cyber-risk management strategy, he said. The focus on management is important, as the maritime industry needs not only to find ways to prevent itself from cyberattacks, but also how to operate after being hit.
The plan outlines three priorities: defending cyberspace, enabling operations and protecting infrastructure.
Managing risk was listed as the first objective of the cyberspace defence strategy.
Under the guidelines, ports, terminal operators and carriers are advised to first tap a point person to take responsibility of implementing the strategy. Then the stakeholders need to map their computer systems to gauge how much damage a cyberattack would inflict. The next step is to determine the computer systems’ vulnerability by finding out how the system could be hacked.
The Cyber Strategy stresses that all divisions of a company need to be involved in implementing a cybermanagement strategy, not just IT. If IT goes it alone, then only IT weaknesses and solutions are imposed.
The coast guard said it will incorporate risk information into existing vessel and facility security assessments conducted by private industry and port authorities.
The plan also stipulates that the coast guard will coordinate with the International Maritime Organization to include cybersecurity into required training for vessel and facility security officers. It noted that the agency will work with the U.S. Coast Guard Academy, merchant marine academies and training programs to incorporate cybersecurity into course work.
The maritime community has been slowly awakening to the threat of cyberattacks of late.
Ports handle roughly $6 billion worth of goods each day, Peretti said. They store vast amounts of data detailing every ton of cargo that passes through their waters. They’re open gateways to the United States. And they are often ill-equipped to prevent cyberattacks.
“We’re still in the wild, wild West of cybersecurity,” Peretti said.
Not only are cybercriminals attracted to ports’ commercial activity, Peretti said, but as many ports are government-owned or -operated, they are also prone to acts of terror and nation-state sabotage.
The U.S. government’s response to the threat has been found wanting by industry insiders and analysts alike. But that’s changing.
In February, President Obama signed an executive order, urging private companies to share potential network threats amongst each other and with the federal government.
The U.S. House of Representatives has passed legislation that would lay the framework for companies, including ocean carriers and port terminal operators, to share access to their networks with federal investigators. That bill, however, has been stalled in the Senate, falling four votes short of the necessary majority earlier this month.